@hapi/hapi - npm Package Compare versions

Comparing version 20.1.5 to 20.2.0

lib/auth.js

@@ -8,2 +8,3 @@ 'use strict';
 const Config = require('./config');
+const Request = require('./request');
 
@@ -22,3 +23,3 @@
 
-    api = {};
+    api = {};                   // Do not reassign api or settings, as they are referenced in public()
     settings = {
@@ -33,2 +34,16 @@ default: null           // Strategy used as default if route has no auth settings
 
+    public(server) {
+
+        return {
+            api: this.api,
+            settings: this.settings,
+            scheme: this.scheme.bind(this),
+            strategy: this._strategy.bind(this, server),
+            default: this.default.bind(this),
+            test: this.test.bind(this),
+            verify: this.verify.bind(this),
+            lookup: this.lookup.bind(this)
+        };
+    }
+
     scheme(name, scheme) {
@@ -367,3 +382,3 @@
 
-        if (!request.auth.isAuthenticated) {
+        if (!request.auth.isAuthenticated || !request.auth[Request.symbols.authPayload]) {
             return;
@@ -370,0 +385,0 @@ }

lib/request.js

@@ -69,2 +69,3 @@ 'use strict';
             isInjected: options.auth ? true : false,
+            [internals.Request.symbols.authPayload]: options.auth && options.auth.payload !== undefined ? options.auth.payload : true,
             credentials: options.auth ? options.auth.credentials : null,                                    // Special keys: 'app', 'user', 'scope'
@@ -623,2 +624,5 @@ artifacts: options.auth && options.auth.artifacts || null,                                      // Scheme-specific artifacts
 
+internals.Request.symbols = {
+    authPayload: Symbol('auth.payload')
+};
 
@@ -625,0 +629,0 @@ internals.Info = class {

lib/server.js

@@ -37,4 +37,3 @@ 'use strict';
         this.app = core.app;
-        this.auth = this._core.auth;
-        this.auth.strategy = this.auth._strategy.bind(this.auth, this);
+        this.auth = core.auth.public(this);
         this.decorations = core.decorations.public;
@@ -41,0 +40,0 @@ this.cache = internals.cache(this);

package.json

@@ -5,3 +5,3 @@ {
   "homepage": "https://hapi.dev",
-  "version": "20.1.5",
+  "version": "20.2.0",
   "repository": "git://github.com/hapijs/hapi",
@@ -21,2 +21,7 @@ "main": "lib/index.js",
   ],
+  "eslintConfig": {
+    "extends": [
+      "plugin:@hapi/module"
+    ]
+  },
   "dependencies": {
@@ -44,2 +49,3 @@ "@hapi/accept": "^5.0.1",
     "@hapi/code": "^8.0.0",
+    "@hapi/eslint-plugin": "*",
     "@hapi/inert": "^6.0.2",
@@ -46,0 +52,0 @@ "@hapi/joi-legacy-test": "npm:@hapi/joi@^15.0.0",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

183765

increased by0.45%

Lines of code

4615

increased by0.35%

Worsened metrics

Dev dependency count

10

increased by11.11%

Number of medium supply chain risk alerts

4

increased by33.33%

No dependency changes