Implementation
The Flow
This plugin relies on how you implement some of required logic. You need to make a service / interface accessible under actionhero api object, do the necessary things there and call a callback function / return a promise. Below is how we illustrate this flow.
Required Implementation
Anywhere in one of your initializers, implement these following methods. There is an example of these implementations using in-memory persistance.
api.AuthImpl.signUp(userData, uuid, callback)
Called when a new user signs up to your app. You can save the userData and uuid to your database here. The userData already contains hashed password the user submitted earlier.
userData, The user’s data submitted during signup process.uuid, The unique id generated for activation process.callback, The function to call after you’ve finished doing things here. Have to be called with these following parameters:error, In case any error happened during the process here, pass the error object. Otherwise passnull.data, A hash containing these required field:user, The user’s data.uuid, The unique id for activation process.options, The options to pass to ah-nodemailer-plugin, to send verification email. Please refer to api.Mailer.send to see available options.
example:
// User and Token is a model of some database.
api.AuthImpl.signUp = function(userData, uuid, callback) {
User.save(userData);
Token.save({uuid: uuid});
var data = {
user: userData,
uuid: uuid,
options: {
locals: {
firstName: userData.firstName,
lastName: userData.lastName
}
}
};
// No error here, so the first argument of callback is null.
callback(null, data);
};
api.AuthImpl.findUser(login, callback)
Called when a user signs in. You can do a database query to find the user here.
login, The login field (username / email depends on your implementation) submitted during the process.callback, The function to call after you’ve finished doing things here. Have to be called with these following parameters:error, In case any error happened during the process here, pass the error object. This includes the case where no user is found. Otherwise passnull.user, The user data for the signed in user.
example:
// User is a model for some database.
api.AuthImpl.findUser = function(login, callback) {
User.find({username: login}, function(err, user) {
if(err) {
callback(err);
return;
}
if(!user) {
callback(new Error('No user is found'));
return;
}
callback(null, user);
});
};
api.AuthImpl.jwtPayload(user, callback)
Compose the user’s payload. Include any substantial user’s data you want to be available later in restricted actions.
user, The user’s data. This is basically the same user’s data you provide in api.AuthImpl.findUser above.callback, The function to call after you’ve finished doing things here. Have to be called with these following parameters:error, In case any error happened during the process here, pass the error object. Otherwise passnull.options, A hash consists of these following fields:payload, The manipulated user’s data above.expired, The expire time of the token. Leave this to provide default value as in JWT Configuration.
example:
api.AuthImpl.jwtPayload = function(user, callback) {
// Exclude the user's password from soon to be signed jwt payload.
delete user.password;
callback(null, {payload: user});
};