hapi-auth-bearer
Bearer authentication
This scheme requires the following options:
-
validateFunc
- Function with signaturefunction(secretOrToken, callback)
where:secretOrToken
- thesecret
if optionbase64: true
is set, otherwise the raw token value is passed in.callback
- the callback function with signaturefunction(err, credentials)
where:err
- an internal error.credentials
- a credentials object that gets passed back to the application inrequest.auth.credentials
. Returnnull
orundefined
to when the credentials are unknown (and not an error).
-
base64
- Boolean value (defaults tofalse
aka just accepts a raw token value). This gives you the ability to pass back a base64 encoded authorization header: base64(SECRET:TOKEN)- i.e.) Bearer NTJlYjRmZmRmM2M3MjNmZjA1MTEwYmYxOjk5ZWQyZjdmMWRiNjBiZDBlNGY1ZjQ4ZjRhMWVhNWVjMmE4NzU2ZmU=
Using Token
var Hapi = ;var server = ; var credentials = someSuperSecureToken: user: /** ... */ ; var { if !credentialstoken ; else ; }; serverpack;
Using Base64 (secret & token)
var Hapi = ;var server = ; var credentials = shhImASecret: token: 'someSuperSecureToken' user: /** ... */ ; var { if !credentialssecret || credentialssecrettoken !== token ; ; }; serverpack;