All Projects → keratin → Authn Js

keratin / Authn Js

Licence: lgpl-3.0
JavaScript client library for Keratin AuthN

Programming Languages

javascript
184084 projects - #8 most used programming language

Projects that are alternatives of or similar to Authn Js

Pizzly
The simplest, fastest way to integrate your app with an OAuth API 😋
Stars: ✭ 796 (+2111.11%)
Mutual labels:  api-client, authentication
Blockchain Anchor
A Node.js library for anchoring data onto the Bitcoin blockchain and confirming anchored data on Bitcoin and Ethereum.
Stars: ✭ 32 (-11.11%)
Mutual labels:  api-client
App Search Node
Elastic App Search Official Node.js Client
Stars: ✭ 29 (-19.44%)
Mutual labels:  api-client
Django Auth Example
Sample project for my talk at DjangoCongress JP 2018.
Stars: ✭ 30 (-16.67%)
Mutual labels:  authentication
Jetweet
Jetweet is a mini twitter clone with basic functionalities, Made using ASP.NET CORE and Entity framework technologies
Stars: ✭ 29 (-19.44%)
Mutual labels:  authentication
Craft Twofactorauthentication
Craft plugin for two-factor or two-step login using Time Based OTP.
Stars: ✭ 31 (-13.89%)
Mutual labels:  authentication
Sevenbridges R
Seven Bridges API Client, CWL Schema, Meta Schema, and SDK Helper in R
Stars: ✭ 27 (-25%)
Mutual labels:  api-client
Adyen Ruby Api Library
Adyen API Library for Ruby
Stars: ✭ 35 (-2.78%)
Mutual labels:  api-client
Authomatic
Simple yet powerful authorization / authentication client library for Python web applications.
Stars: ✭ 962 (+2572.22%)
Mutual labels:  authentication
Bottle Jwt
JWT Authentication Plugin for bottle.py applications.
Stars: ✭ 30 (-16.67%)
Mutual labels:  authentication
Flask Httpauth
Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes
Stars: ✭ 951 (+2541.67%)
Mutual labels:  authentication
Hapi Auth Keycloak
JSON Web Token based Authentication powered by Keycloak
Stars: ✭ 29 (-19.44%)
Mutual labels:  authentication
Nativescript Azure Mobile Apps
☁️ NativeScript plugin for working with Microsoft Azure Mobile Apps services
Stars: ✭ 31 (-13.89%)
Mutual labels:  authentication
Python Adguardhome
Asynchronous Python client for the AdGuard Home API
Stars: ✭ 29 (-19.44%)
Mutual labels:  api-client
Cricinfo
Python library for accessing information from http://cricinfo.com (Live scores and updates)
Stars: ✭ 32 (-11.11%)
Mutual labels:  api-client
Checkout Sdk Node
Checkout.com SDK for Node.js. Documentation here:
Stars: ✭ 28 (-22.22%)
Mutual labels:  api-client
Gensio
A library to abstract stream I/O like serial port, TCP, telnet, UDP, SSL, IPMI SOL, etc.
Stars: ✭ 30 (-16.67%)
Mutual labels:  authentication
Vue Auth Boilerplate
🔑 Vue.js scalable boilerplate with user authentication.
Stars: ✭ 31 (-13.89%)
Mutual labels:  authentication
Frost Client
Frost Client helps you to easily integrate your applications with Po.et's API.
Stars: ✭ 35 (-2.78%)
Mutual labels:  api-client
Django Two Factor Auth
Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects.
Stars: ✭ 967 (+2586.11%)
Mutual labels:  authentication

Keratin AuthN

Keratin AuthN is an authentication service that keeps you in control of the experience without forcing you to be an expert in web security.

This library provides utilities to help integrate with AuthN from the browser. If you are running a Ruby backend, you may also be interested in keratin/authn-rb for backend integration.

npm Build Status

Persistence Options

KeratinAuthN offers two persistence modes, each useful to a different type of application:

  1. LocalStorage: Configuring setLocalStorageStore(name: string) adds localStorage-backed persistence. This is useful for client-side applications that do not rely on server-side rendering to generate a personalized page. The client is responsible for reading from KeratinAuthN.session() and adding the session token to any backend API requests, probably as a header.

  2. Cookie: Configuring setCookieStore(name: string, opts?: object) adds support for cookie-backed persistence. This is useful for applications that rely on server-side rendering, but also requires the application to implement CSRF protection mechanisms. By passing an additional object to setCookieStore(...) it is also possible to configure the cookies path and SameSite attributes. For example, setCookieStore("authn-token", {path: "/admin", sameSite: "Strict"}) will restrict the cookie to /admin and will exclude it from third-party top-level navigations. If sameSite is not provided the browser will choose it's default value.

Installation

KeratinAuthN currently depends on CORS support. Future versions may add backwards compatibility, depending on demand.

KeratinAuthN also requires global support for ES6 Promises. You can get a polyfill from stefanpenner/es6-promise.

Vanilla JS

You can load KeratinAuthN directly from the CDN:

<script src="https://unpkg.com/keratin-authn/dist/keratin-authn.min.js"></script>

Alternately, you can download and bundle it according to your vendoring process.

NPM or Yarn

Fetch the node module from NPM:

  • yarn add keratin-authn
  • (or npm install keratin-authn --save)

Configuration

// Configure where to connect with your AuthN service.
KeratinAuthN.setHost(url: string): void
// Configure AuthN to read and write from a named cookie for session persistence.
// Will not check for an existing cookie. See `restoreSession`.
KeratinAuthN.setCookieStore(name: string, opts?: {path?: string, sameSite?: 'Lax' | 'Strict' | 'None'}): void
// Configure AuthN to read and write from localStorage for session persistence. In private browsing
// mode with old versions of Safari and Android Browser (not Chrome), this will fall back to a
// simple memory storage that is lost on page refresh.
// Will not check for an existing cookie. See `restoreSession`.
KeratinAuthN.setLocalStorageStore(name: string): void

API

Use the following API methods to integrate your AuthN service:

// Check the configured storage for an existing session. If a session is found but might be stale,
// then refresh it. The promise is fulfilled if a session is restored.
KeratinAuthN.restoreSession(): Promise<void>
// Attempt to import a session from AuthN. This is a more aggressive strategy than restoreSession,
// because it does not check for an existing session before invoking the refresh API.
KeratinAuthN.importSession(): Promise<void>
// Get the session (as a JWT) found in AuthN's current session store. There is no guarantee this
// session will be valid or fresh, especially on page load while restoreSession is working.
KeratinAuthN.session(): string | undefined
// Returns a Promise that is fulfilled when a successful signup has established a session.
// May error with field-specific validation failures.
KeratinAuthN.signup(obj: {username: string, password: string}): Promise<void>
// Returns a Promise that is fulfilled when a successful login has established a session.
// May error with generic validation failures.
KeratinAuthN.login(obj: {username: string, password: string}): Promise<void>
// Returns a Promise that is fulfilled when the AuthN session has been terminated.
// Automatically ends the session in AuthN's current session store.
KeratinAuthN.logout(): Promise<void>
// Returns a Promise that is fulfilled with a boolean indicating whether the username is available.
// The promise rejects when availability can not be determined, as with network errors.
KeratinAuthN.isAvailable(username: string): Promise<boolean>
// Requests a password reset for the given username and _always claims to succeed_.
// If this truly succeeds, AuthN will send a reset token to your server for email delivery.
KeratinAuthN.requestPasswordReset(username: string): Promise<>
// Changes the password of the currently logged-in user.
// Establishes a session.
// May error with password validations, or an invalid currentPassword.
KeratinAuthN.changePassword(obj: {password: string, currentPassword: string}): Promise<void>
// Resets the password of a user who is unable to log in.
// Must be given a token generated through `requestPasswordReset`.
// Establishes a session.
// May error with password validations, or invalid/expired tokens.
KeratinAuthN.resetPassword(obj: {password: string, token: string}): Promise<void>
// Requests a session token for the given username and _always claims to succeed_.
// If this truly succeeds, AuthN will send a session token to your server for email delivery.
KeratinAuthN.requestSessionToken(username: string): Promise<>
// Establishes a session with the session token.
// May error with invalid/expired tokens, or if a login (username/password) is made after request the
// token.
KeratinAuthN.sessionTokenLogin(obj: {token: string}): Promise<void>

Development

Embrace the TypeScript!

Run tests with gulp test.

You can also load and run tests in a browser, but you'll need to serve them on a domain (not file:///) so that cookies function properly. The quickest method is python -m SimpleHTTPServer, then opening localhost:8000/test/runner.html in your browser.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/keratin/authn-js. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].