Skip to content

futurestudio/hapi-authorized-scope

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

196 Commits

.github

.github

 
 

lib

lib

 
 

media

media

 
 

test

test

 
 

.eslintrc.json

.eslintrc.json

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

package.json

package.json

 
 

Repository files navigation

hapi-authorized-scope logo

Determine which scope authorized a user on a route.


Installation · Usage



Build Status hapi-authorized-scope Version

Follow @marcuspoehls for updates!

The Future Studio University supports development of this hapi plugin 🚀
Join the Future Studio University and Skyrocket in Node.js

Introduction

The hapi-authorized-scope plugin determines and stores the scope that authorized an authenticated request. You'll find the scope authorizing the request in request.auth.authorizedScope.

In hapi, you’ll find all auth-related details in request.auth, that’s the reason this plugin adds the authorizedScope property there:

{
  isAuthenticated: true,
  isAuthorized: true,
  credentials: { username: 'marcus', scope: ['admin', 'user'] },
  artifacts: null,
  strategy: 'test',
  mode: 'required',
  error: null,
  isInjected: true,
  authorizedScope: 'user'  // <-- added: the authorized scope that let the user access a route
}

Requirements

hapi v19 (or later) and Node.js v12 (or newer)

This plugin requires hapi v19 (or later) and Node.js v12 or newer.

Compatibility

Major Release hapi.js version Node.js version
v2 >=17 hapi >=12
v1 >=17 hapi >=8

Installation

Add hapi-authorized-scope as a dependency to your project:

npm i hapi-authorized-scope

Usage

The usage is pretty straightforward: register the plugin to your hapi server and that’s it:

await server.register({
  plugin: require('hapi-authorized-scope')
})

// went smooth like chocolate :)

hapi-authorized-scope extends the request lifecycle onPostAuth and finds the first scope in the authenticated credentials that authorizes the request to access the route.

In your route handlers or request lifecycle extension points, you may access the authorized scope like this:

{
  method: 'GET',
  path: '/profile',
  options: {
    handler: async (request, h) {
      const authorizedScope = request.auth.authorizedScope

      Logger.debug(`Scope authorizing the user to access this route: ${authorizedScope}`)

      return h.view('profile')
    }
  }
}

Enjoy!

Links & Resources

Contributing

  1. Create a fork
  2. Create your feature branch: git checkout -b my-feature
  3. Commit your changes: git commit -am 'Add some feature'
  4. Push to the branch: git push origin my-new-feature
  5. Submit a pull request 🚀

License

MIT © Future Studio

futurestud.io  ·  GitHub @futurestudio  ·  Twitter @futurestud_io

About

Finds the scope that authorizes a user on a route

Topics

hapi hapijs auth authorization hapi-plugin scope future-studio-university

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages