Wednesday, January 22, 2014

User management in Node through Lockit.js

Lockit.js is a user management tool in express.js that performs the signup/login of users and create corresponding user entries in the database using standard best practices. To explain in a nutshell, it is quite similar to Devise, a user authentication gem used in Rails based projects. As Lockit is available as an express module, it can easily be used in any project by npm install:

npm install lockit

Although this project is currently in its infancy, it offers an uncluttered approach towards user management at cost of being opinionated, which is okay as long as you need to save and manage standard user actions.

As the project github and website page explains, you can easily setup the application in any node based application that uses either couchdb or mongodb and in a mongodb based application, you only require a config.js file that takes care of configuration and specify it inside the main application file as:

  lockit(app, config);

Only the lockit and config are needed to be required in the main module of the express application.

Inside this config file, you can specify parameters like:

  • Database(URL) [Mandatory]
  • Application Details
  • Confirmation email sender's mail configuration
  • Login attempt, account lock and verification link settings
  • Routes to various actions
  • Verification and confirmation mail templates


Depending upon your requirements, you would require changing its internals which can easily be done in the dependent libraries from the Lockit. While listing from npm, it looks like the following diagram which makes the description of Lockit more clearer.


As it is opinionated, its views require twitter bootstrap css to display and apart from mongodb and couchdb, other databases are not supported at the time of this writing.
Update: The views are customizable - the config file provides various templates; depending upon your requirements, you can specify them manually:


It is worth mentioning that you can use the signup or password reset token and append it to signup or reset password routes, depending upon object state to keep exploring the library without acutal authentication mail sending facility.
While exploring this library, I've created a sample node application hosted at github that tries to cover this library while using minimum code.

2 comments:

Mirco said...

Thank you for this introductory post and the sample app on GitHub.

As of version 0.0.2 lockit supports custom views. It allows you to use your own templates that can be independent from Bootstrap. See more about the configuration in the Readme.

I've also included a database adapter for SQL databases.

I'm currently working on a REST interface and JSON only communication. With that you can use lockit for Single Page Apps (i.e. AngularJS or Ember) and handle the routing on the client.

Cheers,
Mirco

Sumit Bisht said...

Thanks Micro for the kind words.
I've seen the detailed config which displays how to use custom views. I will update my post and include it there.
Cheers,
sumit