hapi-access-token
hapi-access-token is a third-party login plugin for hapi. hapi-access-token comes with default support for Facebook. This was built with mobile apps in mind: mobile apps generally authenticate themselves with the installed app, and they simply receive an access token for future requests on the user's behalf.
Usage
Add a login endpoint and set it to use the hapi-access-token authentication strategy.
hapi-access-token does not maintain a session. Once the handler is called, the application must set its own session management.
var Hapi = ;var Boom = ;var server = 8000; // Register hapi-access-token with the serverserver;
Options
The server.auth.strategy()
method requires the following strategy options:
accessTokenKeyName
- The query parameter key you'll be specifying the access token in.profileUrl
- The URL where the user account can be foundvalidateFunc
- The function which will parse out the user's profile with the parameters:payload
- The response payload from theprofileUrl
accessToken
- The original access token used for this requestreply
- A Hapi authorization callback with any errors as the first parameter and therequest.auth
object as the second parameter