Lead Maintainer: Steve Tan
A 'local'
authentication scheme for Hapi, based on passport-local; Reads in username and password from request body.
Local authentication requires validating a username and password combination. The 'local'
scheme takes the following options:
-
usernameField
- (optional) the name of the username field. -
passwordField
- (optional) the name of the password field. -
validateFunc
- (required) a user lookup and password validation function with the signaturefunction(request, username, password, callback)
where:-
request
- is the hapi request object of the request which is being authenticated. -
username
- the username received from the client. -
password
- the password received from the client. -
callback
- a callback function with the signaturefunction(error, isValid, credentials)
where:-
error
- an internal error. -
isValid
-true
if both the username was found and the password matched, otherwisefalse
. -
credentials
- a credentials object passed back to the application inrequest.auth.credentials
. Typically,credentials
are only included whenisValid
istrue
, but there are cases when the application needs to know who tried to authenticate even when it fails (e.g. with authentication mode'try'
).
-
-