Authentication Demo

Add HexaEight Authentication using Javascript to Any Single Page Website
Or Application in less than 5 lines of code.

⚫

Allow Or Restrict Any Email Address Or Domain
⚫

Restrict access to Specific Website Or App
⚫

Encrypt Message To Another Sessions
⚫

Decrypt Message From Other Sessions
⚫

Save your own Data in encrypted format inside browser local storage and access it across Sessions
⚫

Use Token-less authorization to access Resource Servers

www.hexaeight.com

Add to Head Tag (JQuery is only needed since we are using $.document function below.

script src="https://cdn.jsdelivr.net/gh/hexaeightteam/session-js-spa-https/hexaeightsession.js" script src="https://cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js" script src="https://cdn.jsdelivr.net/gh/hexaeightteam/session-js-spa-https/hexaeightaxios.js" script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"

Follow it up by adding the below code using Script tags

                           // Used for configuring App post authentication
function callback() {
}
const session = new HexaEight();
$(document).ready(async function() {   
const clientid = "21DEEA59F5.....";
const tokenserverurl = "https://tokenserverurl:8443";
await session.init(clientid,tokenserverurl,callback);
});

HexaEight provides the below functions post authentication

session.EncryptTextMessage(destination,message) Function allows you to encrypt message to any destination. The destination can be any Email Address, Resourceid or Domain resource name

session.DecryptTextMessage(encryptedmessage) Function allows you to decrypt message received from any destination. The destination can be another email address, Resourceid or Domain resource

session.ProtectMessage(message) Function can be used to protect any data message for self-consumption, such as storing it in the browser's local cache for retrieval during the subsequent sessions.

session.DecipherMessage(protectedmessage) can be used to unprotect a data message that was encrypted using the ProtectMessage function either from your current session or from past sessions.

HexaEight Session also provides other common session functions such as:

1. ISAuthenticated : await session.isauthenticated() - This function will help you determine if the user login status.
2. Application Name : await session.Login('FETCH-APPNAME', "") - This session method can be used to fetch the Application name.
3. Login Email: await session.Login('FETCH-LOGGED-IN-USER-EMAIL', "") - This session method can be used to fetch the email address of the logged-in-user.
4. Message Verification : await session.Login('VERIFY-MESSAGE', encryptedmessage) - This session method can be used to verify the authenticity of any encrypted message
5. User ID : GetUserID(clientid,"") method can be used to fetch the user id and can be used for uniquely identifying an user inside an application and can also be used as a userid reference in third party applications.
6. whois(URL) : The whois function can be used to fetch the resourcename of a destination resource.

There are times when the encryption can fail due to failed network requires or other reason especially while retrieving an client key for a destination. Usually keys once fetched from the token server is usually stored in the cache for subsequent usage. In the event we find if encryption or decryption is failing for particular destination or URL, but working for others, you can use any of the below functions to clear the stored key so that the same key can be retrieved again.

ClearDestination(destination-email-or-resource-name)
ClearDestinationURL(URL)

HexaEight offers an instance of Axios, a popular JavaScript library, can make authenticated requests to allow secure and direct communication with resource servers.

To establish secure authenticated communication using this HexaEight Session, the destination resource needs to be registered in this application Realm and should have implemented HexaEight Middleware.

The middleware will internally handle the encryption and decryption of messages between this HexaEight Session and the resource server using HexaEight encryption functions. Similarly the Axios instance inside our HexaEight Session will internally encrypt the information using HexaEight encryption functions and send it to the destination resource. Upon receiving the response, the Axios instance will decrypt the response and return the decrypted information in the response object.

Sample Get Request :
var weatherdata = HexaEightaxios.get("http://localhost:5000/weatherforecast/newyork", {responseType: "text"});
Sample POST Request :
var data = HexaEightaxios({method:"POST", url:"http://localhost:5000/api/fetchcurrentweather", data: blob, responseType: "json"});

HexaEight Sessions

Authentication Demo

Add to Head Tag (JQuery is only needed since we are using $.document function below.

Follow it up by adding the below code using Script tags

HexaEight provides the below functions post authentication

Encrypt and Decrypt Messages

Protect and Decipher Data