Closed hems closed 9 years ago
One hack that work when running tests is payload = JSON.parse(req._shot.payload)
, but that doesn't work when actually running the sever...
server.auth.scheme("payload_auth", function(server, options) {
return {
authenticate: function(request, reply) {
var payload, req;
req = request.raw.req;
payload = JSON.parse(req._shot.payload);
/** **/
}
};
});
Use the payload
authentication step. In 8.0 you can override the route config and require payload validation in the auth scheme.
Sorry, is the "payload" authentication only available at 8.0 ?
I tried to install 8.0 from master, but npm install failed:
tests/hapi8test [ npm install git://github.com/hapijs/hapi.git#master --save ] 7:22 pm
npm ERR! Error: version not found: inert@2.0.0-rc5
npm ERR! at /usr/local/lib/node_modules/npm/lib/cache/add-named.js:125:12
npm ERR! at saved (/usr/local/lib/node_modules/npm/node_modules/npm-registry-client/lib/get.js:167:7)
npm ERR! at Object.oncomplete (fs.js:107:15)
npm ERR! If you need help, you may report this *entire* log,
npm ERR! including the npm and node versions, at:
npm ERR! <http://github.com/npm/npm/issues>
npm ERR! System Darwin 13.4.0
npm ERR! command "node" "/usr/local/bin/npm" "install" "git://github.com/hapijs/hapi.git#master" "--save"
npm ERR! cwd /Users/hems/git/tests/hapi8test
npm ERR! node -v v0.10.33
npm ERR! npm -v 1.4.28
npm ERR! not ok code 0
tests/hapi8test [
Would that implementation be valid for hapi 7.x ?
// server.js
server.auth.scheme("my_custom_payload", function(server, options) {
return {
authenticate: function(request, reply) {
return reply(null, {
credentials: {
user: {}
}
});
},
payload: function(request, reply) {
if( false ) {
return reply( { error: 'my_error' } );
};
if( true ) {
return reply( null, {
credentials: {
user: user
}
});
};
},
options: {
payload: true
}
};
});
server.auth.strategy('payload', 'my_custom_payload');
// route.js
module.exports = {
method : 'POST',
path : '/api/v1/settings',
config : {
auth: "payload"
}
}
Payload auth is in 7.x but you need to manually force every route config to use it.
it's OK for now... what should i add that specification to my route?
is my scheme implementd correctly with the
{ options: { payload: true }}
and
reply( null, { credentials: { user: user } }
?
i'm trying to find the correct use on the website, but i'm still a bit confused
After reading the site carefully, i managed to make it ( :
Thank you :+1:
// server.js
server.auth.scheme("my_custom_scheme", function(server, options) {
return {
authenticate: function(request, reply) {
// authentication doesn't anything, we just keep it
// cause it's a required function?
return reply(null, {
credentials: {
user: {}
}
});
},
payload: function(request, reply) {
user = magic_code();
// here we fetch the parsed payload ?
payload = request.payload;
if (error) {
console.error(error);
return reply({
succes: false,
error: {
message: error,
code: 'db_error'
}
});
}
if (user === null) {
return reply({
error: 'user_not_found',
succes: false
});
}
// inject use into credentials object ?
request.auth.credentials.user = user;
return reply();
});
},
options: {
payload: true
}
};
});
server.auth.strategy('payload', 'my_custom_scheme');
// route.js
module.exports = {
method: 'POST',
path: '/api/v1/settings',
config: {
auth: {
strategies: ["payload"],
payload: true
}
}
};
If there are ways to improve the docs, please submit a PR.
I'm not sure if this example i have have done for payload validation would add something to the docs?
I guess this is 7.x related? I can't find the API Documentation for 7.x.
Also i never did the "make me hapi" tutorial, so i'm not sure if that payload validation example would go there.
Let me know, as i said i would be happy to update to 8.x ( but i did not find instructions to install that ) and help on the 8.x doc for instance adding a payload validation example or whatever other way we might find relevant.
I think it might be helpful to add something to the auth tutorial on hapijs.com.
where is the website repo? and where is the instructions to install 8.x ?
sorry there is so many modules under hapijs/ i scrolled through and did not find the website.
hapijs/hapijs.com and there should be an 8.x branch.
cool, i tried from master the other day did not work.
now npm install git://github.com/hapijs/hapi.git#master --save
went well ( :
will have a look on the site repo now.
I just added a first draft here: https://github.com/hems/hapijs.com/compare/hapijs:beta...hems:docs/payload_auth#diff-0
definitely need tweaking, please apologise my lack of experience with hapi ( :
let me know what to tweak, and i'm hapi to do it.
:+1:
a PR is the best way to get it reviewed.
no worries
In the implementation i'm doing i need to validate user_id / token from a payload, in order to do that i would like to access the parsed content of
request.payload
during my strategy in order to query my login database and forward the user credentials.But unfortunately during that phase of the Request Cycle, request.payload is undefined.
Any workarounds? Perhaps i should be using som server extension or another module in order to implement that?
example code: