hapi-authorized-scope
Advanced tools
The Future Studio University supports development of this hapi plugin 🚀
Join the Future Studio University and Skyrocket in Node.js
The hapi-authorized-scope plugin determines and stores the scope that authorized an authenticated request. You'll find the scope authorizing the request in request.auth.authorizedScope.
In hapi, you’ll find all auth-related details in request.auth, that’s the reason this plugin adds the authorizedScope property there:
{
isAuthenticated: true,
isAuthorized: true,
credentials: { username: 'marcus', scope: ['admin', 'user'] },
artifacts: null,
strategy: 'test',
mode: 'required',
error: null,
isInjected: true,
authorizedScope: 'user' // <-- added: the authorized scope that let the user access a route
}
Add hapi-authorized-scope as a dependency to your project:
npm i hapi-authorized-scope
The usage is pretty straightforward: register the plugin to your hapi server and that’s it:
await server.register({
plugin: require('hapi-authorized-scope')
})
// went smooth like chocolate :)
hapi-authorized-scope extends the request lifecycle onPostAuth and finds the first scope in the authenticated credentials that authorizes the request to access the route.
In your route handlers or request lifecycle extension points, you may access the authorized scope like this:
{
method: 'GET',
path: '/profile',
options: {
handler: async (request, h) {
const authorizedScope = request.auth.authorizedScope
Logger.debug(`Scope authorizing the user to access this route: ${authorizedScope}`)
return h.view('profile')
}
}
}
Enjoy!
git checkout -b my-featuregit commit -am 'Add some feature'git push origin my-new-featureMIT © Future Studio
futurestud.io · GitHub @futurestudio · Twitter @futurestud_io
FAQs
hapi plugin to require multiple authentication strategies
The npm package hapi-authorized-scope receives a total of 0 weekly downloads. As such, hapi-authorized-scope popularity was classified as not popular.
We found that hapi-authorized-scope demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious PyPI package ‘set-utils’ steals Ethereum private keys by exfiltrating them through blockchain transactions via the Polygon RPC.
Research
Security News
Malicious Go packages are impersonating popular libraries to install hidden loader malware on Linux and macOS, targeting developers with obfuscated payloads.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.