This module currently only offers a bearer authentication gate.
A stix module that provides gates for default authentication/security methods.
yarn add stix-security- Add to your
config/modules.ts.import { Security } from 'stix-security'; export const modules = [ /* ... */ Security, ];
StormUse the gates.
Simply import the desired gate and add it in your config. See the examples below. More info on gates can be found in the docs.
Each gate implements support for a specific authentication method.
The BearerGate is for basic header auth using a Bearer.
Authorization: Bearer some.jwt.here
This gate:
- Verifies that the header exists
- Verifies the header is properly formatted
- Verifies that the token is valid
If these checks fail the request will be denied (unauthorized).
The payload and token will be set on and accessible from:
ctx.state.authorization.
The only required configuration value for this gate is secret used to validate the JWT.
import { SecurityConfig } from 'stix-security';
export const security: SecurityConfig = {
schemes: {
bearer: {
options: {
secret: 'A SECRET HERE',
},
},
},
};import { GateManagerConfigType } from 'stix-gates';
import { BearerGate } from 'stix-security';
export const gate: GateManagerConfigType = {
rules: new Map<any, any>([
[ SomeController, { someAction: BearerGate } ],
]),
};The following gates still have to be built.
- basic
- apiKey
- openIdConnect
- oauth2
MIT