hapi-auth-basic
Lead Maintainer: Matt Harrison
Basic authentication requires validating a username and password combination. The 'basic'
scheme takes the following options:
validateFunc
- (required) a user lookup and password validation function with the signaturefunction(request, username, password, callback)
where:request
- is the hapi request object of the request which is being authenticated.username
- the username received from the client.password
- the password received from the client.callback
- a callback function with the signaturefunction(err, isValid, credentials)
where:err
- an internal error. If defined will replace defaultBoom.unauthorized
errorisValid
-true
if both the username was found and the password matched, otherwisefalse
.credentials
- a credentials object passed back to the application inrequest.auth.credentials
. Typically,credentials
are only included whenisValid
istrue
, but there are cases when the application needs to know who tried to authenticate even when it fails (e.g. with authentication mode'try'
).
allowEmptyUsername
- (optional) iftrue
, allows making requests with an empty username. Defaults tofalse
.unauthorizedAttributes
- (optional) if set, passed directly to Boom.unauthorized if no customerr
is defined. Useful for setting realm attribute in WWW-Authenticate header. Defaults toundefined
.
const Bcrypt = ; const users = john: username: 'john' password: '$2a$10$iqJSHD.BGr0E2IxQwYgJmeP3NvhPrXAeLSaGCj6IR/XU5QtjVu5Tm' // 'secret' name: 'John Doe' id: '2133d32a' ; const validate = { const user = usersusername; if !user return ; Bcrypt;}; server;