Authentication for microservices.
Last updated 5 years ago by dguttman .
MIT · Repository · Bugs · Original npm · Tarball · package.json
$ cnpm install authentic 
SYNC missed versions from official npm registry.


Authentication for microservices. This is collection of the following modules:

What is it?

Authentic is a collection of modules to help your various services authenticate a user. Put more concretely, Authentic does the following:

  • Allow your users to "sign up", "confirm", "log in", and "change password" with their email address and a chosen password (persisted to a db of your choice), and provide an authentication token (JWT) on successful log in.
  • Easily protect access to your microservice by decrypting a user's authentication token.
  • Help make requests from the browser to authentic-server for sign up/confirm/login/password reset, as well as automatically including the authentication token in requests to your microservices.


Let's pretend you work at ScaleHaus (Uber meets Airbnb for lizards). You have a web app at (client-side SPA) that is an interface to various microservices (like You want to make sure that only employees with a email address have access to your app and microservices. Here's how you can do it:

  1. Create an authentication server with authentic-server available at

  2. Add views to for signup/confirm/login/reset-password and use authentic-client for those actions and for requests to your microservices.

  3. In your microservice(s), e.g., use authentic-service to decrypt the authentication token provided in the request and verify the user's identity and that their email ends in


It's best to install each module individually in the project that needs it. In theory, you could have a single project that needs to be the server, client, and service -- in that case feel free to npm install --save authentic. Otherwise use npm install --save authentic-server, npm install --save authentic-service, or npm install --save authentic-client depending on your project.

In Action

Authentic Server

var fs = require('fs')
var http = require('http')
var Authentic = require('authentic').server

var auth = Authentic({
  db: './userdb',
  publicKey: fs.readFileSync('/rsa-public.pem'),
  privateKey: fs.readFileSync('/rsa-private.pem'),
  sendEmail: function (email, cb) {
    // send the email however you'd like and call cb()

console.log('Authentic Server listening on port', 1337)


var http = require('http')
var Authentic = require('authentic').service

var auth = Authentic({
  server: ''

http.createServer(function (req, res) {
  // Step 1: decrypt the token
  auth(req, res, function (err, authData) {
    if (err) return console.error(err)

    // Step 2: if we get an email and it's one we like, let them in!
    if (authData &&\.io$/)) {
      res.end('You\'re in!')

    // otherwise, keep them out!
    } else {

console.log('Protected microservice listening on port', 1338)

Client Login

var Authentic = require('authentic').client

var auth = Authentic({
  server: ''

var creds = {
  email: '',
  password: 'notswordfish'

// Step 1: log in
auth.login(creds, function (err) {
  if (err) return console.error(err)

  // Step 2: make a JSON request with authentication
  var url = ''
  auth.get(url, function (err, data) {
    if (err) return console.error(err)

    // show that report



Current Tags

  • 0.0.3                                ...           latest (5 years ago)

4 Versions

  • 0.0.3                                ...           5 years ago
  • 0.0.2                                ...           5 years ago
  • 0.0.1                                ...           5 years ago
  • 0.0.0                                ...           5 years ago
Maintainers (1)
Today 0
This Week 0
This Month 0
Last Day 0
Last Week 0
Last Month 1
Dev Dependencies (3)
Dependents (1)

Copyright 2014 - 2016 © |