passport-http-header-strategy

Build Status

HTTP define header authentication strategy for Passport

Install

$ npm install passport-http-header-strategy

Usage

  • header 设置请求头(默认authorization)
  • param 设置以req.bodyreq.query参数形式请求的token名称(默认access_token)
  • passReqToCallback 是否返回

Configure Strategy

passport.use(new headerStrategy({header: 'X-APP-TOKEN', param: 'app_token', passReqToCallback: true},
  function(req, token, done) {
    User.findOne({ token: token }, function (err, user) {
      if (err) { return done(err); }
      if (!user) { return done(null, false); }
      return done(null, user, { scope: 'all' });
    });
  }
));

Authenticate Requests

Use passport.authenticate(), specifying the 'bearer' strategy, to authenticate requests. Requests containing bearer tokens do not require session support, so the session option can be set to false.

For example, as route middleware in an Express application:

app.get('/profile', 
  passport.authenticate('header', { session: false }),
  function(req, res) {
    res.json(req.user);
  });

Examples

examples - 示例

Tests

$ npm install
$ mocha

参考

参考Jared Hansonpassport-http-bearer模块

License

The MIT License

Supported by

SEARCH FOR STRATEGIES

0STRATEGIES