| 58 | type ValueOrFunction<T> = T | ((req: IBasicAuthedRequest) => T) |
| 59 | |
| 60 | interface IBaseOptions { |
| 61 | /** |
| 62 | * Per default the middleware will not add a WWW-Authenticate challenge header to responses of unauthorized requests. |
| 63 | * You can enable that by setting this to true, causing most browsers to show a popup to enter credentials |
| 64 | * on unauthorized responses. |
| 65 | * |
| 66 | * @default false |
| 67 | */ |
| 68 | challenge?: boolean |
| 69 | |
| 70 | /** |
| 71 | * You can set the realm (the realm identifies the system to authenticate against and can be used by clients to |
| 72 | * save credentials) of the challenge by passing a string or a function that gets passed the request and is |
| 73 | * expected to return the realm. |
| 74 | * |
| 75 | * @default undefined |
| 76 | */ |
| 77 | realm?: ValueOrFunction<string> |
| 78 | |
| 79 | /** |
| 80 | * Per default, the response body for unauthorized responses will be empty. |
| 81 | * It can be configured using the unauthorizedResponse option. You can either pass a static response or a |
| 82 | * function that gets passed the express request object and is expected to return the response body. |
| 83 | * If the response body is a string, it will be used as-is, otherwise it will be sent as JSON. |
| 84 | * |
| 85 | * @default '' |
| 86 | */ |
| 87 | unauthorizedResponse?: ValueOrFunction<any> |
| 88 | } |
| 89 | |
| 90 | interface IUsersOptions extends IBaseOptions { |
| 91 | /** |
nothing calls this directly
no outgoing calls
no test coverage detected
searching dependent graphs…