Page Contents

Home > @loopback/authentication

authentication package



Class Description
AuthenticateActionProvider Provides the authentication action for a sequence
AuthenticationStrategyProvider An authentication strategy provider responsible for resolving an authentication strategy by name.It declares an extension point to which all authentication strategy implementations must register themselves as extensions.
AuthMetadataProvider Provides authentication metadata of a controller method


Function Description
authenticate(strategyNameOrMetadata, options) Mark a controller method as requiring authenticated user.
getAuthenticateMetadata(targetClass, methodName) Fetch authentication metadata stored by @authenticate decorator.
registerAuthenticationStrategy(context, strategyClass) Registers an authentication strategy as an extension of the AuthenticationBindings.AUTHENTICATION_STRATEGY_EXTENSION_POINT_NAME extension point.


Interface Description
AuthenticateFn interface definition of a function which accepts a request and returns an authenticated user
AuthenticationMetadata Authentication metadata stored via Reflection API
AuthenticationOptions Options for authentication component
AuthenticationStrategy An interface that describes the common authentication strategy.An authentication strategy is a class with an ‘authenticate’ method that verifies a user’s credentials and returns the corresponding user profile.
TokenService An interface for generating and verifying a token
UserProfileFactory interface definition of a factory function which accepts a user definition and returns the user profile
UserService A service for performing the login action in an authentication strategy.Usually a client user uses basic credentials to login, or is redirected to a third-party application that grants limited access.Note: The creation of user is handled in the user controller by calling user repository APIs. For Basic auth, the user has to register first using some endpoint like /register. For 3rd-party auth, the user will be created if login is successful and the user doesn’t exist in database yet.Type C stands for the type of your credential object.- For local strategy:A typical credential would be: { username: username, password: password }- For oauth strategy:A typical credential would be: { clientId: string; clientSecret: string; callbackURL: string; }It could be read from a local configuration file in the app- For saml strategy:A typical credential would be:{ path: string; issuer: string; entryPoint: string; }It could be read from a local configuration file in the app.


Namespace Description
AuthenticationBindings Binding keys used by this component.


Variable Description
AUTHENTICATION_METADATA_CLASS_KEY The key used to store class-level metadata for @authenticate
AUTHENTICATION_METADATA_METHOD_KEY The key used to store method-level metadata for @authenticate