Use Case
2FA over email

User logs in with credentials or 3rd party authentication

              
import {createSecurityToken} from 'x-tkn'

let refId = 'some-user-id'
let ttl = {minutes: 5}

let token = await createSecurityToken(refId, ttl)

Send email or SMS with link to user

User clicks on link back to your site in email or SMS

                
import {reedemToken} from 'x-tkn'

let tokenId = req.query.tokenId

let token = await reedemToken(token.id)

return (token) ? 'success' : 'invalid token'

Use Case
Passwordless Authentication

User request's a password link

              
import {createSecurityToken} from 'x-tkn'

let refId = 'some-user-id'
let ttl = {hours: 1}

let token = await createSecurityToken(refId, ttl)

Send email or SMS with link to user

User clicks on link back to your site in email or SMS

                
import {reedemToken} from 'x-tkn'

let tokenId = req.query.tokenId

let token = await reedemToken(token.id)

return (token) ? 'success' : 'invalid token'

Use Case
Sliding Sessions

User logs into your application

              
import {createSessionToken} from 'x-tkn'

let refId = 'some-user-id'
let ttl = {minutes: 20}

let token = await createSessionToken(refId, ttl)

res.cookie('sid', token.id)

User interacts with your application

                
import {extendExpiration} from 'x-tkn'

let tokenId = req.cookies.sid
let ttl = {minutes: 20}

let token = await readToken(tokenId);

if (token?.isActive) {

    await extendExpiration(tokenId, ttl)
}

Use Case
Password Reset

User inits password reset

              
import {createSecurityToken, revokeTokens} from 'x-tkn'

let refId = 'some-user-id'
let ttl = {hours: 2}
let payload = {email: req.params.email}

await revokeTokens({refId})

let token = await createSecurityToken(refId, ttl, payload)

Send email or SMS with link to user

User clicks on link back to your site in email or SMS

                
import {reedemToken} from 'x-tkn'

let tokenId = req.query.tokenId

let token = await reedemToken(token.id)

return (token) ? 'success' : 'invalid token'

Use Case
2FA with Short Code

User logs in with credentials or 3rd party authentication

              
import {createShortCodeToken} from 'x-tkn'

let refId = 'some-user-id'
let ttl = {minutes: 5}

let token = await createShortCodeToken(refId, ttl)

let shortCode = token.shortCode

Send short code to users trusted device (email or SMS)

User enters short code into form

                
import {reedemToken} from 'x-tkn'

let shortCode = req.params.shortCode

let token = await reedemToken(shortCode)

return (token) ? 'success' : 'invalid token'

Examples

Use Case 2FA over email

Use Case Passwordless Authentication

Use Case Sliding Sessions

Use Case Password Reset

Use Case 2FA with Short Code

Use Case
2FA over email

Use Case
Passwordless Authentication

Use Case
Sliding Sessions

Use Case
Password Reset

Use Case
2FA with Short Code