hapi-auth-anonymous

npm install hapi-auth-anonymous

![Build Status](https://travis-ci.org/codedoctor/hapi-auth-anonymous)
![Coverage Status](https://coveralls.io/r/codedoctor/hapi-auth-anonymous)
![NPM Version](https://www.npmjs.org/package/hapi-auth-anonymous)
![Dependency Status](https://gemnasium.com/codedoctor/hapi-auth-anonymous)
![NPM Downloads](https://www.npmjs.org/package/hapi-auth-anonymous)
![Issues](https://github.com/codedoctor/hapi-auth-anonymous/issues)
![HAPI 8.0](http://hapijs.com)
![API Documentation](http://coffeedoc.info/github/codedoctor/hapi-auth-anonymous)

HAPI plugin that supports anonymous logins from mobile devices.

1. PLEASE NOTE THAT SIGNIFICANT PARTS OF THE CODE HAVE BEEN USED FROM ANOTHER NPM MODULE (hapi-auth-bearer by Jordan Stout)

2. ALSO, THIS IS WORK IN PROGRESS

3. THIS IS OBVIOUSLY NOT SECURE AS IN BANK LEVEL SECURITY - IT'S FOR CASUAL APPS ONLY

How does this work?

The scenario is like this: A user opens an app on a mobile device, and is identified by some persistent UUID. Each request to the backend includes an Authorization: anonymous [UUID] header. The UUID can be any format as long as it is a string. This module now ensures that, either a new user is created in the backend or an existing user with that id is retrieved. Voila, we support anonymous users.

Dependencies

This module requires the following HAPI modules to be loaded:

* hapi-oauth-store-multi-tenant
* hapi-user-store-multi-tenant

and a mongoose connector plugin (does not have to be this one)

* hapi-mongoose-db-connector

How to use it?

``coffeescript

Hapi = require "hapi"

hapiAuthAnonymous = require 'hapi-auth-anonymous' hapiOauthStoreMultiTenant = require 'hapi-oauth-store-multi-tenant' hapiUserStoreMultiTenant = require 'hapi-user-store-multi-tenant' hapiMongooseDbConnector = require 'hapi-mongoose-db-connector' server = new Hapi.Server config.server.port, config.server.host, {}

pluginConf = [ plugin: hapiUserStoreMultiTenant options: autoIndex: false , plugin: hapiOauthStoreMultiTenant options: autoIndex: false , plugin: hapiAuthAnonymous options: clientId: '53af466e96ab7635384b71fa' _tenantId: '53af466e96ab7635384b71fb' scope: ['user-anonymous-access'] # This is optional and represents the default , plugin: hapiMongooseDbConnector options: mongodbUrl: config.services.mongodbUrl ]

server.pack.register pluginConf, (err) -> throw err if err

server.auth.strategy 'default', 'hapi-auth-anonymous', {} server.auth.default 'default'

server.start -> # Do something

module.exports = server

Plugin Options

$3

The client id used to identity the oauth app. In a usual setup you create one app when initializing your database for the first time and use that client id. Take a look at
the hapi-routes-tenants-setup
plugin that exposes a setup route.

$3

An id that specifies which tenant in the identity store backend should be used. In most scenarios this will be a hardcoded (well, taken from the config) value. It must be a mongodb compatible object id (see example above).

$3

The scope that will be assigned to the credentials upon login. This defaults to ['user-anonymous-access'] and can be either a string or an array. To assign no scope, pass an empty array.

The scope allows you to limit access or functionality in your routes. For example, a route that returns data can only return a subset for users in scope anonymous-access

Contributing

* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
* Fork the project
* Start a feature/bugfix branch
* Commit and push until you are happy with your contribution
* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
* Please try not to mess with the package.json, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.

Copyright

npm install hapi-auth-anonymous

HAPI plugin that supports anonymous logins from mobile devices.

1. PLEASE NOTE THAT SIGNIFICANT PARTS OF THE CODE HAVE BEEN USED FROM ANOTHER NPM MODULE (hapi-auth-bearer by Jordan Stout)

2. ALSO, THIS IS WORK IN PROGRESS

3. THIS IS OBVIOUSLY NOT SECURE AS IN BANK LEVEL SECURITY - IT'S FOR CASUAL APPS ONLY

How does this work?

Dependencies

This module requires the following HAPI modules to be loaded:

* hapi-oauth-store-multi-tenant
* hapi-user-store-multi-tenant

and a mongoose connector plugin (does not have to be this one)

* hapi-mongoose-db-connector

How to use it?

``coffeescript

Hapi = require "hapi"

server.pack.register pluginConf, (err) -> throw err if err

server.auth.strategy 'default', 'hapi-auth-anonymous', {} server.auth.default 'default'

server.start -> # Do something

module.exports = server

Plugin Options

$3

The scope that will be assigned to the credentials upon login. This defaults to ['user-anonymous-access'] and can be either a string or an array. To assign no scope, pass an empty array.

The scope allows you to limit access or functionality in your routes. For example, a route that returns data can only return a subset for users in scope anonymous-access

How does this work?

Dependencies

How to use it?

Plugin Options

$3

$3

$3

See also

Contributing

Copyright

hapi-auth-anonymous

How does this work?

Dependencies

How to use it?

Plugin Options

$3

$3

$3

See also

Contributing

Copyright