hapi Triton auth
hapi plugin for Triton authentication.
Options
-
cookieName: name of session cookie, default is 'sso' -
baseUrl: required setting used to constructreturnToURL from SSO. Set to the base part of the URL that your site is running under (e.g. http://site.com). -
ssoUrl: required URL to SSO login page -
apiBaseUrl: required URL to Triton cloud API to retrieve profile data from -
keyId: requireduser/keys/IDformatted key identifier -
keyPath: required full path to private key file thats associated with the keyId -
permissions: optional object with permissions that the user will need. Defaults to an empty object. -
isDev: optional boolean used for development, will prevent users from logging in and every request is authenticated. Default isfalse, do not set to true in production. -
cookie: object with the following settings-
encoding: default is 'iron' -
path: optional cookie path to scope to -
isHttpOnly: boolean, defaults to true -
isSecure: boolean, defaults to true -
password: 32+ character key to secure the cookie, defaults to random 32 characters. Set to the same value for each server in rotation together. -
ttl: number of milliseconds until the cookie and token expires, default is 14400000 (4 hours) -
domain: origin of the cookie, default is 'localhost'
-
Usage
The hapi route handler will have it's request argument decorated with a property named sso that is a reference to the class exported in /lib/sso.js. This class includes helper methods that are meant to assist you in interacting with SSO. Below are the supported functions you can use:
getSsoUrl(returnto, ssoPath) - return signed URL to use for making a request to SSO
