Page Contents

Home > @loopback/authentication > UserService

UserService interface

A service for performing the login action in an authentication strategy.

Usually a client user uses basic credentials to login, or is redirected to a third-party application that grants limited access.

Note: The creation of user is handled in the user controller by calling user repository APIs. For Basic auth, the user has to register first using some endpoint like /register. For 3rd-party auth, the user will be created if login is successful and the user doesn’t exist in database yet.

Type C stands for the type of your credential object.

  • For local strategy:

A typical credential would be: { username: username, password: password }

  • For oauth strategy:

A typical credential would be: { clientId: string; clientSecret: string; callbackURL: string; }

It could be read from a local configuration file in the app

  • For saml strategy:

A typical credential would be:

{ path: string; issuer: string; entryPoint: string; }

It could be read from a local configuration file in the app.

Signature:

export interface UserService<U, C> 

Methods

Method Description
convertToUserProfile(user) Convert the user returned by verifyCredentials() to a common user profile that describes a user in your application
verifyCredentials(credentials) Verify the identity of a user, construct a corresponding user profile using the user information and return the user profile.