npm - mbkauthe - Versions diffs - 1.4.2 → 2.0.1 - Mend

mbkauthe 1.4.2 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/.env.example +1 -10
package/README.md +3 -3
package/docs/api.md +69 -3
package/docs/db.md +0 -6
package/env.md +69 -1
package/lib/main.js +378 -182
package/lib/pool.js +2 -2
package/lib/validateSessionAndRole.js +22 -47
package/package.json +6 -3
package/public/bg.avif +0 -0
package/public/main.js +5 -7
package/views/2fa.handlebars +6 -6
package/views/Error/dError.handlebars +3 -3
package/views/info.handlebars +13 -10
package/views/loginmbkauthe.handlebars +55 -13
package/views/sharedStyles.handlebars +1 -1
package/views/showmessage.handlebars +1 -1

package/.env.example CHANGED Viewed

@@ -1,12 +1,3 @@
-mbkautheVar='{
-    "APP_NAME": "MBKAUTH",
-    "SESSION_SECRET_KEY": "your-session-secret-key",
-    "IS_DEPLOYED": "true",
-    "LOGIN_DB": "postgres://username:password@host:port/database",
-    "MBKAUTH_TWO_FA_ENABLE": "false",
-    "COOKIE_EXPIRE_TIME": 2,
-    "DOMAIN": "yourdomain.com",
-    "loginRedirectURL": "/admin"
-}'
+mbkautheVar={"APP_NAME":"mbkauthe","Main_SECRET_TOKEN": 123,"SESSION_SECRET_KEY":"123","IS_DEPLOYED":"true","LOGIN_DB":"postgres://","MBKAUTH_TWO_FA_ENABLE":"true","COOKIE_EXPIRE_TIME":2,"DOMAIN":"mbktech.org","loginRedirectURL":"/mbkauthe/test","GITHUB_LOGIN_ENABLED":"true","GITHUB_CLIENT_ID":"","GITHUB_CLIENT_SECRET":""}
 # See env.md for more details

package/README.md CHANGED Viewed

@@ -6,7 +6,7 @@
 [![Publish to npm](https://github.com/MIbnEKhalid/mbkauthe/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/MIbnEKhalid/mbkauthe/actions/workflows/publish.yml)
 [![CodeQL Advanced](https://github.com/MIbnEKhalid/mbkauthe/actions/workflows/codeql.yml/badge.svg?branch=main)](https://github.com/MIbnEKhalid/mbkauthe/actions/workflows/codeql.yml)
-**MBKAuth** is a reusable, production-ready authentication system for Node.js applications built by MBKTechStudio. It provides secure session management, two-factor authentication (2FA), role-based access control, and multi-application support out of the box.
+**MBKAuth** is a reusable, production-ready authentication system for Node.js applications built by MBKTech.org. It provides secure session management, two-factor authentication (2FA), role-based access control, and multi-application support out of the box.
 ## ✨ Features
@@ -313,8 +313,8 @@ Found a bug or need help? Please [open an issue](https://github.com/MIbnEKhalid/
 - [npm Package](https://www.npmjs.com/package/mbkauthe)
 - [GitHub Repository](https://github.com/MIbnEKhalid/mbkauthe)
-- [MBKTechStudio](https://mbktechstudio.com)
+- [MBKTech.org](https://mbktech.org)
 ---
-Made with ❤️ by [MBKTechStudio](https://mbktechstudio.com)
+Made with ❤️ by [MBKTech.org](https://mbktech.org)

package/docs/api.md CHANGED Viewed

@@ -328,10 +328,77 @@ Displays MBKAuthe version information and configuration.
 #### `GET /mbkauthe/main.js`
-Serves the client-side JavaScript file.
+Serves the client-side JavaScript file containing helper functions for authentication operations.
+**Purpose:** Provides frontend JavaScript utilities including:
+- `logout()` - Logout function with confirmation dialog and cache clearing
+- `logoutuser()` - Alias for logout function
+- `nuclearCacheClear()` - Comprehensive cache and storage clearing (preserves rememberedUsername)
+- `getCookieValue(cookieName)` - Cookie retrieval helper
+- `loadpage(url)` - Page navigation helper
+- `formatDate(date)` - Date formatting utility
+- `reloadPage()` - Page reload helper
+- `checkSession()` - Session validity checker
 **Response:** JavaScript file (Content-Type: application/javascript)
+**Usage:**
+```html
+<script src="/mbkauthe/main.js"></script>
+<button onclick="logout()">Logout</button>
+```
+**Main Functions:**
+**`logout()`**
+- Shows confirmation dialog before logout
+- Clears all caches except rememberedUsername
+- Calls `/mbkauthe/api/logout` endpoint
+- Redirects to home page on success
+**`nuclearCacheClear()`**
+- Clears service workers and cache storage
+- Clears localStorage and sessionStorage (preserves rememberedUsername)
+- Clears IndexedDB
+- Clears cookies
+- Forces page reload
+---
+#### `GET /mbkauthe/test`
+Test endpoint to verify authentication and display user session information.
+**Authentication:** Session required
+**Rate Limit:** 8 requests per minute
+**Response:** HTML page displaying:
+- Current username
+- User role
+- Logout button
+- Quick links to info and login pages
+**Example Response:**
+```html
+<head>
+  <script src="/mbkauthe/main.js"></script>
+</head>
+<p>if you are seeing this page than User is logged in.</p>
+<p>id: '${req.session.user.id}', UserName: '${req.session.user.username}', Role: '${req.session.user.role}', SessionId: '${req.session.user.sessionId}'</p>
+<button onclick="logout()">Logout</button><br>
+<a href="/mbkauthe/info">Info Page</a><br>
+<a href="/mbkauthe/login">Login Page</a><br>
+```
+**Usage:**
+```
+GET /mbkauthe/test
+```
+**Note:** This endpoint is primarily for testing and debugging authentication. It should not be used in production environments.
 ---
 ## Middleware Reference
@@ -347,7 +414,7 @@ import { validateSession } from 'mbkauthe';
 app.get('/protected', validateSession, (req, res) => {
   // User is authenticated
   const user = req.session.user;
-  // user contains: { id, username, UserName, role, Role, sessionId, allowedApps }
+  // user contains: { id, username, UserName, role, Role, sessionId }
   res.send(`Welcome ${user.username}!`);
 });
 ```
@@ -369,7 +436,6 @@ req.session.user = {
   role: "NormalUser",       // User role
   Role: "NormalUser",       // User role (alias)
   sessionId: "abc123...",   // 64-char hex session ID
-  allowedApps: ["app1"]     // Array of allowed applications
 }
 ```

package/docs/db.md CHANGED Viewed

@@ -12,8 +12,6 @@ Add these to your `.env` file:
 # GitHub OAuth App Configuration
 GITHUB_CLIENT_ID=your_github_client_id
 GITHUB_CLIENT_SECRET=your_github_client_secret
-GITHUB_LOGIN_CALLBACK_URL=https://yourdomain.com/mbkauthe/api/github/login/callback
-BASE_URL=https://yourdomain.com
 ```
 ### 2. GitHub OAuth App Setup
@@ -109,10 +107,6 @@ The login page now includes:
 # Required for GitHub Login
 GITHUB_CLIENT_ID=your_github_client_id
 GITHUB_CLIENT_SECRET=your_github_client_secret
-GITHUB_LOGIN_CALLBACK_URL=https://yourdomain.com/mbkauthe/api/github/login/callback
-# Optional (used as fallback)
-BASE_URL=https://yourdomain.com
 ```
 The GitHub login feature is now fully integrated into your mbkauthe system and ready to use!

package/env.md CHANGED Viewed

@@ -54,7 +54,7 @@ DOMAIN=localhost
 **Description:** Your application's domain name.
 **Configuration:**
-- **Production:** Set to your actual domain (e.g., `mbktechstudio.com`)
+- **Production:** Set to your actual domain (e.g., `mbktech.com`)
 - **Development:** Use `localhost` or set `IS_DEPLOYED=false`
 - **Subdomains:** When `IS_DEPLOYED=true`, sessions are shared across all subdomains
@@ -138,6 +138,74 @@ COOKIE_EXPIRE_TIME=30  # 1 month (convenience)
 ---
+## 🐙 GitHub OAuth Authentication
+### GitHub Login Configuration
+```env
+GITHUB_LOGIN_ENABLED=false
+GITHUB_CLIENT_ID=your-github-client-id
+GITHUB_CLIENT_SECRET=your-github-client-secret
+```
+#### GITHUB_LOGIN_ENABLED
+**Description:** Enables or disables GitHub OAuth login functionality.
+**Values:**
+- `true` - Enable GitHub login (users can authenticate via GitHub)
+- `false` - Disable GitHub login (default)
+**Required:** Yes (if using GitHub authentication)
+#### GITHUB_CLIENT_ID
+**Description:** OAuth application client ID from GitHub.
+- **Purpose:** Identifies your application to GitHub's OAuth service
+- **Format:** Alphanumeric string provided by GitHub
+- **Setup:** Obtain from [GitHub Developer Settings](https://github.com/settings/developers)
+- **Required:** Yes (when `GITHUB_LOGIN_ENABLED=true`)
+**Example:** `GITHUB_CLIENT_ID=Iv1.a1b2c3d4e5f6g7h8`
+#### GITHUB_CLIENT_SECRET
+**Description:** OAuth application client secret from GitHub.
+- **Purpose:** Authenticates your application with GitHub's OAuth service
+- **Security:** Keep this secret secure and never commit to version control
+- **Format:** Alphanumeric string provided by GitHub
+- **Setup:** Generated when creating OAuth app in GitHub Developer Settings
+- **Required:** Yes (when `GITHUB_LOGIN_ENABLED=true`)
+**Example:** `GITHUB_CLIENT_SECRET=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0`
+### Setting Up GitHub OAuth
+1. **Create GitHub OAuth App:**
+   - Go to [GitHub Developer Settings](https://github.com/settings/developers)
+   - Click "New OAuth App"
+   - Fill in application details:
+     - **Application name:** Your app name
+     - **Homepage URL:** `https://yourdomain.com` (or `http://localhost:3000` for dev)
+     - **Authorization callback URL:** `https://yourdomain.com/auth/github/callback`
+   - Click "Register application"
+2. **Copy Credentials:**
+   - Copy the **Client ID**
+   - Generate and copy the **Client Secret**
+3. **Configure Environment:**
+   ```env
+   GITHUB_LOGIN_ENABLED=true
+   GITHUB_CLIENT_ID=your-copied-client-id
+   GITHUB_CLIENT_SECRET=your-copied-client-secret
+   ```
+**Security Notes:**
+- Use separate OAuth apps for development and production environments
+- Rotate client secrets periodically
+- Never expose client secrets in client-side code
+---
 ## 🚀 Quick Setup Examples
 ### Development Environment