-
Notifications
You must be signed in to change notification settings - Fork 14
BasicAuthable
A protocol for automatically authenticating incoming requests
based on their Authentication: Basic ... header. When the
request is intercepted by the BasicAuthMiddleware<T>, it will
query the table of T in Services.db for a row that has a
matching username & validate the password. If the row exists
& the password matches, the type T will be set on the request.
public protocol BasicAuthable: Model// Start with a Rune `Model`.
struct MyUser: BasicAuthable {
// Note that this defaults to "username" but you can override
// with a custom value.
static var usernameKeyString = "email"
var id: Int?
let email: String
let passwordHash: String
}
// Add the BasicAuthMiddleware in front of any endpoints that need
// auth.
app
// Will apply this auth middleware to all following requests.
.use(MyUser.basicAuthMiddleware())
.get("/login") { req in
// Middleware will have authed and set a user on the
// request, or returned an unauthorized response.
let authedUser = try req.get(User.self)
}The name of the username row in the model. Defaults to "username", but can be overridden for custom rows. This row should be unique.
var usernameKeyString: StringThe name of the hashed password row in the model. Defaults to "password_hash", but can be overridden for custom rows.
var passwordHashKeyString: StringVerifies a model's password hash given the password string
from the Authentication header. Defaults to comparing
passwordHash to a Bcrypt hash of the password. Can
be overridden for custom password verification.
static func verify(password: String, passwordHash: String) throws -> Bool- password: The password from an Authentication header, to be compared with the
passwordHashof an existing model. - passwordHash: The password value of the existing model. Technically doesn't need to be a hashed value if
passwordHashKeyStringpoints to an unhashed value, but that wouldn't be very secure, would it?
Any error that might occur during the verification process, by default a CryptoError if hashing fails.
a Bool indicating if password matched passwordHash.
Generated at 2021-01-13T22:24:59-0800 using swift-doc 1.0.0-beta.5.
Alchemy
Types
- AlterTableBuilder
- BCryptDigest
- BasicAuthMiddleware
- BcryptError
- BelongsToRelationship
- CORSMiddleware
- CORSMiddleware.AllowOriginSetting
- CORSMiddleware.Configuration
- ColumnType
- CreateColumn
- CreateColumnBuilder
- CreateIndex
- CreateTableBuilder
- DatabaseConfig
- DatabaseError
- DatabaseField
- DatabaseKeyMappingStrategy
- DatabaseValue
- DayUnit
- Env
- FrequencyTyped
- Grammar
- HTTPAuth
- HTTPAuth.Basic
- HTTPAuth.Bearer
- HTTPBody
- HTTPError
- HasManyRelationship
- HasOneRelationship
- HasRelationship
- HourUnit
- JoinClause
- JoinType
- Launch
- Log
- MIMEType
- MinuteUnit
- ModelQuery
- MySQLDatabase
- Operator
- OrderClause
- OrderClause.Sort
- OrderedDictionary
- PapyrusClientError
- PathParameter
- PathParameter.DecodingError
- PostgresDatabase
- Query
- Request
- Response
- Router
- RuneError
- SQL
- SQLJSON
- Scheduler
- Schema
- SecondUnit
- Services
- Socket
- StaticFileMiddleware
- StringLength
- Thread
- TokenAuthMiddleware
- WeekUnit
- Weekday
- WhereBoolean
- WhereColumn
- WhereIn
- WhereIn.InType
- WhereNested
- WhereRaw
- WhereValue