Skip to content

propadata/usergt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
API.md
API.md
 
 
APIQuery.md
APIQuery.md
 
 
APIUtils.md
APIUtils.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 

Repository files navigation

usergt

API

User management logic: create, destroy, read, authenticate, brute force attack protection, lockout. Depends on: Rethinkdb, Penseur

Brute force protection:

  • bcrypt password hashing

    Introduces a work factor, which determines how expensive the hash function will be. Because of this, bcrypt can keep up with Moore’s law. As computers get faster you can increase the work factor and the hash will get slower. See: How to safely store a password for more about storing and authenticating passwords with bcrypt.

  • Account Locking
    After ten failed attempts on an existing account, lock the users account for 24 hours.

User record validation

Implements Joi to validate userRecords are valid structure (create, authenticate). authenticate filters out invalid username and passwords to avoid the database read.

Basic RBAC (Role Based Accessed Controls)

User objects have a scope key. The scope key is an array of labels. For example, ['admin', 'user']. hapijs style.

Style Guide

Follows hapijs coding conventions.

Error Handling

Uses boom to build and return error objects.

Tests

100% coverage using lab & code](https://github.com/hapijs/code)

License

BSD-3-Clause

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages