Demo login functionality using Hapi, basic authentication and Hawk authentication schemes, and Redis for persistence. The interface is taken from Bootstrap's sign-in sample form. The Hawk implementation used here is based on Mozilla Services' Hawk authentication middleware for Express.
Note: The presentation here is merely a showcase of different tools and is not an accurate representation of how to use Hawk. In pratical usages, the client has to use the Hawk browser library and append the proper authentication headers during a request to be able to utilize the synchronization of the server and the client (and reject the request if the timestamp is invalid). The implementation here instead bypasses the aforementioned feature by using the "onPreAuth" hook of Hapi.
$ git clone https://github.com/identityclash/hapi-login-test.git && cd hapi-login-test
$ npm install # download dependencies
$ npm start # run server
$ npm test # run test scriptHapi-Specific
- Acquaint - Routes, handlers, and methods auto-loader
- Blankie - Plugin for customization of Content Security Policies (CSP)
- Boom - HTTP-friendly error objects
- Confidence - JSON-based configuration document format and API
- Crumb - Plugin for cross-site request forgery (CSRF) protection using random unique token (crumb)
- Cryptiles - General utilities for cryptography
- Disinfect - Plugin for sanitizing request params, query, and payload
- Glue - Configuration based composition of the server
- Good - Plugin for process monitoring
- Good-Console - Console reporting for Good server events
- Good-Squeeze - Simple transform streams useful in creating Good data pipelines
- Handlerbars - Semantic templating for view; an extension of Mustache
- Hapi-Auth-Basic - Plugin for HTTP basic authentication scheme based on RFC 2617
- Hapi-Auth-Hawk - Hawk authentication plugin
- Hapi-Ioredis - Ioredis plugin
- Hoek - Utility methods
- Inert - Static file and directory handlers
- Scooter - User-agent information plugin
- Vision - Templates rendering support
- Visionary - Views loader plugin
- Async - Utilities on asynchronous functions in JavaScript
- BcryptJS - Utilities for hashing in JavaScript
- Browserify - Allows require('modules') in the browser by bundling up all dependencies
- Fakeredis - Fake implementation of Redis for testing purposes
- HKDF - HKDF key-derivation function implementation based on RFC 5869 for NodeJS
- Hawk - HTTP Holder-Of-Key Authentication Scheme
- Iron - Cryptographic utility for sealing a JSON object using symmetric key encryption with message integrity verification
- jQuery - Library for HTML document traversal and manipulation, event handling, animation, and AJAX
- JSON-Stringify-Safe - JSON.stringify but silently protects against circular references
- Lodash - Utility library for JavaScript working with iterating arrays, objects, & strings; manipulating & testing values; and creating composite functions
- Redis - Key-value in-memory database that persists on disk
- Request - Simplified HTTP request client
- UUID - Generate RFC-compliant UUIDs in JavaScript; a forked implementation of Node UUID