@draftbit/hapi-airtable-authentication-plugin
v1.1.0
Published
Plugin to add JWT-based authentication to a Hapi server using Airtable as a data store
Downloads
7
Keywords
Readme
Hapi Airtable Authentication Plugin
A plugin that adds JWT-based authentication to a Hapi server, utilizing Airtable as a data store. It will trigger a callback function with a verification callback url that can be used to send an email with a "magic link" style confirmation button.
Usage
Register the plugin with your Hapi server by doing the following:
await server.register({
plugin: require("@draftbit/hapi-airtable-authentication-plugin"),
options: {
airtableBase: AIRTABLE_BASE,
airtableApiToken: AIRTABLE_API_TOKEN,
jwtSecret: JWT_SECRET,
apiUrl: API_URL,
verifyCallback: ({ email, verificationUrl, loginCode }) => {}
}
});
In Airtable, you must have a table called Users
, with the following columns:
email
, of type Emaillogin_code
, of type Single line textemail_confirmed
, of type Checkbox
The following three routes will be added to your server:
/verify
- Generates a JWT token and triggers the first step in the authentication process, callingverifyCallback
. The following query parameters are required:- email - The email address of the authenticating user
- linkingUri - The linking URI the user will be redirected to after sign in confirmation.
/confirm
- The route hit when the user navigates to theverificationUrl
passed inverifyCallback
. The user will be redirected to thelinkingUri
passed in the previous step, along withuserId
andtoken
query params. The following query parameters are required, and are already included in theverificationUrl
returned in the previous step:token
linkingUri
/confirm-code
- This endpoint exists to support the user manually entering the five digit code returned inverifyCallback
, rather than clicking the "magic link" sent in the email. The following query paramters are required:email
- The user's email addresscode
- The five digit code returned inverifyCallback
Options
All options are required.
airtableBase
- The ID of the Airtable Base you wish to interact withairtableApiToken
- Your Airtable API keyjwtSecret
- A string containing the secret for the HMAC algorithm. See jsonwebtoken docs for more informationapiUrl
- The URL that the Hapi server is public accessible from. This will be used to generate the callback URLverifyCallbacak
- A function that accepts an object withemail
,verificationUrl
, andloginCode
keys. This is called after/verify
is called