carbond.security.HttpBasicAuthenticator¶
extends Authenticator
An authenticator for the Basic HTTP Authenitcation Scheme.
Instance Properties¶
- ¶
passwordField stringRequired Description Name of the field that contains the password in the database.
- ¶
passwordHashFn string | functionDefault noopDescription Either a string representing a Hasher(possible values are noop, sha256, and bcrypt), an instance ofHasheror a constructor function for aHasher.
- ¶
usernameField stringRequired Description Name of the field that contains the username in the database.
Abstract Methods¶
- ¶
findUser Arguments - username (string) – The username sent by the client.
Throws Error If the usernameField or passwordField are undefined. Description Find a user matching a username. Must be implemented by subcalsses.
- ¶
getAuthenticationHeaders Inherited fromAuthenticatorReturns An array of strings representing request headers. Return type string[] Description Gets the names of the request headers where authentication details can be found. Should be implemented by subclasses, for example: ApiKeyAuthenticator. Must be implemented by subclasses which use headers other than the Authorization header. Otherwise the custom headers will be blocked by the Service.
Methods¶
- ¶
authenticate Arguments - req (Request) – The current request
Throws HttpErrors.Unauthorized If credentials weren’t validated Returns An object representing the user. Undefined if no credentials are found on the request. Return type Object | undefined Description Authenticates a request using HTTP Baisc. Returns a user object that matches the username and password sent with the request. If no user matching the username and password is found, throws a 401 Unauthorized error.
- ¶
getService Inherited fromAuthenticatorReturns The parent Service Return type ServiceDescription A getter for the parent Service
- ¶
initialize Inherited fromAuthenticatorArguments - service (
Service) – The parent Service
Return type undefined Description Initializes the authenticator. Called by starton the parent Service and sets this.service to the parent Service.- service (
- ¶
throwUnauthenticated Inherited fromAuthenticatorArguments - msg (string) – The message returned with the 401 error.
Throws HttpErrors.Unauthorized Return type undefined Description Throws a 401 Unauthorized Error.
- ¶
validateCreds Arguments - username (string) – username from the HTTP request
- password (string) – password from the HTTP request
Throws Service.errors.InternalServerError 500 Internal Server Error Returns Object representing the user if a user matching the username and password is found. Otherwise returns undefined. Return type Object | undefined Description Finds a user matching a username and password. The password is checked using the hash function.