Tutorial: authorization

authorization

We can authorize users in few ways using passport.js powered sessions. Initial configuration can be done via passport property of config object.

Local strategy Will be explained shortly

Sign up and email confirmation Will be explained shortly

Header authorization We can pass authorization token (the huntKey) as header for requests and if there is no passport.js authorized user, the authorization is done.

Token authorization We can pass authorization token (the huntKey) as query (for GET ) or body parameter (for POST,PUT,PATCH,DELETE) for requests and if there is no passport.js authorized user, the authorization is done. For example, /api/v1/myself?huntKey=i_am_game_master_grr

Default OpenID strategies Currently we have this ones:

Default OAuth strategies Currently we have this ones: