Authentication Strategies

An authentication strategy is any object or class that implements at least an authenticate(data, params) method. They can be registered with the AuthenticationService to authenticate service calls and other requests. The following strategies already come with Feathers:

JWTStrategy in @feathersjs/authentication
LocalStrategy in @feathersjs/authentication-local
OAuthStrategy in @feathersjs/authentication-oauth

More details on how to customize existing strategies can be found in their API documentation. This section describes the common methods for all authentication strategies and how a custom authentication strategy can be implemented.

setName(name)

Will be called with the name under which the strategy has been registered on the authentication service. Does not have to be implemented.

setApplication(app)

Will be called with the Feathers application instance. Does not have to be implemented.

setAuthentication(service)

Will be called with the Authentication service this strategy has been registered on. Does not have to be implemented.

verifyConfiguration()

Synchronously verify the configuration for this strategy and throw an error if e.g. required fields are not set. Does not have to be implemented.

authenticate(authentication, params)

Authenticate authentication data with additional params. authenticate should throw a NotAuthenticated if it failed or return an authentication result object.

parse(req, res)

Parse a given plain Node HTTP request and response and return null or the authentication information it provides. Does not have to be implemented.

This is called by the authentication service. See AuthService.parse

AuthenticationBaseStrategy

The AuthenticationBaseStrategy class provides a base class that already implements some of the strategy methods below with some common functionality:

setName sets this.name
setApplication sets this.app
setAuthentication sets this.authentication
configuration getter returns this.authentication.configuration[this.name]
entityService getter returns the entity (usually /users) service from this.app

Examples

Examples for authentication strategies can be found in the Cookbook:

Anonymous strategy

Authentication Strategies ​

setName(name) ​

setApplication(app) ​

setAuthentication(service) ​

verifyConfiguration() ​

authenticate(authentication, params) ​

parse(req, res) ​

AuthenticationBaseStrategy ​

Examples ​