embeddedDocument
to be passed as a string.
basePath
or documentationPath
(as seen here: https://github.com/glennjones/hapi-swagger/blob/master/optionsreference.md)
@wowtech_gitlab apologies for the lack of documentation on authentication, I'll have to fix that.
Short answer: use a hapi auth plugin such as hapi-auth-jwt2
and set the config.authStrategy
option.
You can see a working example in the appy
project:
https://github.com/JKHeadley/appy/blob/master/backend/server/plugins/auth.plugin.js
https://github.com/JKHeadley/appy/blob/a009a81ea0b80c39ccd01813def7d3d1956f9168/backend/config/manifest.conf.js#L43
https://github.com/JKHeadley/appy/blob/a009a81ea0b80c39ccd01813def7d3d1956f9168/backend/config/index.js#L215
I will work on getting a better explanation in the docs and let you know once it's done.
questionCategoryLink
. I want the collection to be named questionCategoryLinks
, to match the pluralization of all my other collection names.
Anyone know how can I fix issue regarding "UnhandledPromiseRejectionWarning: MongoError: TTL index 'expireAfterSeconds' option must be numeric, but received a type of 'null'." ? I have cloned https://github.com/JKHeadley/rest-hapi-demo. But when I try to run server/api.js it always stop with this unHandled promise.
I'm having the same issue!
JKHeadley/rest-hapi#208
@djclarkson Thanks! Sorry for the late reply, but you can find a simple auth example here:
https://github.com/JKHeadley/rest-hapi-demo/tree/feature/authentication
There is also a link to it in the docs: https://resthapi.com/docs/authentication.html
@felipeprov Thanks for the comment, glad you find it useful!
As for your question, if I understand it correctly then it sounds like you have a many-many association with groups and users and a one-many association with groups and resources (i.e. a resource can only belong to one group). You would like for only users that belong to the same group as a resource to be able to access that resource.
If this is the case then this can be accomplished through association middleware. Basically, whenever a resource is added to a group, you should add group-{id} to the resource's documentScope. This can be done in the add->resources association middleware function for the group model. Also, whenever a user is added to the group, you would have to make sure group-{id} is added to their scope as well. In appy this is done with the permissions model. You could alternatively just have a simple scope field in your user model. Then when the user authenticates, you use this scope field (or the associated permission) to calculate the scope stored in the user's token. In this case when the user's scope is calculated it should end up containing group-{id}. Now when the user attempts to access a resource in the same group, rest-hapi will compare the resources documentScope with the user's calculated scope and find a matching scope (group-{id}) and allow the user to access the resource.
You could also accomplish this with policies rather than leveraging documentScope, however it would essentially be the same process with some extra work.
This is an overview of how it can be accomplished. Document authorization is one of the more nuanced features in rest-hapi, so I would highly recommend reading through the docs to make sure you understand the concepts before attempting this. It may be helpful to reference appy for examples of how user scopes are created.
If you would like more explanations of a particular topic, let me know and I'll try to help.