Modules

Interface AuthenticationEngineOptions<Account>

Type parameters

Account: AccountModel

Hierarchy

AuthenticationEngineOptions

Properties

Properties

Readonly email

email: object

Type declaration

Readonly admin: string

Email of the administrator.
Readonly sender: EmailSender<Account>

Readonly hooks

hooks: object

Hooks called by AuthenticationEngine.

Type declaration

Readonly onAccountDisabled: OnAccountDisabledHook<Account>

Hook called when account has been disabled due to authentication error or explicitly by admin.
Readonly onAuthenticationFromDifferentContext: OnAuthenticationFromDifferentContextHook<Account>

Hook called when authentication from different context (i.e. different device, location etc.) has been detected.
Readonly onForgottenPasswordChanged: OnForgottenPasswordChangedHook<Account>

Hook called when forgotten password has been changed.
Readonly onPasswordChanged: OnPasswordChangedHook<Account>

Hook called when password has been changed.

Readonly password

password: object

Type declaration

Readonly encryption: false | SecretEncryptionOptions
Password encryption options.
Depending of this option value, following behaviours will occur:
- false - password hash will be stored in plaintext in the AccountModel.passwordHash
- SecretEncryptionOptions - password hash will be encrypted before being stored in the AccountModel.passwordHash
Readonly forgotPasswordTokenEncrypt: EncryptForgotPasswordToken

Forgot password token encryptor.
Readonly hashing: PasswordHashingOptions
Readonly similarity: number

Password similarity threshold used when password is changed. When old and new password have a similarity equal or greater with this one, error will be thrown and password change process will be aborted.
Ranges between [0, 1], 0 being completely different and 1 being completely similar.
Readonly strength: PasswordStrengthPolicyValidator<Account>[]

Password strength policy validators.

Readonly repositories

repositories: object

Repositories used by AuthenticationEngine.

Type declaration

Readonly account: AccountRepository<Account>
Readonly activateAccountSession: ActivateAccountSessionRepository<Account>
Readonly authenticationSession: AuthenticationSessionRepository
Readonly failedAuthAttemptSession: FailedAuthAttemptSessionRepository
Readonly failedAuthenticationAttempts: FailedAuthenticationAttemptsRepository
Readonly forgotPasswordSession: ForgotPasswordSessionRepository
Readonly successfulAuthentications: SuccessfulAuthenticationsRepository

Readonly smsSender

smsSender: SmsSender<Account>

Readonly thresholds

thresholds: AuthenticationEngineThresholdsOptions

Threshold options.

Readonly tokensLength

tokensLength: number

Length of the issued tokens (e.g. forgot password token, account activation token etc.).
Recommended value is 24.

Readonly ttl

ttl: AuthenticationEngineTtlOptions

Time to live options.

Readonly twoFactorAuthStrategy

twoFactorAuthStrategy: TwoFactorAuthStrategy<Account>

Readonly validators

validators: object

Type declaration

Optional Readonly challengeResponse?: ChallengeResponseValidator

Challenge response validator.
It is optional in case you won't use password-less authentication.
If you provide it, challenge response authentication will be enabled.
Readonly recaptcha: RecaptchaValidator