
Product
A Fresh Look for the Socket Dashboard
We’ve redesigned the Socket dashboard with simpler navigation, less visual clutter, and a cleaner UI that highlights what really matters.
adonis-auth
Advanced tools
AdonisJs Auth is a fully featured authentication system for AdonisJs framework.
It supports by default multiple authentication schemes to authenticate HTTP requests.
In order to verify users credentials, it makes use of Serializers and below serializers are shipped with this library.
You are free to add your own schemes and serializers and documentation for same is written on the official website.
Configuration settings are slightly different for each scheme. When you define settings, we call them authenticators.
In short, an authenticator is a combination of scheme
, serializer
and common settings around them.
// config/auth.js
{
authenticator: 'session',
session: {
// ...
}
}
session: {
serializer: 'Lucid',
scheme: 'session',
model: 'App/Model/User',
uid: 'email',
password: 'password'
}
basicAuth: {
serializer: 'Lucid',
scheme: 'basic',
model: 'App/Model/User',
uid: 'email',
password: 'password'
}
jwt: {
serializer: 'Lucid',
scheme: 'jwt',
model: 'App/Model/User',
secret: Config.get('app.appKey')
}
Personal api tokens are like passwords for a given account. Majority of API's needs API based authentication because:
{
serializer: 'Lucid',
scheme: 'api',
model: 'App/Model/Token',
expiry: '30d'
}
Also you need to create the relationship between the user and the token, so that the Lucid serializer can make use of it.
// app/Model/User.js
class User extends Lucid {
apiTokens () {
return this.hasMany('App/Model/Token')
}
}
// app/Model/Token.js
class Token extends Lucid {
user () {
return this.belongsTo('App/Model/User')
}
}
In order to make use of the Auth provider, you need to register it inside your bootstrap/app.js
file.
const providers = [
...,
'adonis-auth/providers/AuthManagerProvider'
]
Next you need to register the AuthInit
middleware. This middleware will create a new instance of Auth Manager and will assign it to the request object.
// app/Http/kernel.js
const globalMiddleware = [
...,
'Adonis/Middleware/AuthInit'
]
and you are good to go. From here you can make use of request.auth
to authenticate/login your users.
// find if a user is logged in
yield request.auth.check()
// attempt to login a user
yield request.auth.attempt('email', 'password')
// login using user object
yield request.auth.login(user)
yield request.auth.loginViaId(1)
yield request.auth.logout()
Auth provider also ships with an extra middleware, which can be assigned to your routes to authenticate them.
// app/Http/kernel.js
const namedMiddleware = {
auth: 'Adonis/Middleware/Auth'
}
and then inside your routes file you can do.
Route
.get('account', 'AccountsController.index')
.middleware('auth')
Route
.get('account', 'AccountsController.index')
.middleware('auth:basic')
In favor of active development we accept contributions for everyone. You can contribute by submitting a bug, creating pull requests or even improving documentation.
You can find a complete guide to be followed strictly before submitting your pull requests in the Official Documentation.
FAQs
Offical authentication provider for Adonis framework
The npm package adonis-auth receives a total of 53 weekly downloads. As such, adonis-auth popularity was classified as not popular.
We found that adonis-auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
We’ve redesigned the Socket dashboard with simpler navigation, less visual clutter, and a cleaner UI that highlights what really matters.
Industry Insights
Terry O’Daniel, Head of Security at Amplitude, shares insights on building high-impact security teams, aligning with engineering, and why AI gives defenders a fighting chance.
Security News
MCP spec updated with structured tool output, stronger OAuth 2.1 security, resource indicators, and protocol cleanups for safer, more reliable AI workflows.