Implementing Basic Auth

[hassanshaikley]

Hey all,

I found the documentation a little bit confusing. It didn't work for me. I needed to place basic_auth in a security object. Have I made a mistake or is there a mistake in the documentation?

Link to documentation.

My code:

osprey.loadFile(path, {
	security: {
		basic_auth: {
			validateUser: function (username, password, done) {
				if (users[username] && users[username].password === password) {
					return done(null, true)
				}

				return done(null, false)
			}
		}
	}

[jstoiko]

hey @hassanshaikley, can you provide the RAML file containing the securitySchemes?

[hassanshaikley]

securitySchemes:
  - basic_auth:
      description: |
        Need an Access Token in an Authorization Header to access this API endpoint. Requests need to be in the format username:accessToken. Access tokens are generated on pubpub.org/user/{username}/tokens.
        Also send them base 64 encoded. So an example header looks like 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ='
      type: Basic Authentication
      describedBy:
        headers:
          Authorization:
              description: |
                 Used to send a valid OAuth 2 access token. Do not use
                 with the "access_token" query string parameter.
              type: string

[jstoiko]

@hassanshaikley: I agree that the docs could use a few more examples. Maybe a wiki section pointing to more examples.

That being said, there is a note in the README that says: osprey.loadFile is shorthand for ramlParser.loadFile -> [osprey.security, osprey.server, osprey.errorHandler]. So when using osprey.loadFile(raml, options), the options will get passed as: osprey.security(raml, options.security). See here.