Merge 315bc43 into 5609d75

Badgerati · Jul 13, 2020 · 1fc4c6d · 1fc4c6d
2 parents 5609d75 + 315bc43
commit 1fc4c6d
Show file tree

Hide file tree

Showing 37 changed files with 602 additions and 486 deletions.
diff --git a/docs/Getting-Started/Migrating/1X-to-2X.md b/docs/Getting-Started/Migrating/1X-to-2X.md
@@ -6,11 +6,11 @@ In Pode v2.X the Server got the biggest overhaul with the dropping of HttpListen
 
 ## Server
 
-If you were previously specifying `-Type Pode` on your [`Start-PodeServer`], then you no longer need to - all servers now default to using Pode new .NET Core socket listener.
+If you were previously specifying `-Type Pode` on your [`Start-PodeServer`](../../../Functions/Core/Start-PodeServer), then you no longer need to - all servers now default to using Pode new .NET Core socket listener.
 
 ### Endpoints
 
-With the dropping of HttpListener, the `-Certificate` parameter is now the old `-CertificateFile` parameter. The `-RawCertificate` parameter has been ranamed, and it now called `-X509Certificate`.
+With the dropping of HttpListener, the `-Certificate` parameter is now the old `-CertificateFile` parameter. The `-RawCertificate` parameter has been renamed, and it now called `-X509Certificate`.
 
 The `-CertificateThumbprint` parameter remains the same, and only works on Windows.
 The `-Certificate` parameter is now the `-CertificateName` parameter, and also only works on Windows.
@@ -42,3 +42,19 @@ to:
     }
 }
 ```
+
+### Authentication
+
+Authentication underwent a hefty change in 2.0, with `Get-PodeAuthMiddleware` being removed.
+
+First, `New-PodeAuthType` has been renamed to [`New-PodeAuthScheme`] - with its `-Scheme` parameter also being renamed to `-Type`.
+
+The old `-AutoLogin` (now just `-Login`), and `-Logout` switches, from `Get-PodeAuthMiddleware`, have been moved onto the [`Add-PodeRoute`] function. The [`Add-PodeRoute`] function now also has a new `-Authentication` parameter, which accepts the name of an Auth supplied to [`Add-PodeAuth`]; this will automatically setup authentication middleware for that route.
+
+The old `-Sessionless`, `-FailureUrl`, `-FailureMessage` and `-SuccessUrl` parameters, from `Get-PodeAuthMiddleware`, have all been moved onto the [`Add-PodeAuth`] function.
+
+The old `-EnabledFlash` switch has been removed (it's just enabled by default if sessions are enabled).
+
+There's also a new [`Add-PodeAuthMiddleware`] function, which will let you setup global authentication middleware.
+
+Furthermore, the OpenAPI functions for `Set-PodeOAAuth` and `Set-PodeOAGlobalAuth` have been removed. The new [`Add-PodeAuthMiddleware`] function and `-Authentication` parameter on [`Add-PodeRoute`] set these up for you automatically in OpenAPI.
diff --git a/docs/Hosting/IIS.md b/docs/Hosting/IIS.md
@@ -85,9 +85,9 @@ If you decide to use IIS for Windows Authentication, then you can retrieve the a
 Start-PodeServer {
     Add-PodeEndpoint -Address 127.0.0.1 -Protocol Http
 
-    Add-PodeAuthIIS -Name 'IISAuth'
+    Add-PodeAuthIIS -Name 'IISAuth' -Sessionless
 
-    Add-PodeRoute -Method Get -Path '/test' -Middleware (Get-PodeAuthMiddleware -Name 'IISAuth' -Sessionless) -ScriptBlock {
+    Add-PodeRoute -Method Get -Path '/test' -Authentication 'IISAuth' -ScriptBlock {
         param($e)
         Write-PodeJsonResponse -Value @{ User = $e.Auth.User }
     }

diff --git a/docs/Tutorials/Authentication/Inbuilt/UserFile.md b/docs/Tutorials/Authentication/Inbuilt/UserFile.md
@@ -10,7 +10,7 @@ To use user file authentication you can use the [`Add-PodeAuthUserFile`](../../.
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthUserFile -Name 'Login'
+    New-PodeAuthScheme -Form | Add-PodeAuthUserFile -Name 'Login'
 }
 ```
 
@@ -55,7 +55,7 @@ The password is normally a standard SHA256 hash, but Pode does support HMAC SHA2
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthUserFile -Name 'Login' -HmacSecret '<some-secret>'
+    New-PodeAuthScheme -Form | Add-PodeAuthUserFile -Name 'Login' -HmacSecret '<some-secret>'
 }
 ```
 
@@ -74,7 +74,7 @@ The User object returned, and accessible on Routes, and other functions via the
 Such as:
 
 ```powershell
-Add-PodeRoute -Method Get -Path '/info' -Middleware (Get-PodeAuthMiddleware -Name 'Login') -ScriptBlock {
+Add-PodeRoute -Method Get -Path '/info' -Authentication 'Login' -ScriptBlock {
     param($e)
     Write-Host $e.Auth.User.Username
 }
@@ -86,7 +86,7 @@ You can supply a list of group names to validate that users are a member of them
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthUserFile -Name 'Login' -Groups @('admins', 'devops')
+    New-PodeAuthScheme -Form | Add-PodeAuthUserFile -Name 'Login' -Groups @('admins', 'devops')
 }
 ```
 
@@ -98,7 +98,7 @@ You can supply a list of authorised usernames to validate a user's access, after
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Users @('jsnow', 'rsanchez')
+    New-PodeAuthScheme -Form | Add-PodeAuthWindowsAd -Name 'Login' -Users @('jsnow', 'rsanchez')
 }
 ```
 

diff --git a/docs/Tutorials/Authentication/Inbuilt/WindowsAD.md b/docs/Tutorials/Authentication/Inbuilt/WindowsAD.md
@@ -10,7 +10,7 @@ To enable Windows AD authentication you can use the [`Add-PodeAuthWindowsAd`](..
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login'
+    New-PodeAuthScheme -Form | Add-PodeAuthWindowsAd -Name 'Login'
 }
 ```
 
@@ -33,7 +33,7 @@ The User object returned, and accessible on Routes, and other functions via `$e.
 Such as:
 
 ```powershell
-Add-PodeRoute -Method Get -Path '/info' -Middleware (Get-PodeAuthMiddleware -Name 'Login') -ScriptBlock {
+Add-PodeRoute -Method Get -Path '/info' -Authentication 'Login' -ScriptBlock {
     param($e)
     Write-Host $e.Auth.User.Username
 }
@@ -45,7 +45,7 @@ If you want to supply a custom DNS domain, then you can supply the `-Fqdn` param
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Fqdn 'test.example.com'
+    New-PodeAuthScheme -Form | Add-PodeAuthWindowsAd -Name 'Login' -Fqdn 'test.example.com'
 }
 ```
 
@@ -55,7 +55,7 @@ You can supply a list of group names to validate that user's are a member of the
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Groups @('admins', 'devops')
+    New-PodeAuthScheme -Form | Add-PodeAuthWindowsAd -Name 'Login' -Groups @('admins', 'devops')
 }
 ```
 
@@ -67,7 +67,7 @@ You can supply a list of authorised usernames to validate a user's access, after
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Users @('jsnow', 'rsanchez')
+    New-PodeAuthScheme -Form | Add-PodeAuthWindowsAd -Name 'Login' -Users @('jsnow', 'rsanchez')
 }
 ```
 

diff --git a/docs/Tutorials/Authentication/Methods/Basic.md b/docs/Tutorials/Authentication/Methods/Basic.md
@@ -4,11 +4,11 @@ Basic Authentication is when you pass an encoded `username:password` value on th
 
 ## Setup
 
-To setup and start using Basic Authentication in Pode you use the `New-PodeAuthType -Basic` function, and then pipe this into the [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function. The [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function's ScriptBlock is supplied the username and password:
+To setup and start using Basic Authentication in Pode you use the `New-PodeAuthScheme -Basic` function, and then pipe this into the [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function. The [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function's ScriptBlock is supplied the username and password:
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Basic | Add-PodeAuth -Name 'Login' -ScriptBlock {
+    New-PodeAuthScheme -Basic | Add-PodeAuth -Name 'Login' -Sessionless -ScriptBlock {
         param($username, $password)
 
         # check if the user is valid
@@ -18,13 +18,13 @@ Start-PodeServer {
 }
 ```
 
-By default, Pode will check if the Request's header contains an `Authorization` key, and whether the value of that key starts with `Basic`. The `New-PodeAuthType -Basic` function can be supplied parameters to customise this name, as well as the encoding.
+By default, Pode will check if the Request's header contains an `Authorization` key, and whether the value of that key starts with `Basic`. The `New-PodeAuthScheme -Basic` function can be supplied parameters to customise this name, as well as the encoding.
 
 For example, to use `ASCII` encoding rather than the default `ISO-8859-1` you could do:
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Basic -Encoding 'ASCII' | Add-PodeAuth -Name 'Login' -ScriptBlock {}
+    New-PodeAuthScheme -Basic -Encoding 'ASCII' | Add-PodeAuth -Name 'Login' -Sessionless -ScriptBlock {}
 }
 ```
 
@@ -36,15 +36,15 @@ The following will use Basic Authentication to validate every request on every R
 
 ```powershell
 Start-PodeServer {
-    Get-PodeAuthMiddleware -Name 'Login' | Add-PodeMiddleware -Name 'GlobalAuthValidation'
+    Add-PodeAuthMiddleware -Name 'GlobalAuthValidation' -Authentication 'Login'
 }
 ```
 
 Whereas the following example will use Basic authentication to only validate requests on specific a Route:
 
 ```powershell
 Start-PodeServer {
-    Add-PodeRoute -Method Get -Path '/info' -Middleware (Get-PodeAuthMiddleware -Name 'Login') -ScriptBlock {
+    Add-PodeRoute -Method Get -Path '/info' -Authentication 'Login' -ScriptBlock {
         # logic
     }
 }
@@ -59,7 +59,7 @@ Start-PodeServer {
     Add-PodeEndpoint -Address * -Port 8080 -Protocol Http
 
     # setup basic authentication to validate a user
-    New-PodeAuthType -Basic | Add-PodeAuth -Name 'Login' -ScriptBlock {
+    New-PodeAuthScheme -Basic | Add-PodeAuth -Name 'Login' -Sessionless -ScriptBlock {
         param($username, $password)
 
         # here you'd check a real user storage, this is just for example
@@ -78,7 +78,7 @@ Start-PodeServer {
     }
 
     # check the request on this route against the authentication
-    Add-PodeRoute -Method Get -Path '/cpu' -Middleware (Get-PodeAuthMiddleware -Name 'Login') -ScriptBlock {
+    Add-PodeRoute -Method Get -Path '/cpu' -Authentication 'Login' -ScriptBlock {
         Write-PodeJsonResponse -Value @{ 'cpu' = 82 }
     }
 

diff --git a/docs/Tutorials/Authentication/Methods/Bearer.md b/docs/Tutorials/Authentication/Methods/Bearer.md
@@ -4,11 +4,11 @@ Bearer Authentication lets you authenticate a user based on a token, with option
 
 ## Setup
 
-To setup and start using Bearer Authentication in Pode you use the `New-PodeAuthType -Bearer` function, and then pipe this into the [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function. The parameter supplied to the [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function's ScriptBlock is the `$token`:
+To setup and start using Bearer Authentication in Pode you use the `New-PodeAuthScheme -Bearer` function, and then pipe this into the [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function. The parameter supplied to the [`Add-PodeAuth`](../../../../Functions/Authentication/Add-PodeAuth) function's ScriptBlock is the `$token`:
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Bearer | Add-PodeAuth -Name 'Authenticate' -ScriptBlock {
+    New-PodeAuthScheme -Bearer | Add-PodeAuth -Name 'Authenticate' -ScriptBlock {
         param($token)
 
         # check if the token is valid, and get user
@@ -20,11 +20,11 @@ Start-PodeServer {
 
 By default, Pode will check if the Request's header contains an `Authorization` key, and whether the value of that key starts with `Bearer`.
 
-You can also optionally return a `Scope` property alongside the `User`. If you specify any scopes with [`New-PodeAuthType`](../../../../Functions/Authentication/New-PodeAuthType) then it will be validated in the Bearer's post validator - a 403 will be returned if the scope is invalid.
+You can also optionally return a `Scope` property alongside the `User`. If you specify any scopes with [`New-PodeAuthScheme`](../../../../Functions/Authentication/New-PodeAuthScheme) then it will be validated in the Bearer's post validator - a 403 will be returned if the scope is invalid.
 
 ```powershell
 Start-PodeServer {
-    New-PodeAuthType -Bearer -Scope 'write' | Add-PodeAuth -Name 'Authenticate' -ScriptBlock {
+    New-PodeAuthScheme -Bearer -Scope 'write' | Add-PodeAuth -Name 'Authenticate' -ScriptBlock {
         param($token)
 
         # check if the token is valid, and get user
@@ -42,15 +42,15 @@ The following will use Bearer Authentication to validate every request on every
 
 ```powershell
 Start-PodeServer {
-    Get-PodeAuthMiddleware -Name 'Authenticate' | Add-PodeMiddleware -Name 'GlobalAuthValidation'
+    Add-PodeAuthMiddleware -Name 'GlobalAuthValidation' -Authentication 'Authenticate'
 }
 ```
 
 Whereas the following example will use Bearer authentication to only validate requests on specific a Route:
 
 ```powershell
 Start-PodeServer {
-    Add-PodeRoute -Method Get -Path '/info' -Middleware (Get-PodeAuthMiddleware -Name 'Authenticate') -ScriptBlock {
+    Add-PodeRoute -Method Get -Path '/info' -Authentication 'Authenticate' -ScriptBlock {
         # logic
     }
 }
@@ -65,7 +65,7 @@ Start-PodeServer {
     Add-PodeEndpoint -Address * -Port 8080 -Protocol Http
 
     # setup bearer authentication to validate a user
-    New-PodeAuthType -Bearer | Add-PodeAuth -Name 'Authenticate' -ScriptBlock {
+    New-PodeAuthScheme -Bearer | Add-PodeAuth -Name 'Authenticate' -Sessionless -ScriptBlock {
         param($token)
 
         # here you'd check a real storage, this is just for example
@@ -85,7 +85,7 @@ Start-PodeServer {
     }
 
     # check the request on this route against the authentication
-    Add-PodeRoute -Method Get -Path '/cpu' -Middleware (Get-PodeAuthMiddleware -Name 'Authenticate') -ScriptBlock {
+    Add-PodeRoute -Method Get -Path '/cpu' -Authentication 'Authenticate' -ScriptBlock {
         Write-PodeJsonResponse -Value @{ 'cpu' = 82 }
     }