So that I may override in my own configs to point to my own main route. /public directory is often used as a grunt build directory so a possibly dev config route is useful.

Hello.

I am getting this error. I have tried installing python modules but I have a strong feeling that this isn't going to help and that I have to do something outside of node.js

This is an image of the error: Any help would be appreciated. Thank you!

This is pretty neat, however the way the DB configurations are currently setup I found it quite tricky to make it work with my Sails.js site using the Waterline ORM. Basically I could bypass the ORM to connect directly separately to Mongo or Postgres or whatever the ORM adapter in waterline is pointed to as well. But I'd much prefer a lockit waterline adapter and just let the ORM to deal with those details.

Just a thought,

I noticed on my mongodb installation for lockit that an index is set for user's id. That's good. However, lockit does not seem to set an unique index for username and email address which it should in my opinion or is there a specific reason not to do so?

It seems that the emailSettings are not being passed on to the smtpTransport, since I specified them and digging in to Email.prototype.send, line 58, the emailSettings are not being passed on and, due to that, I got an ECONNREFUSED:

// send email with nodemailer
var transporter = nodemailer.createTransport(that.transport(options)); // options are not including my emailSettings
transporter.sendMail(options, function(err, res){
  if(err) return done(err);
  transporter.close(); // shut down the connection pool, no more messages
  done(null, res);
});

I see no configuration option in the documentation for this... What is the default expire time for each session?

Also, I noticed that if you log in twice with the same account on two different browsers (let's call them session1 and session2) and you log out from session2, then you will stay logged in in session1. Is this on purpose? I think it's a security problem.

I have tried asin this post http://stackoverflow.com/questions/25320313/couchdb-with-nodejs-authentication-solution and as the instructions on the readme, and i cant keep it running

Hi all, I am working on my first nodejs project so I'm still pretty new to all this, but I really enjoy working with lockit.

I'm trying to make the login persistant by changing the cookie expiration date, and can't find the solution... Should it be added as a config var ?

I tried the "full example" code:

var config = require('./config.js');
var Lockit = require('lockit');

var app = express();

app.use(cookieParser());
app.use(cookieSession({
  secret: 'secret'
}));

var lockit = new Lockit(config);

app.use(lockit.router);

// you now have all the routes like /login, /signup, etc.
// and you can listen on events. For example 'signup'
lockit.on('signup', function(user, res) {
  console.log('a new user signed up');
  res.send('Welcome!');   // set signup.handleResponse to 'false' for this to work
});

When I started the server it complained that express was undefined, so I installed express via npm and added:

var express = require('express');

and changed:

app.use(cookieParser());
app.use(cookieSession({
  secret: 'secret'
}));

to this:

app.use(express.cookieParser());
app.use(express.cookieSession({
  secret: 'secret'
}));

But now I get this. What's wrong?

lockit no email config found. Check your database for tokens.
/Users/valmar/dev/node/todolist/node_modules/lockit/node_modules/lockit-signup/index.js:40
  router.get(route, this.getSignup.bind(this));
        ^
TypeError: Cannot read property 'get' of undefined
    at new module.exports (/Users/valmar/dev/node/todolist/node_modules/lockit/node_modules/lockit-signup/index.js:40:9)
    at new module.exports (/Users/valmar/dev/node/todolist/node_modules/lockit/index.js:41:16)
    at Object.<anonymous> (/Users/valmar/dev/node/todolist/server.js:12:14)
    at Module._compile (module.js:460:26)
    at Object.Module._extensions..js (module.js:478:10)
    at Module.load (module.js:355:32)
    at Function.Module._load (module.js:310:12)
    at Function.Module.runMain (module.js:501:10)
    at startup (node.js:129:16)
    at node.js:814:3

Hi @zemirco. Awesome project! This is exactly what I've been looking for.

I was wondering if it would be possible to support a the ability to specify a custom adapter module? It looks like the getDatabase function restricts the possible adapter modules to the existing lockit-*-adapter family. My use case is I have a project that uses knex to access a postgress database and I'd like to keep all of my table migrations managed in the same place. So I'm a little wary about letting the lockit-sql-adapter sync a table under the hood with sequelize.

I've tried to get the example app up and running but keep getting the following message:

Error: Cannot find module 'xtend'

Node v0.10.24 NPM v1.3.21 grunt-cli v0.1.11

Thanks.

Hello, is there a known / easy way to use OAuth based authentication? e.g. https://github.com/dgrubelic/vue-authenticate/blob/master/example/server.js

It's really really easy to get this error, including if you just make a new express app using defaults and try the quick-start with lockit as per the instructions in lockit's readme:

npm start

lockit no db config found. Using SQLite. lockit no email config found. Check your database for tokens.

/signup

..fill in the form and submit it..

->

Unhandled rejection Error: Cannot find module 'lockit-template-blank'
    at Function.Module._resolveFilename (module.js:338:15)
    at Function.Module._load (module.js:280:25)
    at Module.require (module.js:364:17)
    at require (module.js:380:17)
    at new module.exports (/Users/dhall/projects/myapp/node_modules/lockit/node_modules/lockit-signup/node_modules/lockit-sendmail/index.js:16:19)

It looks like name is intended to be username, and not the user's name, as it must be unique. Email must also be unique. It is common, and arguably a better user experience to only require email, as it already must be unique, instead of requiring two fields that have to be unique. Also, a user may forget the username they invented for your site---because it has to be unique for your site, so someone else could have taken the one they wanted---but they are less likely to forget their email address, and if email address requires verification, then nobody else can take their email address on your site.

Personally, I'd much rather just treat email address as username, and dispense with username field.

I suppose I could hack it by creating a hidden field and have javascript copy the email address into the username field just before form submit ... but I'd rather not even have a username field in my database.

Nope, can't hack it that way. Gives error: "Username may not contain any non-url-safe characters." .. but you can still hack it, just with a hack that looks worse by the minute .. javascript runs encodeURIComponent on the email address first, or you might just replace @ with -at- .. then pastes it into the hidden field.

Much of lockit is configurable. Thanks for that!

However, there are a few things that are still hard-coded, such as some of the error messages.

It would be great if these were also customizable.

It would be beneficial to document or implement the ability to have more fields during user signup. Frequently, it would be preferable to have firstname + lastname instead of simply name.