carbond.security.MongoDBApiKeyAuthenticator¶

extends ApiKeyAuthenticator

An implemetation of ApiKeyAuthenticator using MongoDB. It queries a MongoDB collection to find a user with an API key that matches the key sent with the request.

Instance Properties¶

¶

apiKeyField	`string`
Required
Description	The name of the field where the API key can be found on the user documents

¶

apiKeyLocation	`string` Inherited from`ApiKeyAuthenticator`
Default	`header`
Description	The loaction of the API key, either header or query.

¶

apiKeyParameterName	`string` Inherited from`ApiKeyAuthenticator`
Default	`Api-Key`
Description	The name of the API key parameter

¶

db	`DB`
Default	undefined
Description	A getter for the database object on the parent Service. If there are multiple databases, it will return the database defined in `dbName`

¶

dbName	`string`
Default	undefined
Description	The name of the database to use if there are multiple databases on the parent Service (in `dbs`)

¶

idGenerator	`IdGenerator` Inherited from`ApiKeyAuthenticator`
Default	`UUIDGenerator`
Description	The ID generator to generate API keys.

¶

maskUserObjectKeys	`string[]` Inherited from`ApiKeyAuthenticator`
Default	undefined
Description	An array of properties that should be masked on the user object in the logs. Used for masking sensitive information.

¶

userCollection	`string`
Required
Description	The name of the collection in which users are stored

Methods¶

¶

authenticate	Inherited from`ApiKeyAuthenticator`
Arguments	req (Request) – The current request
Throws	HttpErrors.Unauthorized If no user matching the API key is found
Throws	HttpErrors.InternalServerError If `apiKeyLocation` is malformed, or if there is an error finding the user.
Returns	An object representing the user
Return type	Object
Description	Authenticates the current request using an API key. Returns a user object that matches the API Key sent with the request. If no user matching the API key is found, throws a 401 Unauthorized error.

¶

findUser
Arguments	apiKey (string) – The API key from the request
Throws	Error if the db, userCollection, or apiKeyField is undefined.
Returns	An object representing the user if a match is found, otherwise undefined.
Return type	Object \| undefined
Description	Queries the database for a user which has an API key that matches the API key sent in the request.

¶

generateApiKey	Inherited from`ApiKeyAuthenticator`
Returns	A UUID (see [Wikipedia]undefined)
Return type	string
Description	Generates a UUID using `idGenerator`

¶

getAuthenticationHeaders	Inherited from`ApiKeyAuthenticator`
Returns	An array containing the name of the header which contains the API key. An empty array if the location of the API key is in the querystring.
Return type	string[]
Description	Gets an array containing `apiKeyParameterName`

¶

getService	Inherited from`ApiKeyAuthenticator`
Returns	The parent Service
Return type	`Service`
Description	A getter for the parent Service

¶

initialize	Inherited from`ApiKeyAuthenticator`
Arguments	service (`Service`) – The parent Service
Return type	undefined
Description	Initializes the authenticator. Called by `start` on the parent Service and sets this.service to the parent Service.

¶

throwUnauthenticated	Inherited from`ApiKeyAuthenticator`
Arguments	msg (string) – The message returned with the 401 error.
Throws	HttpErrors.Unauthorized
Return type	undefined
Description	Throws a 401 Unauthorized Error.