Hacking Strider¶
Auth¶
Currently Strider supports two kinds of authentication, cookie and basic. In the near future, Hawk will be added.
Cookie authentication is done by posting to /login
with a payload of
email
and password
. Content-type is www-form-urlencoded
. You then
have a session cookie.
Note
say something about expiration...
Basic auth is done by sending the header "Authorization: basic " +
base64(username + ":" + password)
. This must be done for every request that
requires authentication.
CORS¶
Strider supports CORS so that you may call it from a browser or open a websocket to it (Socket.io initiation protocol requires it).
To enable CORS pass a cors configuration option when instantiating Strider, which is then passed to the cors npm module.
Example:
var strider = require('strider');
var config = {
cors: {
origin: 'http://localhost:1337',
credentials: true,
headers: [
'DNT',
'X-Mx-ReqToken',
'Keep-Alive',
'User-Agent',
'X-Requested-With',
'If-Modified-Since',
'Cache-Control',
'Content-Type',
'Accept',
'Accept-Encoding',
'Origin',
'Referer',
'Pragma',
'Cookie'
],
methods: [
'GET',
'PUT',
'POST',
'DELETE',
'OPTIONS'
],
maxAge: 1728000
}
};
var app = strider(includePath, config, function(){
console.log("Strider is running");
});