@travetto/auth-rest-context

Rest Auth Context

Rest authentication context integration support for the Travetto framework

Install: @travetto/auth-rest-context

npm install @travetto/auth-rest-context

# or

yarn add @travetto/auth-rest-context

This module exposes a service AuthContextService that is @Injectable, and will provide access to the user's authentication context without access to the request object. This is extremely useful for auditing, logging, and other enforcement patterns.

This module intercepts the auth field on the http request object, and persists it using the Async Context module, meaning this information is now able to be retrieved outside of the normal execution flow, while the http request is still processing.

Code: AuthContextService

import { Principal } from '@travetto/auth';
import { AsyncContext } from '@travetto/context';
import { Inject, Injectable } from '@travetto/di';

const PrincipalⲐ = Symbol.for('@travetto/auth:principal');

/**
 * Provides global context to accessing principal
 */
@Injectable()
export class AuthContextService {

  @Inject()
  context: AsyncContext;

  /**
   * Set principal
   * @param p The auth principal
   */
  set = (p: Principal | undefined): void => this.context.set(PrincipalⲐ, p);

  /**
   * Get the principal from the context
   * @returns principal if authenticated
   * @returns undefined if not authenticated
   */
  get = <T = { [key: string]: unknown }>(): (Principal<T> | undefined) => this.context.get<Principal<T>>(PrincipalⲐ);
}