@3merge/express-auth-middleware 中文文档教程

发布于 5年前 浏览 22 项目主页 更新于 3年前

Authentication middleware

正在进行中!

The user model

区分用户模型(首选方法)为所有文档分配一个kind 属性。 我建议也使用此模块中的装饰器函数来获取/设置基础中的属性。

Schema

PropertyTypeDescriptionDefault
activebooleanSystem-generated to keep track of "deleted" userstrue
email*stringSelf-explanatorynull
firstName*stringSelf-explanatorynull
frozenbooleanSomewhat of an alias for active, only setting it does not affect other propertiesfalse
langstringThe preferred locale (en-CA or fr-CA).en-CA
lastName*stringSelf-explanatorynull
loginAttemptsnumberUsed to block excessive login attempts (< 5)0
passwordpasswordUsed to authenticatenull
secret*stringUsed to read and write JWT tokens. Nullifying this would destroy all active sessionsnull
verifiedbooleanRepresents the validity of an email address. Login attempts are blocked without verificationfalse

Methods

NameDescriptionReturn
await Model.findByEmail(string)Lookup active users by email addressobject
await Model.findUnverifiedByEmail(string)Lookup unverified users by emailobject
await Model.findVerifiedByEmail(string)Lookup verified users by emailobject
await Model.findVerifiedById(string)Lookup verified users by idobject
await doc.setSecret()Generate secret tokenobject
await doc.verifyPassword(string, boolean)Compare string against stored password. Throws error if second parameter is trueboolean
await doc.deactivate()Deletes a user for most intents-and-purposesobject
doc.isBlockedIs the user allowed to login?boolean
doc.hasExpiredHas more than 24 hours elapsed since requesting verification?boolean
doc.isPermittedDoes the user have all the necessary properties to login?boolean

Authentication middleware

Work in progress!

The user model

Discriminating the user model, the preferred approach, assigns a kind property to all documents. I recommend using the decorator functions in this module to get/set properties in the base as well.

Schema

PropertyTypeDescriptionDefault
activebooleanSystem-generated to keep track of "deleted" userstrue
email*stringSelf-explanatorynull
firstName*stringSelf-explanatorynull
frozenbooleanSomewhat of an alias for active, only setting it does not affect other propertiesfalse
langstringThe preferred locale (en-CA or fr-CA).en-CA
lastName*stringSelf-explanatorynull
loginAttemptsnumberUsed to block excessive login attempts (< 5)0
passwordpasswordUsed to authenticatenull
secret*stringUsed to read and write JWT tokens. Nullifying this would destroy all active sessionsnull
verifiedbooleanRepresents the validity of an email address. Login attempts are blocked without verificationfalse

Methods

NameDescriptionReturn
await Model.findByEmail(string)Lookup active users by email addressobject
await Model.findUnverifiedByEmail(string)Lookup unverified users by emailobject
await Model.findVerifiedByEmail(string)Lookup verified users by emailobject
await Model.findVerifiedById(string)Lookup verified users by idobject
await doc.setSecret()Generate secret tokenobject
await doc.verifyPassword(string, boolean)Compare string against stored password. Throws error if second parameter is trueboolean
await doc.deactivate()Deletes a user for most intents-and-purposesobject
doc.isBlockedIs the user allowed to login?boolean
doc.hasExpiredHas more than 24 hours elapsed since requesting verification?boolean
doc.isPermittedDoes the user have all the necessary properties to login?boolean
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文