
0.3.1 • Public • Published


moneypenny - Authentication Service

[Circle CI]( oneypenny/tree/master) Coverage Status

Moneypenny acts as an authentication service that offers multiple authentication strategies to a backend service and sends a JSON web token(JWT) encripted using a shared secret as a response.

Other services in the architecture should also know the shared secret allowing the token to be passed around in API calls to provide user information related to the request.

Generating Documentation

   npm run doc

Related Projects

Sample Useage

Sample Implementation Code


The following endpoints are established by the initialize(app) function

Endpoint Description
/oauth2/authorization oAuth2 Authorization Endpoint
/oauth2/token oAuth2 Token Endpoint
/logout Logout user from moneypenny

API documentation.


Authentication server that uses both oAuth2 and JWT for authentication For single sign on.

module.exports(options) ⇒ MoneyPenny

Create a moneypenny server

Kind: Exported function
Returns: MoneyPenny - moneypenny service.

Param Type Description
options Options options to configure moneypenny with.


Middleware for checking that people using the service are authenticated.

Adds req.sesson.returnTo, the url to redirect the user to after login.

Kind: inner property of module.exports

Param Type Description
req request express request to check authenticated
res response express response related to this request
next function callback to next middleware to handle request.

module.exports~ensureAuthenticated(req, res, next)

Middleware for checking that people using the service are authenticated.

Adds req.sesson.returnTo, the url to redirect the user to after login.

Kind: inner method of module.exports

Param Type Description
req request express request to check authenticated
res response express response related to this request
next function callback to next middleware to handle request.


Initalize moneypenny. adds oauth authentication endpoints to express app

Kind: inner method of module.exports

Param Type Description
app express-app the express app that this will run on.


var express = require('express');
var moneypenny = require('moneypenny');
var MongoStore = require('moneypenny-mongo-storage');
var MongoClient = require('mongodb').MongoClient;
MongoClient.connect('monogdb://localhost:27017/moneypenny', function(err, db) {
        var mpMongoStore = MongoStore(db);
        var app = express();
        var mpOptions = {
            secretOrPrivateKey: 'topsecret',
            storageProvider: mpMongoStore
        var mps = moneypenny(mpOptions);
        // Following endpoints will be addded to the server.
        // /oauth2/token - token endpoint.
        // /logout - logout endpoint.
        // /oauth2/authorization - authorization endpoint.


Used for passport to serialize the session user. using this method will allow the oauth server to send whatever details are in the user object serialized.

Kind: inner method of module.exports



//remove password from user, then serialize.
passport.serializeUser((user, done)=>{
        user.password = ''
        return authServer.serializeUser(user, done);


Used for passport to deserialize the session user.

Kind: inner method of module.exports


module.exports~loginAndRedirect(req, res, next)

Helper method for login, this method can be used once a login is established from a passport strategy

It will redirect the users back to the approprate locationexpiresIn

Kind: inner method of module.exports

Param Type Description
req request express request to check authenticated
res response express response related to this request
next function callback to next middleware to handle request.

module.exports~jwtToken(req, res) ⇒ String

Express middleware that returns a JWT token.

Kind: inner method of module.exports
Returns: String - jwt token for the user

Param Type Description
req request Express JS Request Object
res response Express JS Response Object

module.exports~jwt(user, ttl) ⇒ String

Sign a JWT token.

Kind: inner method of module.exports
Returns: String - encoded JWT token.

Param Type Description
user Object user to encode.
ttl Number time for the token to live. (set to value in option if none is sent)

module.exports~user(JWT) ⇒ Object

Get a user from a JWT token.

Kind: inner method of module.exports
Returns: Object - enncoded user object.

Param Type Description
JWT String token to decode.

module.exports~logoutAndRedirect(req, res, next)

Helper method for logging out, logs user out of authentication server after logging user out from all other servers.

Not Yet Implemented

Kind: inner method of module.exports

Param Type Description
req request express request
res response express response
next function callback to next middleware to handle request.

module.exports~Options : Options

Options that will be passed to the moneypenny server to determine how to initialize.

Kind: inner typedef of module.exports

Name Type Description
redirectUrl String default redirect url to use if no previous url is found.
loginUrl String url to redirect to for login.
secretOrPrivateKey String secret or private key to use for JWT encryption.
ttl Number lifespan of a token.
storageProvider StorageProvider storage provider to use to store autentication details. Such as 'moneypenny-mongo-store'. @see




Package Sidebar


npm i moneypenny

Weekly Downloads






Unpacked Size

486 kB

Total Files


Last publish


  • allanhortle
  • atridge
  • thepont