Integrate API Key based authentication in your nodejs application using this Passport strategy.
npm install github:perusworld/passport-apikey --save
Register strategy with default values using
passport.use(APIKeyStrategyProvider.getInstance());
Register for handling the authentication during each request using
router.use(passport.authenticate('apikey', { session: false }));
The default api key strategy using a single api key for all requests from all users. The values for which could either be loaded using code
passport.use(APIKeyStrategyProvider.getInstance({ enabled: true, keyName: 'yourKeyName', keySource: APIKeySource.HEADER, keyValue: 'yourKeyValue' }));
or via environment variables
export API_KEY_ENABLED="true"
export API_KEY_SOURCE="header"
export API_KEY_NAME="yourKeyName"
export API_KEY_VALUE="yourKeyValue"
The default values are
API_KEY_ENABLED="true"
API_KEY_SOURCE="header"
API_KEY_NAME="yourKeyName"
API_KEY_VALUE="yourKeyValue"
The API_KEY_SOURCE determines if the api key is read from the header or query/body
API_KEY_SOURCE="header" //read from header
API_KEY_SOURCE="request" //read from body or query in that order
You can override the default api key strategy that uses a single key for all requests by adding your own implementation class as below
export class YourAPIKeyStrategy extends APIKeyStrategy {
constructor(cfg: APIKeyStrategyConfig = new APIKeyStrategyConfig()) {
super(cfg);
}
public authenticate(callback: passport.StrategyCreatedStatic, req: Request, options?: any): any {
if (/* your implemenation to check api key */) {
callback.success({ apiKey: value }, {});
} else {
callback.fail();
}
}
}
Once you have done that, you can pass this during config as below
passport.use(APIKeyStrategyProvider.getInstance({ enabled: true, keyName: 'yourKeyName', keySource: APIKeySource.HEADER, keyValue: 'yourKeyValue' },YourAPIKeyStrategy));