hapijs - request.auth.isAuthenticated is false for 'try' or 'optional' auth modes -


referring lib/auth.js if handler uses try or optional strategy isauthenticated false, though user logged in , has active session.

this bummer because have onpreresponse handler adds user credentials view context, used template show login or logout link.

the onpreresponse code hapi-context-credentials

the template looks (snippet):

        <ul class="nav navbar-nav">             <li>{{#if credentials.username}}                      <a href="/logout">logout</a>                  {{else}}                      <a href="/login">login</a>                  {{/if}}             </li>         </ul> 

edit: adding example source code

this example code hapi-context-credentials modified remove auth config 1 of routes. test:

  1. navigate http://localhost:4000/hbs , login (john:secret)
  2. you greeted hello john!
  3. then navigate http://localhost:4000/jade, greeted hello guest! though have logged in

index.js

    var hapi = require('hapi');     var path = require('path');      var server = new hapi.server();     server.connection({ port: 4000 });      server.views({         engines: {             hbs: require('handlebars'),             jade: require('jade')         },         path: __dirname,         iscached: false     });      server.register([         {             register: require('hapi-context-credentials'),// hapi-context-credentials         }, {             register: require('hapi-auth-basic')         }     ], function (err) {          if (err) {             throw err;         }          var validatefunc = function (username, password, callback) {              // authenticate , store username             // in credentials              if (username === 'john' && password === 'secret') {                 return callback(null, true, {username: 'john'});                 }              return callback(null, false, {});         };          server.auth.strategy('simple', 'basic', {             validatefunc: validatefunc         });          server.route([{                 config: {                     auth: {                         strategy: 'simple',                         mode: 'required'                     }                 },                 method: 'get',                 path: '/hbs',                 handler: function(request, reply) {                      reply.view('example.hbs');          // handlebars example                 }             }, {                  method: 'get',                 path: '/jade',                 handler: function(request, reply) {                      reply.view('example.jade');         // jade example                 }             }         ]);          server.start(function() {             console.log('started server: ' + server.info.uri);         });     }); 

example.hbs

    <!doctype html>     <html lang="en">     <head>         <meta charset="utf-8">         <title>hello!</title>     </head>     <body>         {{#if credentials}}         <h1>hello {{credentials.username}}!</h1>         {{else}}         <h1>hello guest!</h1>         {{/if}}     </body>     </html> 

example.jade

        doctype html     html(lang="en")       head         title= example       body         if credentials           h1 hello #{credentials.username}!         else           h1 hello guest! 

note: need these npm modules:

  • hapi
  • handlebars
  • jade
  • hapi-auth-basic
  • hapi-context-credentials

in example code posted, /jade route doesn't have authentication set on it, therefore hapi doesn't have access credentials corresponding view. http stateless protocol these aren't "remembered" server between requests, need identify every request.

if want able log in once , have credentials available across multiple requests either need 1 of following:

  1. continue use basic auth set auth config property on every route. don't need login every page because browser remember credentials , send authorization header.
  2. use hapi-auth-cookie store credentials in session. still need set auth property on every route want access credentials.
  3. use yar store credentials in session , retrieve them using request.session.get()

one thing have brought attention need update hapi-context-credentials hapi 9.x.x , hapi-auth-basic 3.x.x, that.


Comments

Popular posts from this blog

java - UnknownEntityTypeException: Unable to locate persister (Hibernate 5.0) -

python - ValueError: empty vocabulary; perhaps the documents only contain stop words -

ubuntu - collect2: fatal error: ld terminated with signal 9 [Killed] -