Hapi Airtable Authentication Plugin
A plugin that adds JWT-based authentication to a Hapi server, utilizing Airtable as a data store. It will trigger a callback function with a verification callback url that can be used to send an email with a "magic link" style confirmation button.
Usage
Register the plugin with your Hapi server by doing the following:
await server.register({
plugin: require("@draftbit/hapi-airtable-authentication-plugin"),
options: {
airtableBase: AIRTABLE_BASE,
airtableApiToken: AIRTABLE_API_TOKEN,
jwtSecret: JWT_SECRET,
apiUrl: API_URL,
verifyCallback: ({ email, verificationUrl, loginCode }) => {}
}
});
In Airtable, you must have a table called Users
, with the following columns:
-
email
, of type Email -
login_code
, of type Single line text -
email_confirmed
, of type Checkbox
The following three routes will be added to your server:
-
/verify
- Generates a JWT token and triggers the first step in the authentication process, callingverifyCallback
. The following query parameters are required:- email - The email address of the authenticating user
- linkingUri - The linking URI the user will be redirected to after sign in confirmation.
-
/confirm
- The route hit when the user navigates to theverificationUrl
passed inverifyCallback
. The user will be redirected to thelinkingUri
passed in the previous step, along withuserId
andtoken
query params. The following query parameters are required, and are already included in theverificationUrl
returned in the previous step:token
linkingUri
-
/confirm-code
- This endpoint exists to support the user manually entering the five digit code returned inverifyCallback
, rather than clicking the "magic link" sent in the email. The following query paramters are required:-
email
- The user's email address -
code
- The five digit code returned inverifyCallback
-
Options
All options are required.
-
airtableBase
- The ID of the Airtable Base you wish to interact with -
airtableApiToken
- Your Airtable API key -
jwtSecret
- A string containing the secret for the HMAC algorithm. See jsonwebtoken docs for more information -
apiUrl
- The URL that the Hapi server is public accessible from. This will be used to generate the callback URL -
verifyCallbacak
- A function that accepts an object withemail
,verificationUrl
, andloginCode
keys. This is called after/verify
is called