Performs authentication for the request. Note: Virtual function - re-implement in the strategy.
The request to authenticate.
Options passed to the strategy.
Internal error while performing authentication.
Strategies should call this function when an internal error occurs during the process of performing authentication; for example, if the user directory is not available.
Fail authentication, with optional challenge and status, defaulting
to 401.
Strategies should call this function to fail an authentication attempt.
(Can also be an object with 'message' and 'type' fields).
Pass without making a success or fail decision.
Under most circumstances, Strategies should not need to call this function. It exists primarily to allow previous authentication state to be restored, for example from an HTTP session.
Redirect to url with optional status, defaulting to 302.
Strategies should call this function to redirect the user (via their user agent) to a third-party website for authentication.
Authenticate user, with optional info.
Strategies should call this function to successfully authenticate a
user. user should be an object supplied by the application after it
has been given an opportunity to verify credentials. info is an
optional argument containing additional user information. This is
useful for third-party authentication strategies to pass profile
details.
This method is called internally by Passport after having
validated a JwT token and is used merely to decode the data
of an already authenticated user.
This method is guaranteed to receive a valid token that has
been previously signed and issued to a valid user.
The valid token JSON object.
Generated using TypeDoc
This trait implements a passport strategy that refreshes a user's expired access tokens using JwT tokens that are attached to the HTTP request using a Bearer token header.
Investigate whether a PEM-encoded public key makes more sense for signing tokens in production environments.
v0.3.0