Skip to content

Instantly share code, notes, and snippets.

@jalcine jalcine/README.markdown
Last active Oct 16, 2015

Embed
What would you like to do?

This Gist is meant to show how testing authentication plugins with an expanded form of configuration versus the inline compact form results in an unexpected failure whilst testing. This case could occur if one wishes to enforce unique authentication options (like a required DB authentication versus a JWT session).

Expanded Form:

  server.route({
    method: 'POST',
    path: '/sample-auth',
    handler: function (request, reply) {
      return reply(200);
    },
    config: {
      auth: {
        strategies: ['hardcoded']
      }
    }
  });

Compressed:

  server.route({
    method: 'POST',
    path: '/sample-auth',
    handler: function (request, reply) {
      return reply(200);
    },
    config: {
      auth: 'hardcoded'
    }
  });
{
"name": "20151015_auth_plugin",
"version": "0.0.1",
"description": "A sample project to explain authentication failures.",
"main": "index.js",
"scripts": {
"test": "lab test.js"
},
"author": "Jacky Alciné <yo@jacky.wtf> (https://jacky.wtf/)",
"license": "MIT",
"devDependencies": {
"code": "1.5.0",
"lab": "6.2.0"
}
}
var Lab = require('lab');
var Code = require('code');
var lab = exports.lab = Lab.script();
var Hapi = require('hapi');
lab.test('empty payload with auth plugin', function (done) {
var server = new Hapi.Server();
server.connection({port: 3});
var hardcodedScheme = function (server, options) {
return {
authenticate: function (request, reply) {
Code.expect(request.payload).to.not.equal(null);
return reply.continue();
},
payload: function (request, reply) {
return reply.continue();
},
response: function (request, reply) {
return reply.continue();
}
}
};
server.auth.scheme('hardcoded', hardcodedScheme);
server.auth.strategy('hardcoded', 'hardcoded', false);
server.route({
method: 'POST',
path: '/sample-auth',
handler: function (request, reply) {
return reply(200);
},
config: {
auth: {
strategies: ['hardcoded']
}
}
});
server.initialize(function (err) {
Code.expect(err).to.equal(undefined);
server.inject({
url: '/sample-auth',
method: 'POST',
payload: {
email: 'magic@hapi.com',
password: 'hapiMakesMeHappy'
}
}, function (res) {
Code.expect(res.statusCode).to.equal(200);
done();
});
});
});
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.