A mock backend to test JWT auth.
Requires node
and npm
. Install with npm install
.
Edit config/default.json
to configure.
{
"port": 8085, //Port to serve on
"cors-origin": "http://localhost:8080", //Origin of CORS requests to allow. Set to "*" to allow all origins.
"secret": "supda-dupa-secret", //Secret for the JWT
"debugOutput": true, //Whether to print debug output to the console
//Modify those to mimick the backend API you are mocking
"authenticationRoute": "/auth",
"authorizationRoute": "/protected",
//Define all roles known to the backend
"roles": ["admin"]
//Additional routes that need a specific role for authorization
"routes": [
{
"path": "/admin",
"role": "admin"
}
]
}
Edit accounts.json
to set up a few users. Default is:
[
{
"identifier": "a@b.com",
"password": "test",
"roles": ["admin"]
},
{
"identifier": "c@d.com",
"password": "test",
"roles": []
}
]
Run the server with node index.js
.
The following routes are available (paths can be changed in the config, see above):
Method | Path | Body | Positive response | Negative response |
---|---|---|---|---|
POST | /auth | {identifier: "identifier", password: "password"} |
{success: true, token: "token"} |
{success: false, message: "Error message."} |
GET | /protected | - | {success: true} |
{success: false, message: "Error message."} |
Additional GET
authorization routes are available, if set through the routes
config methods. Those are meant to authorize only if the token contains a certain role (see section about configuration above):
Method | Path | Body | Positive response | Negative response |
---|---|---|---|---|
GET | * | - | {success: true} |
{success: false, message: "Error message."} |