Shellfish

Class: TokenAuth

server.TokenAuth

Class representing a token-based authentication method. The authentication token is expected in the HTTP cookie AuthToken.

Tokens are runtime-associated with a user name until revoked and are only valid for a single source address.

// issue a new token for user "user" coming from "127.0.0.1"
const token = issueToken("user", "127.0.0.1");

// revoke that token, so that the user can no longer access areas
// requiting authorization
revokeToken(token);

new server.TokenAuth ()

tokenauth.js:49

Extends

Methods

authorizeCode (code)

tokenauth.js:186

Authorizes the given waiting code.

Name Type Description
code string

The code to authorize.

awaitToken (code, user, sourceAddress)Promise.<string>

tokenauth.js:140

Awaits the authorization of a given code before a token will be issued and returns a promise object for the token.

Name Type Description
code string

The authorization code.
user string

The user name associated with the new token.
sourceAddress string

The source address for which the new token will be valid.
Returns:
Type Description
Promise.<string> A promise for the new token.

issueTokenFor (user, sourceAddress)string

tokenauth.js:113

Issues a new authentication token valid for the given user and source address.

Name Type Description
user string

The user name associated with the new token.
sourceAddress string

The source address for which the new token will be valid.
Returns:
Type Description
string The new token.

revokeToken (token)

tokenauth.js:125

Revokes the given token. It will no longer be valid for authentication.

Name Type Description
token string

The token to revoke.