README.md
# Parse session token validation for Hapi
[](https://travis-ci.org/ejeklint/hapi-parse-session-token) [](https://codeclimate.com/github/ejeklint/hapi-parse-session-token) [](https://codeclimate.com/github/ejeklint/hapi-parse-session-token/coverage)
Lead Maintainer: [Per Ejeklint](https://github.com/ejeklint)
A scheme for route authentication by validating the Parse session token against Parse's REST API. It requires valid Parse keys when configured and a session token passed in headers. This `'parse-access-token'` scheme takes the following options:
- `options` - (required)
- `parse_rest_api_key` (required) - the Parse REST API key.
- `parse_app_id` (required) - the Parse App ID.
- `validatedFunc` - (optional) function called after successful validation with the signature `function(credentials, callback)` where:
- `credentials` - an object with the credentials received from Parse.
- `callback` - a callback function with the signature `function(err, credentials)` where:
- `err` - an internal error.
- `credentials` - a credentials object passed back to the application in `request.auth.credentials`. If err is null, credentials must not be null.
```javascript
var Hapi = require('hapi');
var server = new Hapi.Server();
server.connection({ port: 3000 });
server.register(require('hapi-parse-session-token'), function (err) {
server.auth.strategy('parse', 'parse-access-token', {
parse_rest_api_key: 'abc123',
parse_app_id: 'def456',
validatedFunc: function( credentials, callback ) {
// Decorate the credentials
credentials.extras = 'kilroy was here';
callback(null, credentials)
}
});
});
server.route({
method: 'GET',
path: '/protected',
handler: function (request, reply) {
reply('success');
},
config: { auth: 'parse' }
});
server.start(function () {
console.log('Server started at: ' + server.info.uri);
})
```
License MIT @ Per Ejeklint 2015