Installation
npm install admin-bro-hapijs boom inert
Plugin depends on the following packages and they have to be installed beforehand:
If you want to use built-in auth, you'll also need this:
Usage
The plugin can be registered using standard server.register
method.
The simplest example:
const AdminBroPlugin = require('admin-bro-hapijs')
const Hapi = require('hapi')
const adminBroOptions = {
resources: [YourResource],
}
const server = Hapi.server({ port: process.env.PORT || 8080 })
const start = async () => {
await server.register({
plugin: AdminBroPlugin,
options: adminBroOptions,
})
await server.start()
}
start()
The example above will launch the admin panel under default localhost:8080/admin
url.
Routes will be accessible by all users without any authentication.
To restrict access, you can pass auth
via plugin options.
Authentication options
Plugin receives all AdminBroOptions and one special parameter: auth
, which controls the authentication.
- By default, if you won't give
options.auth
- admin panel will be available without the authentication (like in the simplest example above) - You can set whatever authentication you prefer for admin routes by setting
options.auth.strategy
. For example:
//...
await server.register(require('hapi-auth-basic'))
server.auth.strategy('simple', 'basic', { validate })
await server.register({
plugin: AdminBroPlugin,
options: { auth: { strategy: 'simple' }, ...otherAdminBroOptions },
})
//...
The strategy will be passed down to all AdminBro routes.
- admin-bro-hapijs plugin can be setup to use auth-cookie. Only thing you have to do is to define the following auth options: authenticate, cookiePassword, isSecure, cookieName.
Methods
# static register(server, options) → {AdminBro}
Actual method that Hapi uses under the hood when you call server.register(plugin, options) method. Options you give in Hapi are passed back to it.
Parameters:
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
server |
Object | Hapi.js server |
||
options |
Object | options passed to AdminBro |
||
auth |
Object | Authentication options. You can pass here options described below and any other option supported by the https://github.com/hapijs/cookie |
||
auth.authenticate |
Object |
<optional> |
function takes email and password as arguments. Should return a logged in user or null (no authorization), if given options.auth.strategy is set to 'session' |
|
auth.strategy |
Object |
<optional> |
auth strategy for hapi.js routes. By default, set to none - all admin routes will be available without authentication |
|
auth.cookieName |
Object |
<optional> |
adminBro | When auth strategy is set to 'session', this will be the name of the cookie |
auth.cookiePassword |
Object |
<optional> |
cookie password for session strategy |
|
auth.isSecure |
Object |
<optional> |
false | if cookie should be accessible only via HTTPS, default to false |
AdminBro instance
Example
const AdminBroPlugin = require('admin-bro-hapijs')
const Hapi = require('hapi')
// see AdminBro documentation on database setup.
const yourDatabase = require('your-database-setup-file')
const ADMIN = {
email: '[email protected]',
password: 'password',
}
const adminBroOptions = {
resources: [yourDatabase],
auth: {
authenticate: (email, password) => {
if (ADMIN.email === email && ADMIN.password === password) {
return ADMIN
}
return null
},
strategy: 'session',
cookieName: 'adminBroCookie',
cookiePassword: process.env.COOKIE_PASSWORD || 'makesurepasswordissecure',
isSecure: true, //only https requests
},
}
const server = Hapi.server({ port: process.env.PORT || 8080 })
const start = async () => {
await server.register({
plugin: AdminBroPlugin,
options: adminBroOptions,
})
await server.start()
}
start()
# static renderLogin()
Renders login page by simply invoking AdminBro.renderLogin