node-apikeymanagement (omakm) is a NodeJS package that handles issuing API keys.
node-apikeymanagement is a basic module for NodeJS that handles creating tokens that are associated with specific information. The indented use of these tokens is to act as private keys for online services, API keys. The string of characters generated are not based upon the supplied data at all, and serve only to link to the data stored inside of the module.
| Feature | Description | Status |
|---|---|---|
| URL Safe Key Generation | 64-character alphanumeric strings with - and _ |
✅ |
| Custom Length Keys | Create keys of a custom length | ❌️ TODO |
| Custom Data | Associate arbitrary properties to keys | ✅ |
| Expiration Time | Set TTL for temporary access | ✅ |
| Key Revocation | Permanently remove keys from registry | ✅ |
| Key Inspection | Query key details | ✅ |
| Duplicate Prevention | Avoid generating duplicate keys | ✅ |
| Dump keys | Dump all of the keys for user persistence | ❌️ TODO |
| Dump keys to disk | Dump the keys, but to disk with integrated encryption | ❌️ TODO |
Note
This module is not intended for use outside of the OpenMinerva software family. Please ensure you know what you are doing, and what you intend on doing.
Warning
This library has not undergone serious security audits. Use this package at your own risk.
node-apikeymanagement is not hosted on the NPM package repository. You must install this package though GitHub. To install this package you must run the command:
npm install github:OpenMinerva/node-apikeymanagementThis function takes the input Object parameter "identifiers" and generates a random key that is associated to that object inside of an internal variable.
identifiers: Can be any object with any keys and values.- This must be an object.
options:expireTime: How long the key will be good for before it is marked for deletion. Default3600seconds (1 hour).-1: A key that lasts forever. (Not temporary)
{
ok: true,
error: null || "String error",
data: "A_long_and_secure_key_1234"
}This takes a key input, and removes it from the internal database immediately, without marking it for deletion.
targetKey: The key to delete.
{
ok: true,
error: null || "String error",
data: null
}This takes a key input, and returns the associated data about that key back.
targetKey: The key to inspect.
{
ok: true,
error: null || "String error",
data: {
identifiers: { userId: 'user123', scope: 'read', metadata: {} },
expireTime: 1775000000
}
}node-apikeymanagement uses jest to test that the module works as expected. With constant updates more tests are always being added to ensure the module is stable and works as expected. To run the test, run this command in the package directory:
npm test