carbond.security.Authenticator

An abstract class used for authenticating requests. Authenticators should extend this class and implement their own authenticate method.

Abstract Methods

authenticate  
Arguments
  • req (Request) – The current request
Throws HttpErrors.Unauthorized If credentials are present but they fail verification.
Throws HttpErrors.InternalServerError If there is an exception on user lookup.
Returns This should return an object representing the user or undefined if the credendtials are missing.
Return type Object | undefined
Description Authenticates the user for a request. Should be implemented by subclasses, for example: MongoDBHttpBasicAuthenticator.
getAuthenticationHeaders  
Returns An array of strings representing request headers.
Return type string[]
Description Gets the names of the request headers where authentication details can be found. Should be implemented by subclasses, for example: ApiKeyAuthenticator. Must be implemented by subclasses which use headers other than the Authorization header. Otherwise the custom headers will be blocked by the Service.

Methods

getService  
Returns The parent Service
Return type Service
Description A getter for the parent Service
initialize  
Arguments
  • service (Service) – The parent Service
Return type undefined
Description Initializes the authenticator. Called by start on the parent Service and sets this.service to the parent Service.
throwUnauthenticated  
Arguments
  • msg (string) – The message returned with the 401 error.
Throws HttpErrors.Unauthorized
Return type undefined
Description Throws a 401 Unauthorized Error.