Module

admin-bro-hapijs

Installation

npm install admin-bro-hapijs boom inert

Plugin depends on the following packages and they have to be installed beforehand:

  • boom - handling errors
  • inert - rendering static assets

If you want to use built-in auth, you'll also need this:

Usage

The plugin can be registered using standard server.register method.

The simplest example:

const AdminBroPlugin = require('admin-bro-hapijs')
const Hapi = require('hapi')

const adminBroOptions = {
  resources: [YourResource],
}

const server = Hapi.server({ port: process.env.PORT || 8080 })
const start = async () => {
  await server.register({
    plugin: AdminBroPlugin,
    options: adminBroOptions,
  })

  await server.start()
}

start()

The example above will launch the admin panel under default localhost:8080/admin url. Routes will be accessible by all users without any authentication.

To restrict access, you can pass auth via plugin options.

Authentication options

Plugin receives all AdminBroOptions and one special parameter: auth, which controls the authentication.

  1. By default, if you won't give options.auth - admin panel will be available without the authentication (like in the simplest example above)
  2. You can set whatever authentication you prefer for admin routes by setting options.auth.strategy. For example:
//...
await server.register(require('hapi-auth-basic'))
server.auth.strategy('simple', 'basic', { validate })

await server.register({
  plugin: AdminBroPlugin,
  options: { auth: { strategy: 'simple' }, ...otherAdminBroOptions },
})
//...

The strategy will be passed down to all AdminBro routes.

  1. admin-bro-hapijs plugin can be setup to use auth-cookie. Only thing you have to do is to define the following auth options: authenticate, cookiePassword, isSecure, cookieName.

View Source admin-bro-hapijs/index.js, line 1

Methods

# static register(server, options) → {AdminBro}

Actual method that Hapi uses under the hood when you call server.register(plugin, options) method. Options you give in Hapi are passed back to it.

Parameters:
Name Type Attributes Default Description
server Object

Hapi.js server

options Object

options passed to AdminBro

auth Object

Authentication options. You can pass here options described below and any other option supported by the https://github.com/hapijs/cookie

auth.authenticate Object <optional>

function takes email and password as arguments. Should return a logged in user or null (no authorization), if given options.auth.strategy is set to 'session'

auth.strategy Object <optional>

auth strategy for hapi.js routes. By default, set to none - all admin routes will be available without authentication

auth.cookieName Object <optional>
adminBro

When auth strategy is set to 'session', this will be the name of the cookie

auth.cookiePassword Object <optional>

cookie password for session strategy

auth.isSecure Object <optional>
false

if cookie should be accessible only via HTTPS, default to false

View Source admin-bro-hapijs/plugin.js, line 16

AdminBro instance

AdminBro
Example
const AdminBroPlugin = require('admin-bro-hapijs')
const Hapi = require('hapi')

// see AdminBro documentation on database setup.
const yourDatabase = require('your-database-setup-file')

const ADMIN = {
  email: '[email protected]',
  password: 'password',
}

const adminBroOptions = {
  resources: [yourDatabase],

  auth: {
    authenticate: (email, password) => {
      if (ADMIN.email === email && ADMIN.password === password) {
        return ADMIN
      }
      return null
    },
    strategy: 'session',
    cookieName: 'adminBroCookie',
    cookiePassword: process.env.COOKIE_PASSWORD || 'makesurepasswordissecure',
    isSecure: true, //only https requests
  },
}

const server = Hapi.server({ port: process.env.PORT || 8080 })
const start = async () => {
  await server.register({
    plugin: AdminBroPlugin,
    options: adminBroOptions,
  })

  await server.start()
}

start()

# static renderLogin()

Renders login page by simply invoking AdminBro.renderLogin

View Source admin-bro-hapijs/plugin.js, line 150