MCPcopy
hub / github.com/hapijs/hapi / _authenticate

Method _authenticate

lib/auth.js:252–296  ·  view source on GitHub ↗
(request)

Source from the content-addressed store, hash-verified

250 }
251
252 async _authenticate(request) {
253
254 const config = this.lookup(request.route);
255
256 const errors = [];
257 request.auth.mode = config.mode;
258
259 // Injection bypass
260
261 if (request.auth.credentials) {
262 internals.validate(null, { credentials: request.auth.credentials, artifacts: request.auth.artifacts }, request.auth.strategy, config, request, errors);
263 return;
264 }
265
266 // Try each strategy
267
268 for (const name of config.strategies) {
269 const strategy = this.#strategies[name];
270
271 const bind = strategy.methods;
272 const realm = strategy.realm;
273 const response = await request._core.toolkit.execute(strategy.methods.authenticate, request, { bind, realm, auth: true });
274
275 const message = (response.isAuth ? internals.validate(response.error, response.data, name, config, request, errors) : internals.validate(response, null, name, config, request, errors));
276 if (!message) {
277 return;
278 }
279
280 if (message !== internals.missing) {
281 return message;
282 }
283 }
284
285 // No more strategies
286
287 const err = Boom.unauthorized('Missing authentication', errors);
288 if (config.mode === 'required') {
289 throw err;
290 }
291
292 request.auth.isAuthenticated = false;
293 request.auth.credentials = null;
294 request.auth.error = err;
295 request._log(['auth', 'unauthenticated']);
296 }
297
298 static access(request) {
299

Callers 1

authenticateMethod · 0.80

Calls 3

executeMethod · 0.80
lookupMethod · 0.45
_logMethod · 0.45

Tested by

no test coverage detected