Authentication system [v2]

The authentication system is based on the HTTP authentication system. It uses the Authorization and WWW-Authenticate headers to provide authentication.

At the moment, only two authentication systems are available in the module :

Basic
Digest

Thanks to the server's option httpAuthentication, it is possible to define a custom authentication system. It musts inherit from the interface HTTPAuthentication :

interface HTTPAuthentication
{
    askForAuthentication() : {
        [headeName : string] : string
    }
    getUser(ctx : HTTPRequestContext, callback : (error : Error, user ?: IUser) => void) : void
}

The askForAuthentication() method is used by the server to know what headers the method needs to add to its response.

The getUser() method is used by the server to get the user of the current request. This method must provide the user authenticated or a default user if possible.

There are two authentication system implemented in the modules : HTTPBasicAuthentication and HTTPDigestAuthentication.

The class HTTPBasicAuthentication implements the Basic authentication system. The class HTTPDigestAuthentication implements the Digest authentication system and provides a more secure way to authenticate.

Home
Version 2
- Install
- Quick Start Guide
- Examples
- Concepts
- User concepts
  - Authentication system
  - User management and privileges
- Server concepts
- Customizing
Version 1 [Obsolete]
- Install
- Quick Start Guide
- Examples
- Features
- Resource concepts
- User concepts
  - Authentication system
  - User management and privileges
- Server concepts
- Customizing
  - Custom FSManager
Project
- Road map
- Troubleshooting

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Authentication system [v2]

Clone this wiki locally