Posts Tagged: hapijs

Using Opentoken in Hapi.js

hapi-auth-opentoken

npm version

Opentoken authentication scheme designed to work with PINGFederate Opentoken endpoints.

Usage

const opentoken = {
    register: require('hapi-auth-opentoken'),
    options: {
        password: 'testPassword',
        cipherSuite: 0,
        tokenName: 'opentoken'
    }
};

server.register([opentoken], (err) => {

    server.auth.strategy('default', 'opentoken', { validateFunc: validate });
    server.route({ method: 'GET', path: '/', config: { auth: 'default' } });

});

function validate(request, token, callback) {
    // token contains the decrypted saml response

    callback(err, { id: '12345', name: 'Jos Sykes' });
}

Options

Opentoken takes the following options

  • password – the token decryption shared key (default: null)
  • cipherSuite – the opentoken cipher algorithm used by the server. One of the following [0,1,2,3] (default: 0)
  • tokenName – (required) the name of the parameter in the POST request body to parse the token from
  • tokenTolerance – The amount of time (in seconds) to allow for clock skew between servers in seconds (default: 120)
  • tokenLifetime – The duration (in seconds) for which the token is valid. (default: 300)
  • tokenRenewal – The amount of time (in seconds) the token will renew itself for. (default: 12hrs)

Validation

The validation function has a signature of validate(request, token, callback) where

  • request – the hapi.js request object
  • token – the decrypted opentoken saml information
  • callback – a callback function taking the following parameters
    • err – An optional error message which gets logged to stdout, null if no error
    • user – the user information to attach to request.auth.credentials in downstream methods

Working with Themes in Hapi.js

npm version

This plugin will add a view handler to Hapi.js routes to serve themeable content. This allows you serve different stylesheets by theme name, serve different layout files, or whatever you need.

Content can be themed by url (default), http header, or a custom function.

Usage

By default, the handler will read the “theme” key from the url by taking the first url segment after the domain. For example, if your app has the following url:

http://www.foobar.com/batman/account

The theme key would be batman and the theme file that will be loaded is batman.json.

NOTE: The theme key will be stripped out of the url when it is passed to the Hapi.js router. This allows for flexibility when creating routes, since you will not have to account for the theme name in your url matching.

Example Theme File

Theme files can contain any information you want, but must at least maintain key and isDefault properties.

{
    "key": "batman",
    "isDefault": true,
    "brandName": "Batman Crimefighting",
    "logo": "logo-batman-134x23.png",
    "logoAltText": "Batman (TM)"
}

When loaded by the theme key, this theme file is injected as a js object into the view and can be used by the templating engine.

<link rel="icon" type="image/png" href="images/{{theme.favicon}}" />
<title>{{theme.brandName}}</title>
<link rel="stylesheet" type="text/css" href="css/themes/{{theme.key}}/styles.css" />

Configuration

Each theme is stored in a theme file, loaded with glob pathing, and configured like any other plugin.

var themes = {
    register: require('hapi-themes'),
    options: {
        configFilePath: '**/*.theme.json'
    }
};

server.register([themes], function(err){
    // ...
    server.start(function(err){
        // ...    
    });
});

Specify the view handler for a route.

server.route({
    method: 'GET',
    path: '/',
    handler: {
        theme: {
            template: 'index',
            layout: 'default',
            relativeTo: Path.join(__dirname, 'server/views')
        }
    }
});

Using an http header as the theme key

If you want to use an http header as the theme key, you can set the following options.

var themes = {
    register: require('hapi-themes'),
    options: {
        configFilePath: '**/*.theme.json',
        defaultThemeKey: 'HEADER_THEME_KEY',
        keyStrategy: 'header'
    }
};

Using a custom function for theme resolution

You can also specify a custom function that should return a string equivalent to the name of the theme file to load. The keyStrategy takes the Hapi.js request object as its parameter and must return a string.

var themes = {
    register: require('hapi-themes'),
    options: {
        configFilePath: '**/*.theme.json',
        keyStrategy: function(request){
            return 'batman';
        }
    }
};