Skip to content

manifoldco/node-signature

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

node-signature

Verify signed HTTP requests from Manifold

Code of Conduct | Contribution Guidelines

GitHub release Travis License NPM

Install

$ npm install @manifoldco/signature

Usage

var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();

// Using the promise interface
verifier.test(req, req.rawBody).then(function() {
  // Accept and handle request
}).catch(function(err) {
  // Deny request on error
  res.statusCode = err.statusCode || 500;
  // Respond with JSON, including a message property
  return res.json({ message: err.message });
});

// Using the callback interface
verifier.test(req, req.rawBody, function(err) {
  if (err) {
    // Deny request on error
    res.statusCode = err.statusCode || 500;
    // Respond with JSON, including a message property
    return res.json({ message: err.message });
  }

  // Accept and handle request
});

Restify

var Verifier = require('@manifoldco/signature').Verifier;
var verifier = new Verifier();

// The verification library expects that the req.rawBody property
// exists so that the body does not have to be read twice, this can be
// done automatically with restify-plugins bodyParser
app.use(plugins.bodyParser({ mapParams: true }));

// Applying the verifier middleware with default master key and options (recommended)
app.use(function(req, res, next) {
  verifier.test(req).then(function() {
  // Accept and handle request
    next();
  }).catch(function(err) {
    // Deny request on error
    res.statusCode = err.statusCode || 500;
    // Respond with JSON, including a message property
    return res.json({ message: err.message });
  });
});

Express

var verifier = require('@manifoldco/signature').express;

// When using an existing body parser, we require you to add a verify step
// which will keep track of the original request body for the verifier
// middleware
app.use(bodyParser.json({ verify: verifier.appendRawBody }));

// Applying the verifier middleware with default master key and options (recommended)
app.use(verifier.middleware());