The Future Studio University supports development of this hapi plugin 馃殌
Join the Future Studio University and Skyrocket in Node.js
The hapi-authorized-scope
plugin determines and stores the scope that authorized an authenticated request. You'll find the scope authorizing the request in request.auth.authorizedScope
.
In hapi, you鈥檒l find all auth-related details in request.auth
, that鈥檚 the reason this plugin adds the authorizedScope
property there:
{
isAuthenticated: true,
isAuthorized: true,
credentials: { username: 'marcus', scope: ['admin', 'user'] },
artifacts: null,
strategy: 'test',
mode: 'required',
error: null,
isInjected: true,
authorizedScope: 'user' // <-- added: the authorized scope that let the user access a route
}
hapi v19 (or later) and Node.js v12 (or newer)
This plugin requires hapi v19 (or later) and Node.js v12 or newer.
Major Release | hapi.js version | Node.js version |
---|---|---|
v2 |
>=17 hapi |
>=12 |
v1 |
>=17 hapi |
>=8 |
Add hapi-authorized-scope
as a dependency to your project:
npm i hapi-authorized-scope
The usage is pretty straightforward: register the plugin to your hapi server and that鈥檚 it:
await server.register({
plugin: require('hapi-authorized-scope')
})
// went smooth like chocolate :)
hapi-authorized-scope
extends the request lifecycle onPostAuth
and finds the first scope in the authenticated credentials that authorizes the request to access the route.
In your route handlers or request lifecycle extension points, you may access the authorized scope like this:
{
method: 'GET',
path: '/profile',
options: {
handler: async (request, h) {
const authorizedScope = request.auth.authorizedScope
Logger.debug(`Scope authorizing the user to access this route: ${authorizedScope}`)
return h.view('profile')
}
}
}
Enjoy!
- hapi tutorial series with 100+ tutorials
- Create a fork
- Create your feature branch:
git checkout -b my-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request 馃殌
MIT 漏 Future Studio
futurestud.io 聽路聽 GitHub @futurestudio 聽路聽 Twitter @futurestud_io