passport-http-header-strategy
HTTP define header authentication strategy for Passport
Install
$ npm install passport-http-header-strategy
Usage
header
set header(defaultauthorization
)param
set usereq.body
orreq.query
token
name to request(defaultaccess_token
)passReqToCallback
if eturn
Configure Strategy
passport.use(new headerStrategy({header: 'X-APP-TOKEN', param: 'app_token', passReqToCallback: true},
function(req, token, done) {
User.findOne({ token: token }, function (err, user) {
if (err) { return done(err); }
if (!user) { return done(null, false); }
return done(null, user, { scope: 'all' });
});
}
));
Authenticate Requests
Use passport.authenticate()
, specifying the 'bearer'
strategy, to
authenticate requests. Requests containing bearer tokens do not require session
support, so the session
option can be set to false
.
For example, as route middleware in an Express application:
app.get('/profile',
passport.authenticate('header', { session: false }),
function(req, res) {
res.json(req.user);
});
Examples
examples - example
Tests
$ npm install
$ mocha
Reference
ReferJared Hanson passport-http-bearer module