Strategies

An authentication strategy is any object or class that implements at least an authenticate(data, params) method. They can be registered with the AuthenticationService to authenticate service calls and other requests. The following strategies already come with Feathers:

More details on how to customize existing strategies can be found in their API documentation. This section describes the APIcommon methods for all authentication strategies and how a custom authentication strategy can implemented.

setName(name)

Will be called with the name under which the strategy has been registered on the authentication service. Does not have to be implemented.

setApplication(app)

Will be called with the Feathers application instance. Does not have to be implemented.

setAuthentication(service)

Will be called with the Authentication service this strategy has been registered on. Does not have to be implemented.

verifyConfiguration()

Synchronously verify the configuration for this strategy and throw an error if e.g. required fields are not set. Does not have to be implemented.

authenticate(authentication, params)

Authenticate authentication data with additional params. A strategy may check for data.strategy being set to its name and throw an error if it does not match. authenticate will be called for all strategies. authenticate should throw a NotAuthenticated if it failed or return an authentication result object.

parse(req, res)

Parse a given plain Node HTTP request and response and return null or the authentication information it provides. Does not have to be implemented.

AuthenticationBaseStrategy

The AuthenticationBaseStrategy class provides a base class that already implements some of the strategy methods below with some common functionality:

  • setName sets this.name
  • setApplication sets this.app
  • setAuthentication sets this.authentication
  • configuration getter returns this.authentication.configuration[this.name]
  • entityService getter returns the entity (usually /users) service from this.app

Examples

Examples for authentication strategies can be found in the Cookbook: