Lead Maintainer: Matt Harrison
Basic authentication requires validating a username and password combination. The 'basic'
scheme takes the following options:
validateFunc
- (required) a user lookup and password validation function with the signaturefunction(request, username, password, callback)
where:request
- is the hapi request object of the request which is being authenticated.username
- the username received from the client.password
- the password received from the client.callback
- a callback function with the signaturefunction(err, isValid, credentials)
where:err
- an internal error.isValid
-true
if both the username was found and the password matched, otherwisefalse
.credentials
- a credentials object passed back to the application inrequest.auth.credentials
. Typically,credentials
are only included whenisValid
istrue
, but there are cases when the application needs to know who tried to authenticate even when it fails (e.g. with authentication mode'try'
).
allowEmptyUsername
- (optional) iftrue
, allows making requests with an empty username. Defaults tofalse
.
var Bcrypt = require('bcrypt');
var users = {
john: {
username: 'john',
password: '$2a$10$iqJSHD.BGr0E2IxQwYgJmeP3NvhPrXAeLSaGCj6IR/XU5QtjVu5Tm', // 'secret'
name: 'John Doe',
id: '2133d32a'
}
};
var validate = function (request, username, password, callback) {
var user = users[username];
if (!user) {
return callback(null, false);
}
Bcrypt.compare(password, user.password, function (err, isValid) {
callback(err, isValid, { id: user.id, name: user.name });
});
};
server.register(require('hapi-auth-basic'), function (err) {
server.auth.strategy('simple', 'basic', { validateFunc: validate });
server.route({ method: 'GET', path: '/', config: { auth: 'simple' } });
});