https://github.com/salesflare/hapi-auth-bearer-simple
Hapi authentication plugin for bearer token validation
https://github.com/salesflare/hapi-auth-bearer-simple
authentication bearer hapi javascript plugin
Last synced: over 1 year ago
JSON representation
Hapi authentication plugin for bearer token validation
- Host: GitHub
- URL: https://github.com/salesflare/hapi-auth-bearer-simple
- Owner: Salesflare
- License: mit
- Created: 2014-11-18T11:45:08.000Z (over 11 years ago)
- Default Branch: master
- Last Pushed: 2019-03-27T10:56:52.000Z (over 7 years ago)
- Last Synced: 2025-02-12T22:16:18.533Z (over 1 year ago)
- Topics: authentication, bearer, hapi, javascript, plugin
- Language: JavaScript
- Size: 309 KB
- Stars: 16
- Watchers: 9
- Forks: 11
- Open Issues: 4
-
Metadata Files:
- Readme: Readme.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://travis-ci.org/Salesflare/hapi-auth-bearer-simple)
[](https://david-dm.org/salesflare/hapi-auth-bearer-simple)
[](https://david-dm.org/salesflare/hapi-auth-bearer-simple?type=dev)
[](https://david-dm.org/salesflare/hapi-auth-bearer-simple?type=peer)
[](https://codeclimate.com/github/Salesflare/hapi-auth-bearer-simple)
# Hapi authentication plugin
> [**hapi**](https://github.com/hapijs/hapi) Bearer Token Authentication Scheme
## What
The plugin requires validating a token passed in by the bearer authorization header or via the `access_token` query param. The validation function is something you have to provide to the plugin.
## How
```javascript
var validateFunction = function (token, callback) {
// Use a real strategy here to check if the token is valid
if (token === 'abc456789') {
callback(null, true, userCredentials);
}
else {
callback(null, false, userCredentials);
}
};
server.register(require('hapi-auth-bearer-simple'), function (err) {
if (err) {
throw err;
}
server.auth.strategy('bearer', 'bearerAuth', {
validateFunction: validateFunction
});
// Add a standard route here as example
server.route({
method: 'GET',
path: '/',
handler: function (request, reply) {
reply({ success: true });
},
config: {
auth: {
strategy: 'bearer',
scope: 'user' // or [ 'user', 'admin' ]
}
}
});
server.start(function (err) {
if (err) {
throw err;
}
server.log([],'Server started at: ' + server.info.uri);
});
});
```
- `validateFunction` - (required) a token lookup and validation function with the signature `function (token, callback)`
- `token` - the auth token received from the client.
- `callback` - a callback function with the signature `function (err, isValid, credentials)` where:
- `err` - any error.
- `isValid` - `true` if both the username was found and the password matched, otherwise `false`.
- `credentials` - an object passed back to the plugin and which will become available in the `request`object as `request.auth.credentials`. Normally credentials are only included when `isValid`is `true`.
- `exposeRequest` - (optional / advanced) If set to `true` the `validateFunction`'s `this` will be set to the `request`. This can be usefull if you have plugins that expose certain functions/objects on the `request` object and you want to use them in your `validateFunction`.
## Notes
- 100% code coverage!
- You can chain strategies see [](http://hapijs.com/api#serverauthschemename-scheme).
- If you have any problems and/or questions make a new [**issue**](https://github.com/Salesflare/hapi-auth-bearer-simple/issues).
- If you want to contribute feel free to fork and add a pull request or again make an [**issue**](https://github.com/Salesflare/hapi-auth-bearer-simple/issues).