mwp-auth-plugin

27.0.28 • Public • Published

Auth

Authentication and authorization through the Meetup API is part of every web platform application, and is handled invisibly by the platform server - the consumer apps do not need to know anything about how their API requests are authenticated. It is a cookie-based auth system, so the server is responsible for reading and writing the relevant cookies from/to the browser client with every request.

Overview

Once the 'mwp-auth' scheme is registered with the server, it must be applied as a server.auth.strategy, which happens when the server starts in the server function of the mwp-app-server package.

The 'mwp-auth' scheme provides an authenticate function that reads auth info from each request and supplies fallback values when necessary.

Once processed by mwp-auth, the request will have auth credentials stored in request.auth.credentials:

{
  "memberCookie": string,
  "csrfToken": string
}

These values can be used when making API requests - the CSRF token must be supplied as a MEETUP_CSRF cookie as well as a csrf-token header, and the member cookie string must be supplied as a MEETUP_MEMBER cookie.

Readme

Keywords

none

Package Sidebar

Install

npm i mwp-auth-plugin

Weekly Downloads

129

Version

27.0.28

License

MIT

Unpacked Size

20 kB

Total Files

9

Last publish

Collaborators

  • meetupbot