Skip to content
/ fastify-auth Public
forked from fastify/fastify-auth

Run multiple auth functions in Fastify

License

MIT license
0 stars 56 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

moklick/fastify-auth

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

69 Commits

test

test

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

example-async.js

example-async.js

 
 

example-composited.js

example-composited.js

 
 

example.js

example.js

 
 

fastify-auth.d.ts

fastify-auth.d.ts

 
 

fastify-auth.js

fastify-auth.js

 
 

package.json

package.json

 
 

Repository files navigation

fastify-auth

Greenkeeper badge js-standard-style
Build Status

This module does not provide an authentication strategy, but it provides a very fast utility to handle authentication (also multiple strategies) in your routes, without adding overhead.
Check out the complete example here.

Install

npm i fastify-auth

Usage

As said above, fastify-auth does not provide an authentication strategy, so you must provide authentication by yourself, with a decorator or another plugin. In the following example you will find a very simple implementation that should help you understand how use this module.

fastify
  .decorate('verifyJWTandLevel', function (request, reply, done) {
    // your validation logic
    done() // pass an error if the authentication fails
  })
  .decorate('verifyUserAndPassword', function (request, reply, done) {
    // your validation logic
    done() // pass an error if the authentication fails
  })
  .register(require('fastify-auth'))
  .after(() => {
    fastify.route({
      method: 'POST',
      url: '/auth-multiple',
      preHandler: fastify.auth([
        fastify.verifyJWTandLevel,
        fastify.verifyUserAndPassword
      ]),
      handler: (req, reply) => {
        req.log.info('Auth route')
        reply.send({ hello: 'world' })
      }
    })
  })

And the default relationship of these customized authentication is or, while we could also use and. for eg

fastify
  .decorate('verifyAdmin', function (request, reply, done) {
    // your validation logic
    done() // pass an error if the authentication fails
  })
  .decorate('verifyReputation', function (request, reply, done) {
    // your validation logic
    done() // pass an error if the authentication fails
  })
  .register(require('fastify-auth'))
  .after(() => {
    fastify.route({
      method: 'POST',
      url: '/auth-multiple',
      preHandler: fastify.auth([
        fastify.verifyAdmin,
        fastify.verifyReputation
      ], {
        relation: 'and'
      }),
      handler: (req, reply) => {
        req.log.info('Auth route')
        reply.send({ hello: 'world' })
      }
    })
  })

For more examples, please check example-composited.js

This plugin support callback and Promise returned by the functions. Note that an async function doesn't have to use the done parameter:

fastify
  .decorate('asyncVerifyJWTandLevel', async function (request, reply) {
    // your async validation logic
    await validation()
    // throws an error if the authentication fails
  })
  .decorate('asyncVerifyUserAndPassword', function (request, reply) {
    // return a promise that throws an error if the authentication fails
    return myPromiseValidation()
  })
  .register(require('fastify-auth'))
  .after(() => {
    fastify.route({
      method: 'POST',
      url: '/auth-multiple',
      preHandler: fastify.auth([
        fastify.asyncVerifyJWTandLevel,
        fastify.asyncVerifyUserAndPassword
      ]),
      handler: (req, reply) => {
        req.log.info('Auth route')
        reply.send({ hello: 'world' })
      }
    })
  })

Keep in mind that route definition should either be done as a plugin or within .after() callback. For complete example implementation see example.js.

fastify-auth will run all your authentication methods and your request will continue if at least one succeds, otherwise it will return an error to the client. Any successful authentication will automatically stop fastify-auth from trying the rest, unless you provide the run: 'all' parameter:

fastify.route({
  method: 'GET',
  url: '/run-all',
  preHandler: fastify.auth([
    (request, reply, done) => { console.log('executed 1'); done() },
    (request, reply, done) => { console.log('executed 2'); done() },
    (request, reply, done) => { console.log('executed 3'); done(new Error('you are not authenticated')) },
    (request, reply, done) => { console.log('executed 4'); done() },
    (request, reply, done) => { console.log('executed 5'); done(new Error('you shall not pass')) }
  ], { run: 'all' }),
  handler: (req, reply) => { reply.send({ hello: 'world' }) }
})

This example will show all the console logs and will reply always with 401: you are not authenticated. The run parameter is useful if you are adding to the request business data read from auth-tokens.

You can use this plugin on route level, as in the above example or on hook level, by using the preHandler hook:

fastify.addHook('preHandler', fastify.auth([
  fastify.verifyJWTandLevel,
  fastify.verifyUserAndPassword
]))

fastify.route({
  method: 'POST',
  url: '/auth-multiple',
  handler: (req, reply) => {
    req.log.info('Auth route')
    reply.send({ hello: 'world' })
  }
})

The difference between the two approaches is that if you use the route level preHandler function the authentication will run just for the selected route. Whereas if you use the preHandler hook the authentication will run for all the routes declared inside the current plugin (and its descendants).

Acknowledgements

This project is kindly sponsored by:

License

Licensed under MIT.

About

Run multiple auth functions in Fastify

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

10 tags

Packages

No packages published

Languages

  • JavaScript 96.5%
  • TypeScript 3.5%