Page Contents

Home > @loopback/authentication

authentication package

@loopback/authentication

Classes

Class Description
AuthenticateActionProvider Provides the authentication action for a sequence
AuthenticationComponent  
AuthenticationStrategyProvider An authentication strategy provider responsible for resolving an authentication strategy by name.It declares an extension point to which all authentication strategy implementations must register themselves as extensions.
AuthMetadataProvider Provides authentication metadata of a controller method

Functions

Function Description
authenticate(strategyNameOrMetadata, options) Mark a controller method as requiring authenticated user.
getAuthenticateMetadata(targetClass, methodName) Fetch authentication metadata stored by @authenticate decorator.
registerAuthenticationStrategy(context, strategyClass) Registers an authentication strategy as an extension of the AuthenticationBindings.AUTHENTICATION_STRATEGY_EXTENSION_POINT_NAME extension point.

Interfaces

Interface Description
AuthenticateFn interface definition of a function which accepts a request and returns an authenticated user
AuthenticationMetadata Authentication metadata stored via Reflection API
AuthenticationOptions Options for authentication component
AuthenticationStrategy An interface that describes the common authentication strategy.An authentication strategy is a class with an ‘authenticate’ method that verifies a user’s credentials and returns the corresponding user profile.
TokenService An interface for generating and verifying a token
UserService A service for performing the login action in an authentication strategy.Usually a client user uses basic credentials to login, or is redirected to a third-party application that grants limited access.Note: The creation of user is handled in the user controller by calling user repository APIs. For Basic auth, the user has to register first using some endpoint like /register. For 3rd-party auth, the user will be created if login is successful and the user doesn’t exist in database yet.Type C stands for the type of your credential object.- For local strategy:A typical credential would be: { username: username, password: password }- For oauth strategy:A typical credential would be: { clientId: string; clientSecret: string; callbackURL: string; }It could be read from a local configuration file in the app- For saml strategy:A typical credential would be:{ path: string; issuer: string; entryPoint: string; }It could be read from a local configuration file in the app.

Namespaces

Namespace Description
authenticate  
AuthenticationBindings Binding keys used by this component.

Variables

Variable Description
AUTHENTICATION_METADATA_CLASS_KEY The key used to store class-level metadata for @authenticate
AUTHENTICATION_METADATA_KEY Alias for AUTHENTICATION_METADATA_METHOD_KEY to keep it backward compatible
AUTHENTICATION_METADATA_METHOD_KEY The key used to store method-level metadata for @authenticate
AUTHENTICATION_STRATEGY_NOT_FOUND  
USER_PROFILE_NOT_FOUND