Page Contents
Home > @loopback/authentication
authentication package
A LoopBack 4 component for authentication support.
Remarks
The core logic for the authentication layer in LoopBack 4.
It contains:
- A decorator to express an authentication requirement on controller methods - A provider to access method-level authentication metadata - An action in the REST sequence to enforce authentication - An extension point to discover all authentication strategies and handle the delegation
Classes
| Class | Description |
|---|---|
| AuthenticateActionProvider | Provides the authentication action for a sequence |
| AuthenticationComponent | |
| AuthenticationMiddlewareProvider | |
| AuthenticationStrategyProvider | An authentication strategy provider responsible for resolving an authentication strategy by name.It declares an extension point to which all authentication strategy implementations must register themselves as extensions. |
| AuthMetadataProvider | Provides authentication metadata of a controller method |
Functions
| Function | Description |
|---|---|
| authenticate(strategies) | Mark a controller method as requiring authenticated user. |
| getAuthenticateMetadata(targetClass, methodName) | Fetch authentication metadata stored by @authenticate decorator. |
| getAuthenticationMetadataForStrategy(metadata, strategyName) | Get the authentication metadata object for the specified strategy. |
| registerAuthenticationStrategy(context, strategyClass) | Registers an authentication strategy as an extension of the AuthenticationBindings.AUTHENTICATION_STRATEGY_EXTENSION_POINT_NAME extension point. |
Interfaces
| Interface | Description |
|---|---|
| AuthenticateFn | interface definition of a function which accepts a request and returns an authenticated user |
| AuthenticationMetadata | Authentication metadata stored via Reflection API |
| AuthenticationOptions | Options for authentication component |
| AuthenticationStrategy | An interface that describes the common authentication strategy.An authentication strategy is a class with an ‘authenticate’ method that verifies a user’s credentials and returns the corresponding user profile. |
| TokenService | An interface for generating and verifying a token |
| UserIdentityService | The User Identity service links a user to profiles from an external source (eg: ldap, oauth2 provider, saml) which can identify the user. The profile typically has the following information: name, email-id, uuid, roles, authorizations, scope of accessible resources, expiration time for given access |
| UserProfileFactory | interface definition of a factory function which accepts a user definition and returns the user profile |
| UserService | A service for performing the login action in an authentication strategy.Usually a client user uses basic credentials to login, or is redirected to a third-party application that grants limited access.Note: The creation of user is handled in the user controller by calling user repository APIs. For Basic auth, the user has to register first using some endpoint like /register. For 3rd-party auth, the user will be created if login is successful and the user doesn’t exist in database yet.Type C stands for the type of your credential object.- For local strategy:A typical credential would be: { username: username, password: password }- For oauth strategy:A typical credential would be: { clientId: string; clientSecret: string; callbackURL: string; }It could be read from a local configuration file in the app- For saml strategy:A typical credential would be:{ path: string; issuer: string; entryPoint: string; }It could be read from a local configuration file in the app. |
Namespaces
| Namespace | Description |
|---|---|
| authenticate | |
| AuthenticationBindings | Binding keys used by this component. |
Variables
| Variable | Description |
|---|---|
| asAuthStrategy | A binding template for auth strategy contributor extensions |
| AUTHENTICATION_METADATA_CLASS_KEY | The key used to store class-level metadata for @authenticate |
| AUTHENTICATION_METADATA_KEY | Alias for AUTHENTICATION_METADATA_METHOD_KEY to keep it backward compatible |
| AUTHENTICATION_METADATA_METHOD_KEY | The key used to store method-level metadata for @authenticate |
| AUTHENTICATION_STRATEGY_NOT_FOUND | |
| USER_PROFILE_NOT_FOUND |