Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/firstandthird/hapi-api-key

Hapi authentication plugin for api keys via query string or request header
https://github.com/firstandthird/hapi-api-key

hapi-plugin hapi-v17

Last synced: 14 days ago
JSON representation

Hapi authentication plugin for api keys via query string or request header

Host: GitHub
URL: https://github.com/firstandthird/hapi-api-key
Owner: firstandthird
License: mit
Created: 2016-06-15T15:08:35.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2021-02-26T20:30:02.000Z (almost 4 years ago)
Last Synced: 2025-01-11T23:17:49.739Z (21 days ago)
Topics: hapi-plugin, hapi-v17
Language: JavaScript
Size: 32.2 KB
Stars: 4
Watchers: 7
Forks: 5
Open Issues: 2
Metadata Files:
- Readme: readme.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

README

        ## hapi-api-key

[![Build Status](https://travis-ci.org/firstandthird/hapi-api-key.svg?branch=master)](https://travis-ci.org/firstandthird/hapi-api-key)

Hapi auth scheme that allows users to access a route based on whether they have a valid api key presented either as a query or as a header.

Register hapi-api-key as a plugin

to make the 'api-key' scheme available for use with server.auth.strategy(...).

### Installation

`npm install hapi-api-key`

### Usage

```javascript

  const hapiApiKeyPlugin = require('hapi-api-key');

  await server.register({

    plugin: hapiApiKeyPlugin,

    options: {}

  });

  server.auth.strategy('api-key', 'api-key', {

    apiKeys: {

      1234: {

        name: 'hueniverse'

      }

    }

  });

```

### Options

- __apiKeys__ (required)

  List of allowed API keys

- __schemeName__

  The name hapi will use to refer to the schema.  By default this is 'api-key' but you

  can make it whatever you want.

- __validateKey__

  hapi-api-key comes with a default function that approves or denies access

  based on whether the header or field matches the list of allowed API keys,

  but you can provide your own validateKey function instead.  Alternatively you

  can specify validateKey as a string, in which case hapi-api-key will look for a

  server method with that name in _server.methods_.

- __queryKey__

  The query field that contains the API key, by default this is 'token' (i.e.

    _?token=1234567_) but you can override this to be whatever you want.

- __headerKey__

  The header field that contains the API key, by default this is the _x-api-key_

  header but you can override this to be whatever you want.

- __strategy__

  By default hapi-api-key registers the api-key scheme with HAPI and then you manually register

  a strategy that uses that scheme with server.auth.strategy(). But you can have hapi-api-key

  register the strategy for you by passing a _strategy_ object when you register the plugin:

```js

{

  strategy: {

   name: 'myStrategyName',

   mode: true,

   apiKeys: {

     'anAPIKey': {

       name: 'authenticationName'

     }

   ]

  }

}

  ```