The JavaScript blog.


libraries browser modules websockets authentication angular

angular-oauth2, angular-websocket

Posted on .


angular-oauth2 (GitHub: seegno/angular-oauth2, License: MIT, npm: angular-oauth2, Bower: angular-oauth2) by Rui Silva at Seegno is an AngularJS OAuth2 client module that uses ES6 internally. The author has kindly released it on npm and Bower, so it should be easy to quickly try it out.

To use it, you have to configure OAuthProvider with the server's base URL, and then the client ID and secret. Then you can request access and refresh tokens as required. The error handling is nice because you can hook into error events on $rootScope.$on('oauth:error'.

I've written a few browser extensions that use OAuth, and this seems ideal for that kind of work. It will also be useful for your Angular single page web apps.


PatrickJS (Patrick Stapleton) sent in angular-websocket (GitHub: gdi2290/angular-websocket, License: MIT, npm: angular-websocket, Bower: angular-websocket), which is a WebSocket library for AngularJS 1.x. It works by providing a factory, $websocket, that you can use to stream data between the server and your Angular app.

The API is modeled around the standard WebSocket API:

angular.module('YOUR_APP', [  
  'ngWebSocket' // you may also use 'angular-websocket' if you prefer
//                          WebSocket works as well
.factory('MyData', function($websocket) {
  // Open a WebSocket connection
  var dataStream = $websocket('wss://website.com/data');

  var collection = [];

  dataStream.onMessage(function(message.data) {

  var methods = {
    collection: collection,
    get: function() {
      dataStream.send(JSON.stringify({ action: 'get' }));

  return methods;
.controller('SomeController', function(MyData) {
  $scope.MyData = MyData;

In this example you would use MyData in the corresponding markup. Patrick's example uses ng-repeat to iterate over the data.

The project includes browser tests and a build script. It doesn't have any fallback for browsers that don't support WebSockets, so it's a pure WebSocket module rather than something like Socket.IO.


node authentication oauth2

Building a Node OAuth2 Server

Posted on .

Most of you have probably written an OAuth2 client using Node. I've used the passport module for Express and found it worked very nicely. But what about creating an OAuth2 server?

Writing a server takes more work, but as long as you're clear about the authorisation flows that you want to use then it's certainly possible. Erica Salvaneschi wrote Building a Node OAuth2 server, a post about our experiences building an OAuth2 service for a commercial project we're working on at Papers:

This article is a walkthrough of Papers' test-driven implementation of an OAuth server using Node. We decided to go for what's known as resource owner password flow and chose node-oauth2-server to build our server.

The sample code was written using test-driven development, and depends on Express, Mongoose, bcrypt, and Mocha and SuperAgent for testing. We've kept the issues open on the sample code so you can give us feedback, which we're interested in seeing as we're new to OAuth2.


dependencies node modules authentication windows oauth

Node Roundup: 0.11.0, Dependo, Mashape OAuth, node-windows

Posted on .

You can send in your Node projects for review through our contact form.

0.11.0, 0.10.2

Node 0.11.0 has been released, which is the latest unstable branch of Node. Node 0.10.12 was also released, which includes some fixes for the stream module, an update for the internal uv library, and various other fixes for cryptographic modules and child_process.



Dependo (GitHub: auchenberg / dependo, License: MIT, npm: dependo) by Kenneth Auchenberg is a visualisation tool for generating force directed graphs of JavaScript dependencies. It can interpret CommonJS or AMD dependencies, and uses MaDGe to generate the raw dependency graph. D3.js is used for drawing the results.

Mashape OAuth

Mashape OAuth (GitHub: Mashape / mashape-oauth, License: MIT, npm: mashape-oauth) by Nijiko Yonskai is a set of modules for OAuth and OAuth2. It has been designed to work with lots of variations of OAuth implementations, and includes some lengthy Mocha unit tests.

The authors have also written a document called The OAuth Bible that explains the main concepts behind each supported OAuth variation, which is useful because the OAuth terminology isn't exactly easy to get to grips with.


node-windows (GitHub: coreybutler / node-windows, License: MIT/BSD, npm: node-windows) by Corey Butler is a module designed to help write long-running Windows services with Node. It supports event logging and process management without requiring Visual Studio or the .NET Framework.

Using native node modules on Windows can suck. Most native modules are not distributed in a binary format. Instead, these modules rely on npm to build the project, utilizing node-gyp. This means developers need to have Visual Studio (and potentially other software) installed on the system, just to install a native module. This is portable, but painful... mostly because Visual Studio itself is over 2GB.

node-windows does not use native modules. There are some binary/exe utilities, but everything needed to run more complex tasks is packaged and distributed in a readily usable format. So, no need for Visual Studio... at least not for this module.


node modules documentation authentication debugging markdown

Node Roundup: Markdox, node-authenticate, node-codein

Posted on .

You can send in your Node projects for review through our contact form or @dailyjs.


Markdox (License: MIT, npm: markdox) by Charles Bourasseau is a documentation generator based on Dox (which TJ changed to output JSON only) that produces Markdown. It can be used in the shell, or programatically.

This is a straightforward way of generating API documentation that works with services that support Markdown, like GitHub.


authenticate-pam (License: MIT, npm: authenticate-pam) by Damian Kaczmarek is an asynchronous PAM authentication addon. It uses libpam to authenticate users with a simple, idiomatic Node API:

var pam = require('authenticate-pam');  
pam.authenticate('myusername', 'mysecretpassword', function(err) {  
  if (err) {
  } else {


node-codein (License: MIT, npm: node-codein) by "ketamynx" is a Windows-friendly Node interface based on WebKit Inspector. It can display objects graphically as trees, and can also execute code.

Although it looks like a debugger interface, it seems like the author intends for it to be used as a friendly alternative to the REPL.


benchmarks node modules express async middleware authentication

Node Roundup: Nodetime, Flow.js, Lox

Posted on .

You can send in your Node projects for review through our contact form or @dailyjs.


Nodetime screenshot

Nodetime (GitHub: dmelikyan / nodetime, License: MIT, npm: nodetime) by Dmitri Melikyan is an instrumentation service for profiling Node applications.

Once the nodetime module has been added to a project, running require('nodetime').profile() will cause it to start sending HTTP and database statistics to the Nodetime service:

The Nodetime profiler running within the application securely sends profiling data to the Nodetime server, where it is stored and sent to the browser in real-time. Profiling data is kept on the server for 10 minutes.

It's also possible to avoid sending the profiling data to the server, by using require('nodetime').profile({ stdout: true }).

Nodetime is built on the author's Timekit module, which adds some useful bindings to gettimeofday and getrusage.


Flow.js (License: MIT, npm: flow.js) by Tony Findeisen is inspired by Seq and Async.js, but is written from scratch rather than forking these projects. It's based around the idea of creating 'flows' which can be executed synchronously or asynchronously. Results can be collected from each operation, and callbacks are used to signal the completion of parallel methods:

    a: function() {
      return 123;
    b: function(cb) {
        cb(null, 'I completed after 100ms');
      }, 100);
    // and even more
  .exec(function(err, results) {
    // results.a: 123;
    // results.b: 'I completed after 100ms');

This library uses the .length property of functions to determine if an argument has been supplied -- if so, the function is considered asynchronous. Libraries like this benefit from the fact that functions in JavaScript are objects:

Every function in JavaScript is actually a Function object.

Flow.js comes with tests written with Mocha.

-- Function documentation at MDN


Lox (GitHub: reaktivo / lox, License: MIT, npm: lox) by Marcel Miranda is a Mongoose-based authentication middleware library for Express, and includes tests written with Mocha.

The lox function itself takes a MongoDB connection URI string, and the result can be passed to app.use. It needs suitable routes for managing users, but provides middleware for logging in and out:

# Sign in
app.post '/login', lox.routes.login('/success_uri', '/fail_uri')

# Sign out
app.get '/logout', lox.routes.logout('/success_uri', '/fail_uri')