Passport strategy for authenticating with a apikey.
This module lets you authenticate using a apikey in your Node.jsapplications which is used to build rest apis. By plugging into Passport, apikey authentication can be easily andunobtrusively integrated into any application or framework that supportsConnect-style middleware, includingExpress.
Installation
$ npm install passport-headerapikey
Usage
Configure Strategy
The api key authentication strategy authenticates users using a apikey.The strategy requires a verify
callback, which accepts thesecredentials and calls done
providing a user.
passport.use(new HeaderAPIKeyStrategy( { header: 'Authorization', prefix: 'Api-Key ' }, false, function(apikey, done) { User.findOne({ apikey: apikey }, function (err, user) { if (err) { return done(err); } if (!user) { return done(null, false); } return done(null, user); }); }));
Authenticate Requests
Use passport.authenticate()
, specifying the 'headerapikey'
strategy, toauthenticate requests.
For example, as route middleware in an Expressapplication:
app.post('/api/authenticate', passport.authenticate('headerapikey', { session: false, failureRedirect: '/api/unauthorized' }), function(req, res) { res.json({ message: "Authenticated" }) });
API
Constructor
new HeaderAPIKeyStrategy(header, passReqToCallback, verify);
Arguments:
headerConfig
(Object):header
(String): name of the header field to be used for api keys, default: X-Api-Key.prefix
(String): prefix to be used in content of the header, eg.Bearer adsfadsfa
, default: empty. Attention: give it with blank if needed, eg.'Bearer '
.
passReqToCallback
(Boolean): flags whether an express Request object is passed to the verify function.verify
(Function):apiKey
(String): parsed API key from from the request. Use it to determine, which user is using your endpoint.verified
(Function): Callback to be called when you have done the API key handling. Signature:verify(err, user, info) => void
.err
(Error): return an Error if user is not verified, otherwise yieldnull
hereuser
(Object, optional): only return user object if he is verified.info
(Object, optional): yield additional information to success or failure of user verification.
req
(express.Request, optional): express Request object ifpassReqToCallback
is set to true.
Examples
curl -v --header "Authorization: Api-Key asdasjsdgfjkjhg" http://127.0.0.1:3000/api/authenticate
Contributing
Clone the repo, then
npm installnpm run install-typings
and here we go.Develop your new features or fixes, test it using npm test
and create a pull request.
Credits
npm install passport-headerapikey
- 1.0.3 published 2 years ago
- https://github.com/hydra-newmedia/passport-headerapikey#readme
- MIT License
- 46 downloads in the last day
- 259 downloads in the last week
- 1,042 downloads in the last month