npm - auth-verify - Versions diffs - 1.1.0 → 1.2.0 - Mend

auth-verify 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/index.js CHANGED Viewed

@@ -1,6 +1,7 @@
 const JWTManager = require("./src/jwt");
 const OTPManager = require("./src/otp");
 const SessionManager = require("./src/session");
+const OAuthManager = require("./src/oauth")
 class AuthVerify {
   constructor(options = {}) {
@@ -39,6 +40,8 @@ class AuthVerify {
     //   }
     // }
     // ✅ No getters — directly reference otp.dev (it's a plain object)
+    this.oauth = new OAuthManager();
   }
   // Session helpers

package/package.json CHANGED Viewed

@@ -12,7 +12,7 @@
     "uuid": "^13.0.0"
   },
   "name": "auth-verify",
-  "version": "1.1.0",
+  "version": "1.2.0",
   "description": "A simple Node.js library for sending and verifying OTP via email",
   "main": "index.js",
   "scripts": {

package/readme.md CHANGED Viewed

@@ -1,17 +1,15 @@
 # auth-verify
 **auth-verify** is a Node.js authentication utility that provides:
-- Secure OTP (one-time password) generation and verification
-- Sending OTPs via Email, SMS (pluggable helpers), and Telegram bot
-- JWT creation, verification and optional token revocation with memory/Redis storage
-- Session management (in-memory or Redis)
-- Developer extensibility: custom senders and `auth.register.sender()` / `auth.use(name).send(...)`
-> This README documents the code structure and APIs found in the library files you provided (OTPManager, JWTManager, SessionManager, AuthVerify).
+- ✅ Secure OTP (one-time password) generation and verification
+- ✅ Sending OTPs via Email, SMS (pluggable helpers), and Telegram bot
+- ✅ JWT creation, verification and optional token revocation with memory/Redis storage
+- ✅ Session management (in-memory or Redis)
+- ✅ New: OAuth 2.0 integration for Google, Facebook, GitHub, and X (Twitter)
+- ⚙️ Developer extensibility: custom senders and `auth.register.sender()` / `auth.use(name).send(...)`
 ---
-## Installation
+## 🧩 Installation
 ```bash
 # from npm (when published)
@@ -23,16 +21,16 @@ npm install auth-verify
 ---
-## Quick overview
+## ⚙️ Quick overview
 - `AuthVerify` (entry): constructs and exposes `.jwt`, `.otp`, and (optionally) `.session` managers.
 - `JWTManager`: sign, verify, decode, revoke tokens. Supports `storeTokens: "memory" | "redis" | "none"`.
 - `OTPManager`: generate, store, send, verify, resend OTPs. Supports `storeTokens: "memory" | "redis" | "none"`. Supports email, SMS helper, Telegram bot, and custom dev senders.
 - `SessionManager`: simple session creation/verification/destroy with memory or Redis backend.
+- `OAuthManager`: Handle OAuth 2.0 logins for Google, Facebook, GitHub, X
 ---
-## Example: Initialize library (CommonJS)
+## 🚀 Example: Initialize library (CommonJS)
 ```js
 const AuthVerify = require('auth-verify');
@@ -48,7 +46,7 @@ const auth = new AuthVerify({
 ---
-## JWT usage
+## 🔐 JWT Usage
 ```js
 // create JWT
@@ -71,7 +69,7 @@ await auth.jwt.revokeUntil(token, '10m');
 // check if token is revoked (returns boolean)
 const isRevoked = await auth.jwt.isRevoked(token);
 ```
-## 🍪 Automatic Cookie Handling (New in v1.1.0)
+### 🍪 Automatic Cookie Handling (v1.1.0+)
 You can now automatically store and verify JWTs via HTTP cookies — no need to manually send them!
 ```js
@@ -111,9 +109,9 @@ Notes:
 ---
-## OTP (email / sms / telegram / custom sender)
+## 🔢 OTP (email / sms / telegram / custom sender)
-### Configure sender
+### 🤝 Configure sender
 You can set the default sender (email/sms/telegram):
@@ -145,7 +143,7 @@ auth.otp.setSender({
 });
 ```
-### Generate → Save → Send (chainable)
+### ⛓️ Generate → Save → Send (chainable)
 OTP generation is chainable: `generate()` returns the OTP manager instance.
@@ -176,7 +174,7 @@ await auth.otp.message({
 });
 ```
-### Verify
+### ✔️ Verify
 ```js
 // Promise style
@@ -198,6 +196,128 @@ try {
 `resend` returns the new code (promise style) or calls callback.
+---
+## 🌍 OAuth 2.0 Integration (New in v1.2.0)
+`auth.oauth` supports login via Google, Facebook, GitHub, and X (Twitter).
+### Example (Google Login with Express)
+```js
+const express = require('express');
+const AuthVerify = require("auth-verify");
+const app = express();
+app.use(express.json());
+const auth = new AuthVerify({ jwtSecret: 's', storeTokens: 'memory'});
+const google = auth.oauth.google({clientId: 'YOUR_CLIENT_ID', clientSecret: 'YOUR_CLIENT_SECRET', redirectUri: 'http://localhost:3000/auth/google/callback'});
+app.get('/', async (req, res) => {
+      res.send(`
+    <h1>Login with Google</h1>
+    <a href="/auth/google">Login</a>
+  `);
+});
+app.get('/auth/google', (req, res) => google.redirect(res));
+app.get('/auth/google/callback', async (req, res)=>{
+    const code = req.query.code;
+    try {
+        const user = await google.callback(code);
+        res.send(`
+            <h2>Welcome, ${user.name}!</h2>
+            <img src="${user.picture}" width="100" style="border-radius:50%">
+            <p>Email: ${user.email}</p>
+            <p>Access Token: ${user.access_token.slice(0, 20)}...</p>
+        `);
+    } catch(err){
+        res.status(500).send("Error: " + err.message);
+    }
+});
+app.listen(3000, ()=>{
+    console.log('Server is running...');
+});
+```
+---
+### API documentation for OAuth
+ - `auth.oauth.google({...})` for making connection to your Google cloud app.
+ - `google.redirect(res)` for sending user/client to the Google OAuth page for verifying and selecting his accaount
+ - `google.callback(code)` for exchanging server code to the user/client token.
+### Other examples with other platforms
+```js
+const express = require('express');
+const AuthVerify = require("auth-verify");
+const app = express();
+app.use(express.json());
+const auth = new AuthVerify({ jwtSecret: 's', storeTokens: 'memory'});
+// --- Example: FACEBOOK LOGIN ---
+const facebook = auth.oauth.facebook({
+  clientId: "YOUR_FB_APP_ID",
+  clientSecret: "YOUR_FB_APP_SECRET",
+  redirectUri: "http://localhost:3000/auth/facebook/callback",
+});
+// --- Example: GITHUB LOGIN ---
+const github = auth.oauth.github({
+  clientId: "YOUR_GITHUB_CLIENT_ID",
+  clientSecret: "YOUR_GITHUB_CLIENT_SECRET",
+  redirectUri: "http://localhost:3000/auth/github/callback",
+});
+// --- Example: X (Twitter) LOGIN ---
+const twitter = auth.oauth.x({
+  clientId: "YOUR_TWITTER_CLIENT_ID",
+  clientSecret: "YOUR_TWITTER_CLIENT_SECRET",
+  redirectUri: "http://localhost:3000/auth/x/callback",
+});
+// ===== FACEBOOK ROUTES =====
+app.get("/auth/facebook", (req, res) => facebook.redirect(res));
+app.get("/auth/facebook/callback", async (req, res) => {
+  try {
+    const { code } = req.query;
+    const user = await facebook.callback(code);
+    res.json({ success: true, provider: "facebook", user });
+  } catch (err) {
+    res.status(400).json({ error: err.message });
+  }
+});
+// ===== GITHUB ROUTES =====
+app.get("/auth/github", (req, res) => github.redirect(res));
+app.get("/auth/github/callback", async (req, res) => {
+  try {
+    const { code } = req.query;
+    const user = await github.callback(code);
+    res.json({ success: true, provider: "github", user });
+  } catch (err) {
+    res.status(400).json({ error: err.message });
+  }
+});
+// ===== X (TWITTER) ROUTES =====
+app.get("/auth/x", (req, res) => twitter.redirect(res));
+app.get("/auth/x/callback", async (req, res) => {
+  try {
+    const { code } = req.query;
+    const user = await twitter.callback(code);
+    res.json({ success: true, provider: "x", user });
+  } catch (err) {
+    res.status(400).json({ error: err.message });
+  }
+});
+app.listen(PORT, () => console.log(`🚀 Server running at http://localhost:${PORT}`));
+```
 ---
 ## Telegram integration
@@ -281,9 +401,12 @@ auth-verify/
 ├─ package.json
 ├─ src/
 │  ├─ index.js         // exports AuthVerify
-│  ├─ jwt.js
-│  ├─ otp.js
-│  ├─ session.js
+│  ├─ jwt/
+|  |  ├─ index.js
+|  |  ├─ cookie/index.js
+│  ├─ /otp/index.js
+│  ├─ /session/index.js
+|  ├─ /oauth/index.js
 │  └─ helpers/helper.js
 ```

package/src/oauth/index.js ADDED Viewed

@@ -0,0 +1,180 @@
+// src/managers/oauth.js
+class OAuthManager {
+    constructor(config = {}) {
+        this.providers = config.providers || {};
+    }
+    // --- GOOGLE LOGIN ---
+    google({ clientId, clientSecret, redirectUri }) {
+        return {
+            redirect(res) {
+                const googleURL =
+                    "https://accounts.google.com/o/oauth2/v2/auth?" +
+                    new URLSearchParams({
+                        client_id: clientId,
+                        redirect_uri: redirectUri,
+                        response_type: "code",
+                        scope: "openid email profile",
+                        access_type: "offline",
+                        prompt: "consent",
+                    });
+                res.redirect(googleURL);
+            },
+            async callback(code) {
+                // Step 1: Exchange code for access token
+                const tokenRes = await fetch("https://oauth2.googleapis.com/token", {
+                    method: "POST",
+                    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+                    body: new URLSearchParams({
+                        client_id: clientId,
+                        client_secret: clientSecret,
+                        code,
+                        redirect_uri: redirectUri,
+                        grant_type: "authorization_code",
+                    }),
+                });
+                const tokenData = await tokenRes.json();
+                if (tokenData.error) throw new Error("OAuth Error: " + tokenData.error);
+                // Step 2: Get user info
+                const userRes = await fetch("https://www.googleapis.com/oauth2/v2/userinfo", {
+                    headers: { Authorization: `Bearer ${tokenData.access_token}` },
+                });
+                const user = await userRes.json();
+                return { ...user, access_token: tokenData.access_token };
+            },
+        };
+    }
+     // --- FACEBOOK LOGIN ---
+    facebook({ clientId, clientSecret, redirectUri }) {
+        return {
+            redirect(res) {
+                const fbURL =
+                    "https://www.facebook.com/v19.0/dialog/oauth?" +
+                    new URLSearchParams({
+                        client_id: clientId,
+                        redirect_uri: redirectUri,
+                        scope: "email,public_profile",
+                        response_type: "code",
+                    });
+                res.redirect(fbURL);
+            },
+            async callback(code) {
+                const tokenRes = await fetch(
+                    `https://graph.facebook.com/v19.0/oauth/access_token?` +
+                        new URLSearchParams({
+                            client_id: clientId,
+                            client_secret: clientSecret,
+                            redirect_uri: redirectUri,
+                            code,
+                        })
+                );
+                const tokenData = await tokenRes.json();
+                if (tokenData.error) throw new Error("OAuth Error: " + tokenData.error.message);
+                const userRes = await fetch(
+                    `https://graph.facebook.com/me?fields=id,name,email,picture&access_token=${tokenData.access_token}`
+                );
+                const user = await userRes.json();
+                return { ...user, access_token: tokenData.access_token };
+            },
+        };
+    }
+    // --- GITHUB LOGIN ---
+    github({ clientId, clientSecret, redirectUri }) {
+        return {
+            redirect(res) {
+                const githubURL =
+                    "https://github.com/login/oauth/authorize?" +
+                    new URLSearchParams({
+                        client_id: clientId,
+                        redirect_uri: redirectUri,
+                        scope: "user:email",
+                        allow_signup: "true",
+                    });
+                res.redirect(githubURL);
+            },
+            async callback(code) {
+                const tokenRes = await fetch("https://github.com/login/oauth/access_token", {
+                    method: "POST",
+                    headers: { "Content-Type": "application/json", Accept: "application/json" },
+                    body: JSON.stringify({
+                        client_id: clientId,
+                        client_secret: clientSecret,
+                        code,
+                        redirect_uri: redirectUri,
+                    }),
+                });
+                const tokenData = await tokenRes.json();
+                if (tokenData.error) throw new Error("OAuth Error: " + tokenData.error);
+                const userRes = await fetch("https://api.github.com/user", {
+                    headers: { Authorization: `Bearer ${tokenData.access_token}` },
+                });
+                const user = await userRes.json();
+                return { ...user, access_token: tokenData.access_token };
+            },
+        };
+    }
+    // --- X (TWITTER) LOGIN ---
+    x({ clientId, clientSecret, redirectUri }) {
+        return {
+            redirect(res) {
+                const twitterURL =
+                    "https://twitter.com/i/oauth2/authorize?" +
+                    new URLSearchParams({
+                        response_type: "code",
+                        client_id: clientId,
+                        redirect_uri: redirectUri,
+                        scope: "tweet.read users.read offline.access",
+                        state: "state123",
+                        code_challenge: "challenge",
+                        code_challenge_method: "plain",
+                    });
+                res.redirect(twitterURL);
+            },
+            async callback(code) {
+                const tokenRes = await fetch("https://api.twitter.com/2/oauth2/token", {
+                    method: "POST",
+                    headers: {
+                        "Content-Type": "application/x-www-form-urlencoded",
+                        Authorization:
+                            "Basic " + Buffer.from(`${clientId}:${clientSecret}`).toString("base64"),
+                    },
+                    body: new URLSearchParams({
+                        code,
+                        grant_type: "authorization_code",
+                        redirect_uri: redirectUri,
+                        code_verifier: "challenge",
+                    }),
+                });
+                const tokenData = await tokenRes.json();
+                if (tokenData.error) throw new Error("OAuth Error: " + tokenData.error);
+                const userRes = await fetch("https://api.twitter.com/2/users/me", {
+                    headers: { Authorization: `Bearer ${tokenData.access_token}` },
+                });
+                const user = await userRes.json();
+                return { ...user, access_token: tokenData.access_token };
+            },
+        };
+    }
+}
+module.exports = OAuthManager;

package/test.js CHANGED Viewed

@@ -153,23 +153,47 @@ app.use(express.json());
 const auth = new AuthVerify({ jwtSecret: 's', storeTokens: 'memory'});
+const google = auth.oauth.google({clientId: '145870939941-qgeskqo8qlaqqm1osed6f5r8bhl866qk.apps.googleusercontent.com', clientSecret: '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', redirectUri: 'http://localhost:3000/auth/google/callback'});
 app.get('/', async (req, res) => {
-    const token = await auth.jwt.sign({ id: 1, role: 'user' }, '1h', { res });
-    res.send(`JWT saved in cookie!`);
+      res.send(`
+    <h1>Login with Google</h1>
+    <a href="/auth/google">Login</a>
+  `);
 });
-app.get('/verify', async (req, res) => {
+app.get('/auth/google', (req, res) => google.redirect(res));
+app.get('/auth/google/callback', async (req, res)=>{
+    const code = req.query.code;
     try {
-        const data = await auth.jwt.verify({ headers: req.headers });
-        res.json({ valid: true, data });
-    } catch (err) {
-        res.status(401).json({ valid: false, error: err.message });
+        const user = await google.callback(code);
+        res.send(`
+            <h2>Welcome, ${user.name}!</h2>
+            <img src="${user.picture}" width="100" style="border-radius:50%">
+            <p>Email: ${user.email}</p>
+            <p>Access Token: ${user.access_token.slice(0, 20)}...</p>
+        `);
+    } catch(err){
+        res.status(500).send("Error: " + err.message);
     }
 });
 app.listen(3000, ()=>{
-    console.log('App is running')
+    console.log('Server is running...');
 });
+// app.get('/verify', async (req, res) => {
+//     try {
+//         const data = await auth.jwt.verify({ headers: req.headers });
+//         res.json({ valid: true, data });
+//     } catch (err) {
+//         res.status(401).json({ valid: false, error: err.message });
+//     }
+// });
+// app.listen(3000, ()=>{
+//     console.log('App is running')
+// });
 // auth.register.sender("consoleOtp", async ({ to, code }) => {
 //     console.log(`🔑 Sending OTP ${code} to ${to}`);