JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 163
  • Score
    100M100P100Q91155F
  • License MIT

Custom authentication plugin for Hapi using Bearer tokens

Package Exports

  • hapi-auth-bearer-simple

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (hapi-auth-bearer-simple) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Hapi authentication plugin

hapi Bearer Token Authentication Scheme

If you have any problems and/or questions make a new issue.

If you want to contribute feel free to fork and add a pull request or again make an issue.

The plugin requires validating a token passed in by the bearer authorization header. The validation function is something you have to provide to the plugin.

Example: 

var Hapi = require('hapi');

var server = new Hapi.Server('localhost', 8000);


server.pack.register(require('hapi-auth-bearer-simple'), function (err) {
    if (err) throw err;

    server.auth.strategy('basic', 'bearerAuth', {
        validateFunction: validateFunction
    });

    // Add a standard route here as example
    server.route({
        method: 'GET',
        path: '/',
        handler: function (request, reply) {
            reply({
                success: true
            });
        },
        config: {
            auth: 'basic'
        }
    });

    server.start(function () {
        console.log('Server started at: ' + server.info.uri);
    });
});

var validateFunction = function (token, callback) {
    // Use a real strategy here to check if the token is valid
    if (token === "123456789") {
        callback(null, true, {
            token: token
        });
    } else {
        callback(null, false, {
            token: token
        });
    }
};
  • validateFunc - (required) a token lookup and validation function with the signature function(token, callback)
    • token - the auth token received from the client.
    • callback - a callback function with the signature function(err, isValid, credentials) where:
      • err - any error.
      • isValid - true if both the username was found and the password matched, otherwise false.
      • credentials - an object passed back to the plugin and which will become available in the requestobject as request.auth.credentials. Normally credentials are only included when isValidis true. This object can be only the token as in the example but is preferably all the info you need from the authenticated user