hapijs - request.auth.isAuthenticated is false for 'try' or 'optional' auth modes -
referring lib/auth.js if handler uses try or optional strategy isauthenticated false, though user logged in , has active session.
this bummer because have onpreresponse handler adds user credentials view context, used template show login or logout link.
the onpreresponse code hapi-context-credentials
the template looks (snippet):
<ul class="nav navbar-nav"> <li>{{#if credentials.username}} <a href="/logout">logout</a> {{else}} <a href="/login">login</a> {{/if}} </li> </ul>
edit: adding example source code
this example code hapi-context-credentials modified remove auth config 1 of routes. test:
- navigate http://localhost:4000/hbs , login (john:secret)
- you greeted hello john!
- then navigate http://localhost:4000/jade, greeted hello guest! though have logged in
index.js
var hapi = require('hapi'); var path = require('path'); var server = new hapi.server(); server.connection({ port: 4000 }); server.views({ engines: { hbs: require('handlebars'), jade: require('jade') }, path: __dirname, iscached: false }); server.register([ { register: require('hapi-context-credentials'),// hapi-context-credentials }, { register: require('hapi-auth-basic') } ], function (err) { if (err) { throw err; } var validatefunc = function (username, password, callback) { // authenticate , store username // in credentials if (username === 'john' && password === 'secret') { return callback(null, true, {username: 'john'}); } return callback(null, false, {}); }; server.auth.strategy('simple', 'basic', { validatefunc: validatefunc }); server.route([{ config: { auth: { strategy: 'simple', mode: 'required' } }, method: 'get', path: '/hbs', handler: function(request, reply) { reply.view('example.hbs'); // handlebars example } }, { method: 'get', path: '/jade', handler: function(request, reply) { reply.view('example.jade'); // jade example } } ]); server.start(function() { console.log('started server: ' + server.info.uri); }); });
example.hbs
<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>hello!</title> </head> <body> {{#if credentials}} <h1>hello {{credentials.username}}!</h1> {{else}} <h1>hello guest!</h1> {{/if}} </body> </html>
example.jade
doctype html html(lang="en") head title= example body if credentials h1 hello #{credentials.username}! else h1 hello guest!
note: need these npm modules:
- hapi
- handlebars
- jade
- hapi-auth-basic
- hapi-context-credentials
in example code posted, /jade
route doesn't have authentication set on it, therefore hapi doesn't have access credentials corresponding view. http stateless protocol these aren't "remembered" server between requests, need identify every request.
if want able log in once , have credentials available across multiple requests either need 1 of following:
- continue use basic auth set
auth
config property on every route. don't need login every page because browser remember credentials , sendauthorization
header. - use hapi-auth-cookie store credentials in session. still need set
auth
property on every route want access credentials. - use yar store credentials in session , retrieve them using
request.session.get()
one thing have brought attention need update hapi-context-credentials hapi 9.x.x , hapi-auth-basic 3.x.x, that.
Comments
Post a Comment