-
Notifications
You must be signed in to change notification settings - Fork 42
Auth Verify
thiagobustamante edited this page May 21, 2017
·
1 revision
An Authentication Verify is a function than can be used by the authentication strategy to verify parameters and build the authenticated user object.
Tree Gateway provides 3 pre configured strategies:
These strategies support the use of a verify function, but depending on the strategy adopted, the verify middleware function will receive different parameters.
Each middleware must be defined on its own .js file.
The JWT verify function receives the following parameters:
- request: The request received from client by the gateway.
- jwt_payload: The payload extracted from the JWT token received (already validated).
- done_callback: A callback function, following the convention: callback(error, value). Where value will be the user object injected into request.user property.
Example:
/**
* @param request The request received from client by the gateway.
* @param jwt_payload The payload extracted from the JWT token received (already validated).
* @param done A callback function, following the convention: callback(error, value). Where
* value will be the user object injected into request.user property.
*/
*/
module.exports = function (request, jwt_payload, done){
console.log('Custom verify function called.');
done(null, jwt_payload);
};The Basic and Local verify function receives the following parameters:
- userid: The username provided by user.
- password: The password provided by user.
- done: A callback function, following the convention: callback(error, value). Where value will be the user object injected into request.user property.
Example:
const User = require('./my-user-service');
/**
* @param userid The username provided by user.
* @param password The password provided by user.
* @param done A callback function, following the convention: callback(error, value). Where
* value will be the user object injected into request.user property.
*/
*/
module.exports = function (userid, password, done){
// console.log('Custom verify function called.');
User.findOne({ username: userid }, function (err, user) {
if (err) { return done(err); }
if (!user) { return done(null, false); }
if (!user.verifyPassword(password)) { return done(null, false); }
return done(null, user);
});
};You can configure an auth verify middleware through:
- Admin Rest API:
POST /midleware/authentication/verify - SDK:
sdk.middleware.addAuthVerify(name, fileName); - CLI:
treeGatewayConfig middleware authVerify -a <name> ./filename.js