jfromaniello / passport-hawk Goto Github PK

Passport allows for options to be passed in the authenticate() call to the implementing library.

Hawk provides options for the implementer to specify the request hostname and port to be used for hmac calculation. See:
https://www.npmjs.com/package/hawk#host-header-forgery

This is especially useful when using a reverse proxy in front of the node server, where the requesting client may make a request on a different protocol (https vs. http) and port (443 vs. 80 or custom port) to the proxy server vs. the server running node.

The passport-hawk implementation does not pass the specified options to the hawk library.

Is there anyone willing to take this project and update it? It's a really small project. I'd be willing to take it over if need be.

const Hoek = require('hoek');
^^^^^

SyntaxError: Use of const in strict mode

Hi,

I'm using passport-hawk to generate a bewit to authorize documents download in my API but the passReqToCallback option is not working.

I'm calling it as follows:

passport.use('hawk-strategy', new HawkStrategy( { passReqToCallback: true, bewit: true }, (req, id, done) => { if (!req) { return done(); }

But req is getting id value instead of the request object.

What can I do?

I know that I am not sending the proper tokens. I am trying to define my app's behavior when requests do not include Hawk credentials.

Do you know of a good way to catch this error? The error is uncaught and express is returning a 500 (as its supposed too).

Is there a canonical way with this library, or with passport to handle this? ie send back a 401.

I know a few different ways to solve my issue, but I am wondering if there is a common pattern that I am not seeing.

Thanks