An abstract class used for authenticating requests. Authenticators should extend this class and implement their own authenticate method.

Abstract Methods

  • req (Request) – The current request
Throws HttpErrors.Unauthorized If credentials are present but they fail verification.
Throws HttpErrors.InternalServerError If there is an exception on user lookup.
Returns This should return an object representing the user or undefined if the credendtials are missing.
Return type Object | undefined
Description Authenticates the user for a request. Should be implemented by subclasses, for example: MongoDBHttpBasicAuthenticator.
Returns An array of strings representing request headers.
Return type string[]
Description Gets the names of the request headers where authentication details can be found. Should be implemented by subclasses, for example: ApiKeyAuthenticator. Must be implemented by subclasses which use headers other than the Authorization header. Otherwise the custom headers will be blocked by the Service.


Returns The parent Service
Return type Service
Description A getter for the parent Service
  • service (Service) – The parent Service
Return type undefined
Description Initializes the authenticator. Called by start on the parent Service and sets this.service to the parent Service.
  • msg (string) – The message returned with the 401 error.
Throws HttpErrors.Unauthorized
Return type undefined
Description Throws a 401 Unauthorized Error.