tokenstore - npm explorer

tokenstore

v0.0.4

Token store for web sessions

0/weekUpdated 3 years ago

Published by Simon Swain

npm install tokenstore

Repository Homepage npm

Tokenstore

Session tokens for Node.js

Version: 0.0.4

![Build Status](https://travis-ci.org/simonswain/tokenstore)

Use Case

Use Tokenstore to create tokens for your app to issue to a client.

Each token stores a reference to your entity ids and a JSON blob. Use
them to map a token to entities in your system.

Tokenstore uses Redis to store tokens and data.

Install

``bash npm install tokenstore`

`Usage`

`var config = { prefix: 'token', redis: { host: '127.0.0.1', port: 6379 } }; var Tokenstore = require('tokenstore'); var tokens = Tokenstore(config);`

All config fields are optional. The defaults are shown in the configabove. If you don't pass in a config object the defaults will be used.

`javascript var opts = { owner_id: 'some-id', attrs: {foo: 'bar'} }; tokens.add(opts, function(err, res){ // res = {token: 'xxx...'} }`

When you make the token, you need to supply an owner_id(this will map to user_id or something similar in your database -- a unique ID for the entity the token is being issued for.

attrs is arbitrary JSON. Probably best you keep it short.

The part of your app that uses Tokenstore should be using attrs as a starting point for a database query to get full details on the entity.

`API`

* reset*quit*add*getKey*get*set*del*delKey*list*makeHash*getHash*delHash

All methods take a callback that is called with err and result.

`$3`

Deletes all data

`$3`

Closes the Redis connection and exits.

`$3`

Adds a token and passes a key for you to reference the saved data.

token is an object describing what data to save

`javascript { key: 'xxxx', // optional to force the use of a specific key owner_id: 'xxxx', attrs: {} }``

Generally you will not supply key-- Tokenstore will make one for you.keys are 24 characters, generated by the uid2module asuid(24).

owner_id is an arbitrary string. It is intended to be a uuid.

attrsis a plain javascript object. It will be stringified and stored in Redis.

The option to provide a key exists so you can recreate tokens if required. e.g. for restoring a lost database. Thekeyyou supply must conform to the the length requirement (default is 24 characters).

The done callback will be passed (err, token). Token is an object like{key: 'xxxxxxxxxxxxxxxxxxxxxxxx'}containing the generated key.

Example returned token:

`javascript { owner_id: 'testowner', attrs: { foo: 'bar' }, key: 'BRRljWrPjD3OLEHHvy2vMFiA', id: '47fcb93b-34ed-4790-96d9-b6570f08626e' }`

ids are provided so you can reference tokens without exposing the key. Your app should be presentingids when talking to the user about tokens (e.g. listing all tokens you have issued them in a management screen).keys should only be used at the transport layer.

`$3`

Give you the token object found by key.

Example`javascript { owner_id: 'testowner', attrs: { foo: 'bar', baz: 'quxx' }, key: 'BeCLPziIdGDjAI3pKUPz3Tfg', id: '96ced110-a499-4b8f-940d-b4849e7f9738' }`

`$3`

Give you the token object found by token_id.

`$3`

Overwrites the existing attrs object of token_id.

`$3`

Deletes token by key.

`$3`

Deletes token id by token_id.

`$3`

Gives done an array of tokens owned by owner_id.

Example:

`javascript [ { key: 'forced678901234567890123', owner_id: 'testowner', attrs: { ping: 'pong' }, id: 'c3b575f1-06ce-48fb-ac30-9ff50413560d' }, { owner_id: 'testowner', attrs: { foo: 'bar', baz: 'quxx' }, key: 'BeCLPziIdGDjAI3pKUPz3Tfg', id: '96ced110-a499-4b8f-940d-b4849e7f9738' } ]`

`$3`

The Hash commands allow you to store some data and get back a hash referencing it.

Pass in your value, an optional ttlin seconds (hash will expire after this many seconds) and you will be given back an 8 character hash.

done(err, hash)

You can use this to implement things like Lost My Password system. Once you have looked up a user by email address, makeHash, email them the hash. Then you can use getHash to confirm they are valid and to look up their user details.

`$3`

Pass in a hash created by makeHash and get back the data you passed in.

`$3`

Delete the hash and it's data.

`Hacking`

Install and run the tests

`bash git clone git@github.com:simonswain/tokenstore.git cd tokenstore npm install grunt``

Release History

* 27/10/2014 0.0.2
* 04/11/2014 0.0.3
* 26/02/2015 0.0.4 Removed Hiredis

License

Copyright (c) 2014 Simon Swain

Licensed under the MIT license.