Log in users to your Express app. The module is part of Lockit.
npm install lockit-login
var Login = require('lockit-login');
var utils = require('lockit-utils');
var config = require('./config.js');
var db = utils.getDatabase(config);
var adapter = require(db.adapter)(config);
var app = express();
// express settings
// ...
// sessions are required - either cookie or some sort of db
app.use(cookieParser());
app.use(cookieSession({
secret: 'this is my super secret string'
}));
// create new Login instance
var login = new Login(config, adapter);
// use login.router with your app
app.use(login.router);
// listen to events [optional]
login.on('login', function(user, res, target) {
res.send('Welcome ' + user.name);
})More about configuration at Lockit.
- two-factor authentication
- track failed log in attempts
- lock account after too many failed login attempts
- track time and ip of log ins
- redirect unauthorized users to /login and save requested url to session
- input validation
- allow login with username and/or email
- GET /login
- POST /login
- POST /login/two-factor
- GET /logout
If you've set exports.rest in your config.js the module behaves as follows.
- all routes have
/restprepended GET /rest/loginisnext()ed and you can catch/loginon the clientPOST /rest/loginstays the same but sends JSONPOST /rest/login/two-factorstays the same but sends JSONGET /rest/logoutsends JSON and you can catch/logouton the client
grunt
MIT