npm - impulse-api - Versions diffs - 3.0.4 → 3.0.6 - Mend

impulse-api 3.0.4 → 3.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.json CHANGED Viewed

@@ -12,7 +12,7 @@
     "test": "nyc --reporter=lcov --reporter=text-summary mocha",
     "test-server": "node ./test/integration/test-server.js"
   },
-  "version": "3.0.4",
+  "version": "3.0.6",
   "engines": {
     "node": ">=22"
   },
@@ -25,7 +25,6 @@
     "jsonwebtoken": "8.5.1",
     "lodash": "4.17.21",
     "morgan": "1.10.0",
-    "multer": "1.4.5-lts.2",
     "path-to-regexp": "0.1.12"
   },
   "devDependencies": {

package/readme.md CHANGED Viewed

@@ -95,16 +95,94 @@ Impulse-Api comes with [JSON web token](https://www.npmjs.com/package/jsonwebtok
 Additionally, any variables that are encoded in the token are accessible once the token has been decoded via `inputs.decoded`.
-Token generation is handled via `Impulse.Auth` which again utilizes the [JSON web token](https://www.npmjs.com/package/jsonwebtoken) package.
+#### Token Generation
+Token generation is handled via the `Auth` class. You must create an `Auth` instance with your `secretKey`, then you can generate and verify tokens without passing the secret key on every call.
+```js
+const Impulse = require('impulse-api');
+const Auth = Impulse.Auth;
+// Create an Auth instance with your secret key
+const auth = new Auth('your-secret-key');
+// Generate a token (no need to pass secretKey again)
+const token = auth.generateToken({
+    userId: '123',
+    username: 'john.doe',
+    role: 'admin'
+});
+// Verify a token (no need to pass secretKey again)
+const decoded = auth.verifyToken(token);
+console.log(decoded.userId); // '123'
+console.log(decoded.username); // 'john.doe'
+```
+**Important:** The `Auth` class requires a `secretKey` in the constructor. If you don't provide one, it will throw an error.
+```js
+// This will throw an error
+const auth = new Auth(); // Error: Auth instance must be initialized with secretKey
+// This is correct
+const auth = new Auth('your-secret-key');
+```
+When using the server with `secretKey` in the config, the server automatically creates an `Auth` instance internally. You can also create your own `Auth` instances for token generation in your application code (e.g., in login routes).
+**Example: Login Route**
+Here's a complete example of a login route that generates tokens:
 ```js
-const { Auth } = require('impulse-api');
-{ decode: [Function],
-  verify: [Function],
-  sign: [Function],
-  JsonWebTokenError: [Function: JsonWebTokenError],
-  NotBeforeError: [Function: NotBeforeError],
-  TokenExpiredError: [Function: TokenExpiredError] }
+// routes/auth.js
+const Impulse = require('impulse-api');
+const Auth = Impulse.Auth;
+// Create Auth instance with your secret key (same as server config)
+const auth = new Auth(process.env.SECRET_KEY || 'your-secret-key');
+exports.login = {
+    name: 'login',
+    description: 'User login endpoint',
+    method: 'post',
+    endpoint: '/api/login',
+    version: 'v1',
+    inputs: {
+        email: {
+            required: true,
+            validate: (val) => typeof val === 'string' && val.includes('@')
+        },
+        password: {
+            required: true
+        }
+    },
+    run: (services, inputs, next) => {
+        // Authenticate user (check database, etc.)
+        const user = services.userService.authenticate(inputs.email, inputs.password);
+        if (!user) {
+            return next(401, { error: 'Invalid credentials' });
+        }
+        // Generate token with user data
+        const token = auth.generateToken({
+            userId: user.id,
+            email: user.email,
+            role: user.role
+        });
+        next(200, {
+            token,
+            user: {
+                id: user.id,
+                email: user.email,
+                role: user.role
+            }
+        });
+    }
+};
 ```
 #### Custom JWT Validation

package/src/api.js CHANGED Viewed

@@ -1,6 +1,6 @@
 const Server = require('./server');
 const Errors = require('./errors');
-const JSONWebToken = require('jsonwebtoken');
+const Auth = require('./auth');
 class Api {
     constructor(config) {
@@ -10,6 +10,6 @@ class Api {
 }
 Api.Errors = Errors;
-Api.Auth = JSONWebToken;
+Api.Auth = Auth;
 module.exports = Api;

package/src/server.js CHANGED Viewed

@@ -1,6 +1,5 @@
 const fs = require('fs');
 const express = require('express');
-const multer = require('multer');
 const cors = require('cors');
 const morgan = require('morgan');
 const pathToRegexp = require('path-to-regexp');
@@ -475,11 +474,10 @@ class Server {
                     method = route.method.toLowerCase();
                     verb = (verbMap[method]) ? verbMap[method] : method;
-                    if (verb === 'post' || verb === 'patch' || verb === 'put') {
-                        this.http[verb](route.endpoint, multer().none(), this.preprocessor.bind(this, route));
-                    } else {
-                        this.http[verb](route.endpoint, this.preprocessor.bind(this, route));
-                    }
+                    // express-fileupload handles multipart/form-data (including files)
+                    // express.json() handles JSON bodies
+                    // multer().none() is not needed and conflicts with file uploads
+                    this.http[verb](route.endpoint, this.preprocessor.bind(this, route));
                 });
             });