Authentication

3min
Authentication is always a tough topic to discuss, there are so many patterns out there and by supporting one, you are more than likely to fail at supporting others. With that said, we wanted to make hyper63⚡ flexible so that your team can use the security model that works best for you. We also wanted to give teams an option by default. The option is using JWT hmac security, which is based on a `SECRET`.
Default🚀
To use the default security process you will need to setup your hyper63.config.js⚡ file to use middleware and the @hyper63/app-express⚡ module as your app container.
For Example:
JS
const memory = require('@hyper63/adapter-memory')
const pouchdb = require('@hyper63/adapter-pouchdb')
const fs = require('@hyper63/adapter-fs')
const minisearch = require('@hyper63/adapter-minisearch')
const express = require('@hyper63/app-express')
const jwt = require('./jwt')

module.exports = {
  app: express,
  adapters: [
    { port: 'cache', plugins: [memory()]},
    { port: 'data', plugins: [pouchdb({dir: process.env.DATA})]},
    { port: 'storage', plugins: [fs({dir: process.env.DATA})]},
    { port: 'search', plugins: [minisearch()]}
  ],
  middleware: [jwt]
}
const memory = require('@hyper63/adapter-memory')
const pouchdb = require('@hyper63/adapter-pouchdb')
const fs = require('@hyper63/adapter-fs')
const minisearch = require('@hyper63/adapter-minisearch')
const express = require('@hyper63/app-express')
const jwt = require('./jwt')

module.exports = {
  app: express,
  adapters: [
    { port: 'cache', plugins: [memory()]},
    { port: 'data', plugins: [pouchdb({dir: process.env.DATA})]},
    { port: 'storage', plugins: [fs({dir: process.env.DATA})]},
    { port: 'search', plugins: [minisearch()]}
  ],
  middleware: [jwt]
}
﻿
And create a jwt.js file
JS

const jwt = require('express-jwt')

module.exports = (app) => {

  app.use(jwt({
    secret: process.env.SECRET, 
    algorithms: ['HS256']
  }).unless({path: ['/']}))

  app.use((err, req, res, next) => {
    if (err.name === 'UnauthorizedError') {
      res.status(401).send({ok: false, msg: 'not authorized'})
    }
  })

  return app
}

const jwt = require('express-jwt')

module.exports = (app) => {

  app.use(jwt({
    secret: process.env.SECRET, 
    algorithms: ['HS256']
  }).unless({path: ['/']}))

  app.use((err, req, res, next) => {
    if (err.name === 'UnauthorizedError') {
      res.status(401).send({ok: false, msg: 'not authorized'})
    }
  })

  return app
}
﻿
Custom 🛠️
Because hyper63⚡ is modular and in this case using express, you can use any express framework middleware to manage your authentication process, you can add scopes and and more advanced security checks for each endpoint. 
For example, let's say you only wanted certain clients to be able to create and delete datastores. 
You would modify your JWT to perform special checks based on those endpoints. 
JS

const jwt = require('express-jwt')
module.exports = (app) => {

  app.use(jwt({
    secret: process.env.SECRET, 
    algorithms: ['HS256']
  }).unless({path: ['/', /^\/data$/]}))

  app.use('/data', jwt({
    secret: process.env.ADMIN_SECRET,
     algorithms: ['HS256']
  })

  app.use((err, req, res, next) => {
    if (err.name === 'UnauthorizedError') {
      res.status(401).send({ok: false, msg: 'not authorized'})
    }
  })

  return app
}

const jwt = require('express-jwt')
module.exports = (app) => {

  app.use(jwt({
    secret: process.env.SECRET, 
    algorithms: ['HS256']
  }).unless({path: ['/', /^\/data$/]}))

  app.use('/data', jwt({
    secret: process.env.ADMIN_SECRET,
     algorithms: ['HS256']
  })

  app.use((err, req, res, next) => {
    if (err.name === 'UnauthorizedError') {
      res.status(401).send({ok: false, msg: 'not authorized'})
    }
  })

  return app
}
﻿
 Need specific help? You can always reach out to our support team for any additional assistance at checkout our help desk﻿
Updated 03 Mar 2023
Did this page help you?
List Crawler Jobs
Configuration
Docs powered by Archbee
TABLE OF CONTENTS
Default🚀
Custom 🛠️