User authentication plugin for the seneca module.

seneca-auth - Node.js module

A user authentication plugin for the Seneca toolkit

Dependencies: seneca-user

Current Version: 0.2.9

Tested on: Node 0.10.24, Seneca 0.5.16

NOTE: documentation is in progress. Take a look at the user accounts example.

The API endpoints return a HTTP redirect when a form submission is made against them. That is, when the Content-Type header is one of:

  • application/x-www-form-urlencoded
  • multipart/form-data

For application/json, a JSON response is returned instead of a redirect.

You can control this behavior explicitly by providing a redirect=yes|no query parameter:


You can also control this behaviour using the plugin options:

 seneca.use('auth', {redirect:{always:true}} )

With always:true, a redirect always occurs.

The default behaviour is to redirect if no other rule above applies.

The module takes a restrict parameter (string or array) to allow only authenticated requests to those endpoints. It will return HTTP code 401 (Unauthorized) for requests matching these paths.

seneca.use('auth', {restrict:['/api/']})

Login an existing user and set a login token. A new login entity is created for each login.

  • default url path: /auth/login
  • options property: urlpath.login

Logout an existing user with an active login. The login entity is updated to reflect the end of the login.

  • default url path: /auth/logout
  • options property: urlpath.logout

Get the details of an existing, logged in user.

  • default url path: /auth/instance
  • options property: urlpath.instance

Seneca-auth embeds a default provider that allows local user registration/login without using a third party identity provider.