
  • Version 5.0.33
  • Published
  • 211 kB
  • 11 dependencies
  • MIT license


npm i @feathersjs/authentication
yarn add @feathersjs/authentication
pnpm add @feathersjs/authentication


Add Authentication to your FeathersJS app.



variable authenticate

const authenticate: (
originalSettings: string | AuthenticateHookSettings,
...originalStrategies: string[]
) => (context: HookContext, _next?: NextFunction) => Promise<any>;


    class AuthenticationBase

    class AuthenticationBase {}
    • A base class for managing authentication strategies and creating and verifying JWTs


    constructor(app: Application, configKey?: string, options?: {});
    • Create a new authentication service.

      Parameter app

      The Feathers application instance

      Parameter configKey

      The configuration key name in app.get (default: authentication)

      Parameter options

      Optional initial options

    property app

    app: Application;

      property configKey

      configKey: string;

        property configuration

        readonly configuration: FromSchema<any>;
        • Return the current configuration from the application

        property isReady

        isReady: boolean;

          property strategies

          strategies: { [key: string]: AuthenticationStrategy };

            property strategyNames

            readonly strategyNames: string[];
            • A list of all registered strategy names

            method authenticate

            authenticate: (
            authentication: AuthenticationRequest,
            params: AuthenticationParams,
            ...allowed: string[]
            ) => Promise<AuthenticationResult>;
            • Authenticate a given authentication request against a list of strategies.

              Parameter authentication

              The authentication request

              Parameter params

              Service call parameters

              Parameter allowed

              A list of allowed strategy names

            method createAccessToken

            createAccessToken: (
            payload: string | Buffer | object,
            optsOverride?: SignOptions,
            secretOverride?: Secret
            ) => Promise<any>;
            • Create a new access token with payload and options.

              Parameter payload

              The JWT payload

              Parameter optsOverride

              The options to extend the defaults (configuration.jwtOptions) with

              Parameter secretOverride

              Use a different secret instead

            method getStrategies

            getStrategies: (...names: string[]) => AuthenticationStrategy[];
            • Get the registered authentication strategies for a list of names.

              Parameter names

              The list or strategy names

            method getStrategy

            getStrategy: (name: string) => AuthenticationStrategy;
            • Returns a single strategy by name

              Parameter name

              The strategy name


              The authentication strategy or undefined

            method handleConnection

            handleConnection: (
            event: ConnectionEvent,
            connection: any,
            authResult?: AuthenticationResult
            ) => Promise<void>;

              method parse

              parse: (
              req: IncomingMessage,
              res: ServerResponse,
              ...names: string[]
              ) => Promise<AuthenticationRequest>;
              • Parse an HTTP request and response for authentication request information.

                Parameter req

                The HTTP request

                Parameter res

                The HTTP response

                Parameter names

                A list of strategies to use

              method register

              register: (name: string, strategy: AuthenticationStrategy) => void;
              • Register a new authentication strategy under a given name.

                Parameter name

                The name to register the strategy under

                Parameter strategy

                The authentication strategy instance

              method setup

              setup: () => Promise<void>;

                method verifyAccessToken

                verifyAccessToken: (
                accessToken: string,
                optsOverride?: JwtVerifyOptions,
                secretOverride?: Secret
                ) => Promise<any>;
                • Verifies an access token.

                  Parameter accessToken

                  The token to verify

                  Parameter optsOverride

                  The options to extend the defaults (configuration.jwtOptions) with

                  Parameter secretOverride

                  Use a different secret instead

                class AuthenticationBaseStrategy

                class AuthenticationBaseStrategy implements AuthenticationStrategy {}

                  property app

                  app?: Application;

                    property authentication

                    authentication?: AuthenticationBase;

                      property configuration

                      readonly configuration: any;

                        property entityService

                        readonly entityService: Service;

                          property name

                          name?: string;

                            method setApplication

                            setApplication: (app: Application) => void;

                              method setAuthentication

                              setAuthentication: (auth: AuthenticationBase) => void;

                                method setName

                                setName: (name: string) => void;

                                  class AuthenticationService

                                  class AuthenticationService
                                  extends AuthenticationBase
                                  > {}


                                    constructor(app: any, configKey?: string, options?: {});

                                      method create

                                      create: (
                                      data: AuthenticationRequest,
                                      params?: AuthenticationParams
                                      ) => Promise<AuthenticationResult>;
                                      • Create and return a new JWT for a given authentication request. Will trigger the login event.

                                        Parameter data

                                        The authentication request (should include strategy key)

                                        Parameter params

                                        Service call parameters

                                      method getPayload

                                      getPayload: (
                                      _authResult: AuthenticationResult,
                                      params: AuthenticationParams
                                      ) => Promise<{ [key: string]: any }>;
                                      • Return the payload for a JWT based on the authentication result. Called internally by the create method.

                                        Parameter _authResult

                                        The current authentication result

                                        Parameter params

                                        The service call parameters

                                      method getTokenOptions

                                      getTokenOptions: (
                                      authResult: AuthenticationResult,
                                      params: AuthenticationParams
                                      ) => Promise<any>;
                                      • Returns the JWT options based on an authentication result. By default sets the JWT subject to the entity id.

                                        Parameter authResult

                                        The authentication result

                                        Parameter params

                                        Service call parameters

                                      method remove

                                      remove: (
                                      id: string | null,
                                      params?: AuthenticationParams
                                      ) => Promise<AuthenticationResult>;
                                      • Mark a JWT as removed. By default only verifies the JWT and returns the result. Triggers the logout event.

                                        Parameter id

                                        The JWT to remove or null

                                        Parameter params

                                        Service call parameters

                                      method setup

                                      setup: () => Promise<void>;
                                      • Validates the service configuration.

                                      class JWTStrategy

                                      class JWTStrategy extends AuthenticationBaseStrategy {}

                                        property configuration

                                        readonly configuration: any;

                                          property expirationTimers

                                          expirationTimers: WeakMap<object, any>;

                                            method authenticate

                                            authenticate: (
                                            authentication: AuthenticationRequest,
                                            params: AuthenticationParams
                                            ) => Promise<{
                                            accessToken: any;
                                            authentication: { strategy: string; accessToken: any; payload: any };

                                              method getEntity

                                              getEntity: (id: string, params: Params) => Promise<any>;
                                              • Return the entity for a given id

                                                Parameter id

                                                The id to use

                                                Parameter params

                                                Service call parameters

                                              method getEntityId

                                              getEntityId: (authResult: AuthenticationResult, _params: Params) => Promise<any>;

                                                method getEntityQuery

                                                getEntityQuery: (_params: Params) => Promise<{}>;

                                                  method handleConnection

                                                  handleConnection: (
                                                  event: ConnectionEvent,
                                                  connection: any,
                                                  authResult?: AuthenticationResult
                                                  ) => Promise<void>;

                                                    method parse

                                                    parse: (
                                                    req: IncomingMessage
                                                    ) => Promise<{ strategy: string; accessToken: string } | null>;

                                                      method verifyConfiguration

                                                      verifyConfiguration: () => void;


                                                        interface AuthenticationParams

                                                        interface AuthenticationParams extends Params {}

                                                          property authStrategies

                                                          authStrategies?: string[];

                                                            property jwtOptions

                                                            jwtOptions?: SignOptions;

                                                              property payload

                                                              payload?: { [key: string]: any };

                                                                property secret

                                                                secret?: string;

                                                                  index signature

                                                                  [key: string]: any;

                                                                    interface AuthenticationRequest

                                                                    interface AuthenticationRequest {}

                                                                      property strategy

                                                                      strategy?: string;

                                                                        index signature

                                                                        [key: string]: any;

                                                                          interface AuthenticationResult

                                                                          interface AuthenticationResult {}

                                                                            index signature

                                                                            [key: string]: any;

                                                                              interface AuthenticationStrategy

                                                                              interface AuthenticationStrategy {}

                                                                                method authenticate

                                                                                authenticate: (
                                                                                authentication: AuthenticationRequest,
                                                                                params: AuthenticationParams
                                                                                ) => Promise<AuthenticationResult>;
                                                                                • Authenticate an authentication request with this strategy. Should throw an error if the strategy did not succeed.

                                                                                  Parameter authentication

                                                                                  The authentication request

                                                                                  Parameter params

                                                                                  The service call parameters

                                                                                method handleConnection

                                                                                handleConnection: (
                                                                                event: ConnectionEvent,
                                                                                connection: any,
                                                                                authResult?: AuthenticationResult
                                                                                ) => Promise<void>;
                                                                                • Update a real-time connection according to this strategy.

                                                                                  Parameter connection

                                                                                  The real-time connection

                                                                                  Parameter context

                                                                                  The hook context

                                                                                method parse

                                                                                parse: (
                                                                                req: IncomingMessage,
                                                                                res: ServerResponse
                                                                                ) => Promise<AuthenticationRequest | null>;
                                                                                • Parse a basic HTTP request and response for authentication request information.

                                                                                  Parameter req

                                                                                  The HTTP request

                                                                                  Parameter res

                                                                                  The HTTP response

                                                                                method setApplication

                                                                                setApplication: (app: Application) => void;
                                                                                • Implement this method to get access to the Feathers application

                                                                                  Parameter app

                                                                                  The Feathers application instance

                                                                                method setAuthentication

                                                                                setAuthentication: (auth: AuthenticationBase) => void;
                                                                                • Implement this method to get access to the AuthenticationService

                                                                                  Parameter auth

                                                                                  The AuthenticationService

                                                                                method setName

                                                                                setName: (name: string) => void;
                                                                                • Implement this method to get access to the strategy name

                                                                                  Parameter name

                                                                                  The name of the strategy

                                                                                method setup

                                                                                setup: (auth: AuthenticationBase, name: string) => Promise<void>;
                                                                                • Implement this method to setup this strategy

                                                                                  Parameter auth

                                                                                  The AuthenticationService

                                                                                  Parameter name

                                                                                  The name of the strategy

                                                                                method verifyConfiguration

                                                                                verifyConfiguration: () => void;
                                                                                • Implement this method to verify the current configuration and throw an error if it is invalid.

                                                                                interface JwtVerifyOptions

                                                                                interface JwtVerifyOptions extends VerifyOptions {}

                                                                                  property algorithm

                                                                                  algorithm?: string | string[];

                                                                                    Type Aliases

                                                                                    type AuthenticationConfiguration

                                                                                    type AuthenticationConfiguration = FromSchema<typeof authenticationSettingsSchema>;

                                                                                      type ConnectionEvent

                                                                                      type ConnectionEvent = 'login' | 'logout' | 'disconnect';


                                                                                        namespace hooks

                                                                                        module 'src/hooks/index.ts' {}

                                                                                          variable authenticate

                                                                                          const authenticate: (
                                                                                          originalSettings: string | AuthenticateHookSettings,
                                                                                          ...originalStrategies: string[]
                                                                                          ) => (context: HookContext, _next?: NextFunction) => Promise<any>;

                                                                                            variable connection

                                                                                            const connection: (
                                                                                            event: ConnectionEvent
                                                                                            ) => (context: HookContext, next: NextFunction) => Promise<void>;

                                                                                              variable event

                                                                                              const event: (
                                                                                              event: ConnectionEvent
                                                                                              ) => (context: HookContext, next: NextFunction) => Promise<void>;

                                                                                                Package Files (10)

                                                                                                Dependencies (11)

                                                                                                Dev Dependencies (9)

                                                                                                Peer Dependencies (0)

                                                                                                No peer dependencies.


                                                                                                To add a badge like this onejsDocs.io badgeto your package's README, use the codes available below.

                                                                                                You may also use Shields.io to create a custom badge linking to https://www.jsdocs.io/package/@feathersjs/authentication.

                                                                                                • Markdown
                                                                                                • HTML
                                                                                                  <a href="https://www.jsdocs.io/package/@feathersjs/authentication"><img src="https://img.shields.io/badge/jsDocs.io-reference-blue" alt="jsDocs.io"></a>