Skip to content

The one and only Two Factor Authentication Handler for Express.

License

Notifications You must be signed in to change notification settings

claude-abounegm/gatekeeper-express

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

gatekeeper-express

The one and only Two Factor Authentication Handler for Express.

Tested with Authy, Google Authenticator and Duo.

You shall not pass

Install

npm i gatekeeper-express

Peer dependencies

npm i lodash express


Requirements

  • express-session
  • passport (ie. req.user)
  • some rendering engine (vash, ejs, etc)

Usage

Middleware

'use strict';

const { GateKeeper } = require('gatekeeper-express');

const gateKeeper = new GateKeeper({
    appName: 'App',
    length: 64
});

app.use(
    gateKeeper.express({
        routePathPrefix: '/tfa',
        userIdPath: 'email',
        onSerialize: async (req, tfa) => {
            req.user.tfa = tfa;
            await req.user.save();
        },
        onDeserialize: async req => {
            return req.user.tfa;
        }
    })
);

View

GateKeeper uses res.render('two-fa') to render the page with qr image.

This is an example in Vash. Please adapt it to your app.

<div class="text-center">
    <h4 class="h4 text-gray-900 mb-3">Two Factor Authentication</h4>
</div>

<form autocomplete="off" action="@model.verifyUrl" method="POST" class="user">
    <input autocomplete="off" name="hidden" type="text" style="display:none;">
    @if (model.qrImage) {
        <div class="text-center mb-2">
            <img src="@model.qrImage">
        </div>
    }

    <div class="form-group">
        <input 
            type="text"
            class="form-control form-control-user"
            id="token-input"
            name="token"
            placeholder="Enter verification token...">
    </div>

    <button class="btn btn-primary btn-user btn-block" type="submit">Verify</button>
</form>

<script>$('#token-input').focus();</script>

AJAX

You can also use Ajax.

If you request /tfa with Ajax it will send back in JSON: { qrImage: string; verifyUrl: string; }

Do a POST request to verifyUrl and GateKeeper will send back a JSON object with a redirect url to use: { redirect: string; } if needed.


Reset

To reset a user's 2-fa, simply delete user.tfa.


Made with ❤ at Income Store in Lancaster, PA.

Releases

No releases published

Packages

No packages published