carbond.security.MongoDBHttpBasicAuthenticator¶

extends HttpBasicAuthenticator

An implemetation of HttpBasicAuthenticator using MongoDB. It queries a MongoDB collection to find a user with a username and password that matches the username and password sent with the request.

Instance Properties¶

¶

dbName	`string`
Required
Description	The name of the database to use if there are multiple databases on the parent Service (in `dbs`)

¶

passwordField	`string` Inherited from`HttpBasicAuthenticator`
Required
Description	Name of the field that contains the password in the database.

¶

passwordHashFn	`string \| function` Inherited from`HttpBasicAuthenticator`
Default	`noop`
Description	Either a string representing a `Hasher` (possible values are noop, sha256, and bcrypt), an instance of `Hasher` or a constructor function for a `Hasher`.

¶

userCollection	`string`
Required
Description	The name of the collection in which users are stored

¶

usernameField	`string` Inherited from`HttpBasicAuthenticator`
Required
Description	Name of the field that contains the username in the database.

Abstract Methods¶

¶

getAuthenticationHeaders	Inherited from`HttpBasicAuthenticator`
Returns	An array of strings representing request headers.
Return type	string[]
Description	Gets the names of the request headers where authentication details can be found. Should be implemented by subclasses, for example: `ApiKeyAuthenticator`. Must be implemented by subclasses which use headers other than the Authorization header. Otherwise the custom headers will be blocked by the Service.

Methods¶

¶

authenticate	Inherited from`HttpBasicAuthenticator`
Arguments	req (Request) – The current request
Throws	HttpErrors.Unauthorized If credentials weren’t validated
Returns	An object representing the user. Undefined if no credentials are found on the request.
Return type	Object \| undefined
Description	Authenticates a request using HTTP Baisc. Returns a user object that matches the username and password sent with the request. If no user matching the username and password is found, throws a 401 Unauthorized error.

¶

findUser
Arguments	username (string) – The username sent by the client.
Throws	Error If the database or collection are undefined.
Returns	An object representing the user if a match is found, otherwise undefined.
Return type	Object \| undefined
Description	Queries the database for a user which has a username that matches the username sent in the request.

¶

getService	Inherited from`HttpBasicAuthenticator`
Returns	The parent Service
Return type	`Service`
Description	A getter for the parent Service

¶

initialize	Inherited from`HttpBasicAuthenticator`
Arguments	service (`Service`) – The parent Service
Return type	undefined
Description	Initializes the authenticator. Called by `start` on the parent Service and sets this.service to the parent Service.

¶

throwUnauthenticated	Inherited from`HttpBasicAuthenticator`
Arguments	msg (string) – The message returned with the 401 error.
Throws	HttpErrors.Unauthorized
Return type	undefined
Description	Throws a 401 Unauthorized Error.

¶

validateCreds	Inherited from`HttpBasicAuthenticator`
Arguments	username (string) – username from the HTTP request password (string) – password from the HTTP request
Throws	Service.errors.InternalServerError 500 Internal Server Error
Returns	Object representing the user if a user matching the username and password is found. Otherwise returns undefined.
Return type	Object \| undefined
Description	Finds a user matching a username and password. The password is checked using the hash function.