This is hapi plugin which adds authorization support to the app. User info is stored in collection "users". You can use extrenal providers (via
bell) or local authetntification if need.
This plugin will create next routes:
POST /auth/external/<name> for each external provider (see
POST /auth/signIn for local user sign in,
POST /auth/signUp for registering new local user,
GET /auth/confirmEmail/<token> for email verifycation after registering user,
POST /auth/resetPasswordRequest for request to reset password,
POST /auth/resetPassword/<token> for reseting password,
POST /auth/changePassword for changing password by authorized user.
Each view can get access to
auth. Each view and email template can gen app module info (from app's package.json) as
appInfo and make absolute url from relative with
userRole are available after installation this module.
For authorized requests object
request.auth.credentials will contains user's data (like user id, name, email, etc). Use
request.auth.credentials.inRole(roleName) to check if user has required role.
By default after first app start role "Administrator" and user "admin" with password 111111 (count of '1' depends on options.minPasswordLength) are created (if they are missing only).
npm install co-hapi-auth co-hapi-models co-hapi-mongoose posto then-jade
co-hapi and plugins
co-hapi-mongoose, 'posto' are required to use this plugin.
Also you need install modules of template renders which you are going to use (then-jade, etc.)
Node 0.11+ should be used with --harmony switch.
providersis object which store external auth providers data (
bellwill use them). Each key of this object is provider name, value is options of such provider. Look at here for more details. Options
passwordcan be ommited.
sessionis object which store options for auth session cookie. It can contains key
passwordwhich used to encrypt session cookie (it also can be used by external providers),
cookiewhich stores session cookie name (default 'sid'),
redirectTowhich conains url to redirect on non-authed calls (default /auth/signIn)
minPasswordLengthis minimal password lengs (min. 6 symbols, default is 6 too),
rememberTTLis time in hours how long store session cookie if user select "Remember me" (default 1 month),
enableSignUpallows to enable/disable new users registering via web ui (default true),
confirmationTokenLifeTimeis time when generated confirmation token is valid (default 1 week),
resetPasswordTokenLifeTimeis same for reset password token (default 1 week),
useInternalViewsallows to use internal (inside this module) views for auth requests or not (default true). If its value is false you should implement own views files as changePassword, emailConfirmed, error, passwordChanged, resetPassword, resetPasswordRequest, signIn and signUp.
useInternalEmailTemplatesallows to use internal (inside this module) email templates for auth requests or not (default true). If its value is false you should implement own email templates as confirmEmail and resetPassword.