kvnneff / passwordless-rethinkdbstore Goto Github PK

12.0 5.0 4.0 19 KB

RethinkDB TokenStore for Passwordless

License: MIT License

JavaScript 100.00%

passwordless-rethinkdbstore's Introduction

Passwordless-RethinkDBStore

This module provides token storage for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means. Visit the project's website for more details.

Tokens are stored in a RethinkDB database and are hashed and salted using bcrypt by default. It is also possible to provide a different hashing library (see Initialization for an example).

Usage

First, install the module:

$ npm install passwordless-rethinkdbstore --save

Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

var passwordless = require('passwordless');
var RethinkDBStore = require('passwordless-rethinkdbstore');

passwordless.init(new RethinkDBStore({host: '127.0.0.1', port: 28015, db: 'main'}));

passwordless.addDelivery(
    function(tokenToSend, uidToSend, recipient, callback) {
        // Send out a token
    });

app.use(passwordless.sessionSupport());
app.use(passwordless.acceptToken());

Initialization

new RethinkDBStore([options], [hashLib]);

[options]: (Object) Optional. This can include options of the node.js RethinkDB client as described in the docs.
[hashLib] (Object) Optional. This can be specified in order to provide a custom hashing library. This object takes two functions: hash(token, cb) and verify(token, hashedToken, cb). The following example uses the hashing library Argon2.

var argon2 = require('argon2');
var store = new RethinkDBStore([options], {
    hash: function(token, cb) {
        argon2.generateSalt()
            .then(function(salt) {
                argon2.hash(token, salt)
                .then(cb.bind(null, null))
                .catch(cb);
            });
    },
    verify: function(token, hashedToken, cb) {
        argon2.verify(hashedToken, token)
            .then(function(match) {
                if (match) {
                    return cb(null, match);
                }
                else {
                    return cb();
                }
            })
            .catch(cb);
    }
});

Hash and salt

As the tokens are equivalent to passwords (even though only for a limited time) they have to be protected in the same way. By default passwordless-rethinkdbstore uses bcrypt with automatically created random salts. To generate the salt 10 rounds are used. Alternatively, a custom hash and verify function can be specified (see Initialization), which should call the respective functions of some secure hashing library (e.g. Argon2, winner of the Password Hashing Competition 2015).

Tests

$ npm test

License

MIT License

Author

River Grimm [email protected]

passwordless-rethinkdbstore's People

Contributors

Stargazers

Watchers

Forkers

proxiweb patrickkennedy ckiee manjufy

passwordless-rethinkdbstore's Issues

Can't logout when using session-rethinkdb

Starting with the simple-mail example app that comes with Passwordless, I'm readily able to incorporate passwordless-rethinkdbstore. Everything works: hooray!

But when I add session-rethinkdb to my app (to replace the in-memory session store), I lose the ability to log out. I know this is probably not passwordless-rethinkdbstore's fault but I wanted to make absolutely sure before going to bug the session-rethinkdb people, since passwordless-rethinkdbstore is my only use-case for session-rethinkdb.

Here's how I initialize passwordless-rethinkdbstore:

passwordless.init(new RethinkDBStore({host: '127.0.0.1', port: 28015, db: 'test'}));

And here's how I initialize express-session and session-rethinkdb:

app.use(expressSession({
  secret : '42',
  resave : true,
  saveUninitialized : false,
  store : new RDBStore(
      {
        connectOptions : {db : 'test', host : 'localhost', port : 28015},
        table : 'sessionTest',
        sessionTimeout : 30*86400000,
        flushInterval : 60000
      })
}));

Am I doing something wrong here? I'd prefer to use RethinkDB for sessions, since that's what I'm using for passwordless (and my app).

ReqlOpFailedError: Table `test.pwdless` is ambiguous;

When i run test i see error message:

ReqlOpFailedError: Table `test.pwdless` is ambiguous; there are multiple tables with that name in:
r.table("pwdless").delete()

@kvnneff could you fix this? It's should check table pwdless if it exist or not exist.

Use existing connection to rthinkdb.

I want to use this plugin with thinky.

Thanks thinky I already have a connection to the database. How can I use it for this plugin?

@kvnneff can you make the opportunity to transfer an existing connection in the options?

Update to rethinkdb 2.2.2

@kvnneff could you update repo for support latest rethinkdb version?

`RqlDriverError: Object field 'originUrl' may not be undefined`

I just hooked it up into the sample project and I get this error:

RqlDriverError: Object field 'originUrl' may not be undefined
    at new RqlDriverError (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/errors.js:14:13)
    at new MakeObject (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/ast.js:1527:15)
    at Function.<anonymous> (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/ast.js:3906:12)
    at Function.<anonymous> (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/util.js:39:16)
    at Table.<anonymous> (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/ast.js:1073:45)
    at Table.<anonymous> (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/util.js:60:16)
    at XXX/node_modules/passwordless-rethinkdbstore/lib/index.js:101:40
    at tryCatcher (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/util.js:24:31)
    at Promise.successAdapter (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/nodeify.js:22:30)
    at Promise._settlePromiseAt (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/promise.js:528:21)
    at Promise._settlePromises (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/promise.js:646:14)
    at Async._drainQueue (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/async.js:177:16)
    at Async._drainQueues (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/async.js:187:10)
    at Immediate.Async.drainQueues [as _onImmediate] (XXX/node_modules/passwordless-rethinkdbstore/node_modules/rethinkdb/node_modules/bluebird/js/main/async.js:15:14)
    at processImmediate [as _immediateCallback] (timers.js:361:17)

Any ideas?