Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

supertokens-node-mongo-ref-jwt

supertokens23MIT4.0.0TypeScript support: included

SuperTokens banner

auth, authentication, authorisation, mongodb, nodejs, supertokens, jwt, refresh tokens, chrome, firefox, IE, safari

readme

SuperTokens banner

This repository has been deprecated in favour of SuperTokens core - Community version. For any new user, we heavily recommend using the SuperTokens core - Community version over this repository as all new features will be added to that.

Please refer to our migration guide on how to move to the new version. For existing users of this repository, we will be happy to provide free dedicated support for the purpose of migration.

Documentation

  • If you intend to keep using this version, the documentation for this is here. We will keep maintaining this repository for bug fixes, but will not be adding any new features to it.
  • This is only compatible with version 4+ of the supertokens-website respository, and version 1+ of any other frontend SDK that we provide.

changelog

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[4.0.0] - 2020-02-22

  • Added id refresh token to header. It is checked by the frontend to see if the user is logged in.

[3.3.0] - 2019-08-20

Added

  • For with express implementation: Session.getSessionInfo, Session.updateSessionInfo
  • For without express implementation: getSessionInfo, updateSessionInfo

Deprecated

  • For with express implementation: Session.getSessionData, Session.updateSessionData where Session is the session object returned after create new session or get session
  • For without express implementation: getSessionData, updateSessionData

[3.2.0] - 2019-07-23

Changed

  • remove cookie-parser dependecy
  • added support for mongoose driver
  • refactors code

Fixed

  • userId bug when a number is passed as string in userId

[3.1.0] - 2019-07-18

Changed

  • mongo config: user should pass option "url" for the library to connect to mongodb.
  • mongo config options: "host, port, user, password, connectTimeout, socketTimeout, database" are deprecated and will be removed soon.

Fixed

  • Throws Auth error if userId is not of correct type
  • Adds feature for options API.
  • CSRF protection can be disabled (by default it will be enabled)
  • userId can be either string or number
  • mongo collection config

[3.0.3] - 2019-07-17

Changes

  • Uses accessTokenPath for idRefreshToken as well.

[3.0.2] - 2019-07-14

Changes

  • Adds support for when API is a different subdomain to website URL by using Access-Control-Allow-Credentials, Access-Control-Allow-Headers and Access-Control-Expose-Headers.

[3.0.1] - 2019-07-12

Changes

  • CSRF protection can be disabled (by default it will be enabled)
  • userId can be either string or number

[3.0.0] - 2019-07-09

Breaking Changes

  • Implements CSRF protection
  • Makes handing token theft via an error as opposed to a callback

[2.0.0] - 2019-06-15

Breaking Changes

  • Reorganises lib so that express related functions are access via /express. By default, you get the raw functions so that you can use them with any non express frameworks as well.
  • Stores sessionHandle without hashing in db - results in changing of field name in collection

[1.0.3] - 2019-06-14

Added

  • Does not store hashed version of session handle in database anymore.

[1.0.2] - 2019-06-14

Added

  • Allows client to pass their own mongo connection in the init function.

[1.0.1] - 2019-06-14

Added

  • Access Token blacklisting

    Changed

  • If JWT verification fails, then reloads key from DB.

[1.0.0] - 2019-06-13

Changed

  • First release to npm. All tests passing