|
| 1 | +<p align="middle"> |
| 2 | + <img src="https://www.rifos.org/assets/img/logo.svg" alt="logo" height="100" > |
| 3 | +</p> |
| 4 | +<h3 align="middle"><code>express-did-auth</code></h3> |
| 5 | +<p align="middle"> |
| 6 | + Express DID Auth |
| 7 | +</p> |
| 8 | + |
| 9 | +``` |
| 10 | +npm i @rsksmart/express-did-auth |
| 11 | +``` |
| 12 | + |
| 13 | +This module includes a plug and play authentication framework to be used in Express applications, it implements the DID Authentication protocol designed by RIF Identity. |
| 14 | + |
| 15 | +## Usage |
| 16 | + |
| 17 | +This approach will add the following endpoints to your app: |
| 18 | +- GET `/request-signup/:did` |
| 19 | +- POST `/signup` |
| 20 | +- GET `/request-auth/:did` |
| 21 | +- POST `/auth` |
| 22 | +- POST `/refresh-token` |
| 23 | +- POST `/logout` |
| 24 | + |
| 25 | + |
| 26 | +```typescript |
| 27 | +import express from 'express' |
| 28 | +import setupApp from '@rsksmart/express-did-auth' |
| 29 | +import { SimpleSigner } from 'did-jwt' |
| 30 | + |
| 31 | +const privateKey = 'c9000722b8ead4ad9d7ea7ef49f2f3c1d82110238822b7191152fbc4849e1891' |
| 32 | + |
| 33 | +const serviceDid = 'did:ethr:rsk:0x8f4438b78c56B48d9f47c6Ca1be9B69B6fAF9dDa' |
| 34 | +const serviceSigner = SimpleSigner(privateKey) |
| 35 | +const challengeSecret = 'theSuperSecret' |
| 36 | +const serviceUrl = 'https://service.com' |
| 37 | + |
| 38 | +const app = express() |
| 39 | + |
| 40 | +const authMiddleware = setupApp({ challengeSecret, serviceUrl, serviceDid, serviceSigner })(app) |
| 41 | + |
| 42 | +app.get('/not-protected', function (req, res) { |
| 43 | + res.send('This endpoint is not authenticating') |
| 44 | +}) |
| 45 | + |
| 46 | +app.get('/protected', authMiddleware, function (req, res) { |
| 47 | + res.send('This endpoint is authenticating') |
| 48 | +}) |
| 49 | + |
| 50 | +const port = process.env.PORT || 5000 |
| 51 | + |
| 52 | +app.listen(port, () => logger.info(`My express API with did-auth running in ${port}`)) |
| 53 | +``` |
| 54 | + |
| 55 | +Check out more configuration options and usage details in our [RSK Developers Portal](https://developers.rsk.co/rif/identity/). |
| 56 | + |
| 57 | +## Test |
| 58 | + |
| 59 | +From base repo directory run `npm test` or any of the described [test script variants](../../README#test). |
| 60 | + |
| 61 | +## References |
| 62 | + |
| 63 | +- [Decentralized Identifiers (DIDs) v1.0](https://w3c.github.io/did-core/) |
| 64 | +- [Verifiable Credentials Data Model 1.0](https://www.w3.org/TR/vc-data-model/) |
| 65 | +- [RFC-1994 - PPP Challenge Handshake Authentication Protocol (CHAP)](https://tools.ietf.org/html/rfc1994) |
| 66 | +- [Verifiable Credentials JSON Schema Specification](https://w3c-ccg.github.io/vc-json-schemas/) |
| 67 | +- [The OAuth 2.0 Authorization Framework](https://tools.ietf.org/html/rfc6749) |
| 68 | +- [uPort selective disclosure implementation](https://developer.uport.me/flows/selectivedisclosure) |
0 commit comments