History

Daniel Lockyer 265a8dd16f Added function names to more middleware refs `319f251ad2` - this helps debugging because all middleware in the stack will have a function name, so it'll show up instead of `<anonymous>`		2024-05-06 17:51:39 +02:00
..
lib	Added eslint rule for file naming convention	2023-05-09 12:34:34 -04:00
test	Updated Eslint ECMAScript compatibility to 2022	2022-08-09 15:51:40 +02:00
.eslintignore
.eslintrc.js	Remove trailing commas from .eslintrc.js files	2020-08-04 14:48:07 +01:00
index.js	Added eslint rule for file naming convention	2023-05-09 12:34:34 -04:00
package.json	Update dependency express to v4.19.2 [SECURITY]	2024-03-27 11:18:44 +01:00
README.md	Added function names to more middleware	2024-05-06 17:51:39 +02:00

README.md

Session From Token Middleware

Middleware to handle generating sessions from tokens, for example like with magic links, or SSO flows similar to SAML.

Usage

const sessionFromTokenMiddleware = require('@tryghost/mw-session-from-token')({
    callNextWithError: true,
    async createSession(req, res, user) {
        req.session.user_id = user.id;
    },
    async getTokenFromRequest(res) {
        return req.headers['some-cool-header'];
    },
    async getLookupFromToken(token) {
        await someTokenService.validate(token);
        const data = await someTokenService.getData(token);
        return data.email;
    },
    async findUserByLookup(lookup) {
        return await someUserModel.findOne({email: lookup});
    }
});

someExpressApp.get('/some/sso/url', someSessionMiddleware, sessionFromTokenMiddleware, function sessionFromTokenMiddleware(req, res, next) {
    res.redirect('/loggedin');
}, function nextMw(err, res, res, next) => {
    res.redirect('/error');
});