@drmhse/authos-node 0.1.2 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +55 -14
  2. package/package.json +2 -2
package/README.md CHANGED
@@ -44,22 +44,25 @@ console.log(verified.claims);
44
44
 
45
45
  ### TypeScript Integration
46
46
 
47
- To get type support for `req.auth` in Express, you can extend the Request interface or use our utility type:
47
+ The `req.auth` type is automatically augmented when you import from `@drmhse/authos-node/express`. No manual setup required!
48
48
 
49
49
  ```ts
50
- import { Request } from 'express';
51
- import { TokenClaims } from '@drmhse/authos-node';
52
-
53
- // Extend Express Request
54
- declare global {
55
- namespace Express {
56
- interface Request {
57
- auth?: {
58
- claims: TokenClaims;
59
- token: string;
60
- };
61
- }
62
- }
50
+ import { createAuthMiddleware } from '@drmhse/authos-node/express';
51
+
52
+ // TypeScript knows about req.auth automatically
53
+ app.get('/profile', requireAuth(), (req, res) => {
54
+ const userId = req.auth?.claims.sub; // ✓ Typed correctly
55
+ res.json({ userId });
56
+ });
57
+ ```
58
+
59
+ If you need access to the token claims type directly:
60
+
61
+ ```ts
62
+ import { TokenClaims, VerifiedToken } from '@drmhse/authos-node';
63
+
64
+ function processUser(auth: VerifiedToken) {
65
+ console.log(auth.claims.email);
63
66
  }
64
67
  ```
65
68
 
@@ -189,6 +192,44 @@ app.get('/org/:slug/data',
189
192
  );
190
193
  ```
191
194
 
195
+ ## Understanding JWT Context
196
+
197
+ The middleware functions check claims embedded in the JWT by the client SDK during login:
198
+
199
+ | SDK Initialization | JWT Claims | Middleware to Use |
200
+ |-------------------|-----------|------------------|
201
+ | Platform-level (`baseURL` only) | `is_platform_owner: true` | `requirePlatformOwner()` |
202
+ | Multi-tenant (`baseURL` + `org` + `service`) | `org: 'slug'` | `requireOrganization()` |
203
+ | With permissions | `permissions: ['users:write', ...]` | `requirePermission()` |
204
+
205
+ ### How It Works
206
+
207
+ 1. **Client-side**: User logs in via `@drmhse/sso-sdk` or `@drmhse/authos-react`
208
+ 2. **JWT issued**: AuthOS embeds context (`org`, `service`, `is_platform_owner`) in claims
209
+ 3. **Server-side**: This package verifies the JWT and middleware checks the claims
210
+
211
+ ```ts
212
+ // Example: Route for organization admins only
213
+ app.get('/org/:slug/settings',
214
+ requireAuth(), // 1. Verify JWT signature
215
+ requireOrganization((req) => req.params.slug), // 2. Check org claim matches URL
216
+ (req, res) => {
217
+ // User is authenticated AND belongs to this org
218
+ res.json({ org: req.auth?.claims.org });
219
+ }
220
+ );
221
+
222
+ // Example: Route for platform owners only
223
+ app.get('/platform/analytics',
224
+ requireAuth(), // 1. Verify JWT signature
225
+ requirePlatformOwner(), // 2. Check is_platform_owner: true
226
+ (req, res) => {
227
+ // User is a platform owner
228
+ res.json({ data: '...' });
229
+ }
230
+ );
231
+ ```
232
+
192
233
  ## Webhook Verification
193
234
 
194
235
  Verify webhooks from AuthOS:
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@drmhse/authos-node",
3
- "version": "0.1.2",
3
+ "version": "0.1.4",
4
4
  "description": "Node.js server adapter for AuthOS authentication - Express middleware and token verification",
5
5
  "main": "dist/index.js",
6
6
  "module": "dist/index.mjs",
@@ -58,7 +58,7 @@
58
58
  }
59
59
  },
60
60
  "dependencies": {
61
- "@drmhse/sso-sdk": "^0.3.3"
61
+ "@drmhse/sso-sdk": "^0.3.10"
62
62
  },
63
63
  "devDependencies": {
64
64
  "@types/express": "^5.0.0",