Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-10-27 11:02:16 +01:00
Code Issues Projects Releases Wiki Activity

Document how to secure client api #231

Browse Source
This commit is contained in:
ivaosthu 2018-01-16 14:48:10 +01:00 committed by Ivar Conradi Østhus
parent fea601099a
commit 68a9feaa8a
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/securing-unleash.md
View File

@ -20,7 +20,6 @@ unleash.start({
}).then(unleash => {
console.log(`Unleash started on http://localhost:${unleash.app.get('port')}`);
});
```
Examples on custom authentication hooks:
@ -42,7 +41,7 @@ UnleashConfig unleashConfig = UnleashConfig.builder()
.build();
```
On the unleash server side you need to implement a preRouterHook hook which verifies that all calls to `/api/client` includes this pre shared key in the defined header. This could look something like this:
On the unleash server side you need to implement a preRouter hook which verifies that all calls to `/api/client` includes this pre shared key in the defined header. This could look something like this:
```javascript
const unleash = require('unleash-server');

3
examples/client-auth-unleash.js
View File

@ -9,7 +9,10 @@ const sharedSecret = '12312Random';
unleash
.start({
databaseUrl: 'postgres://unleash_user:passord@localhost:5432/unleash',
<<<<<<< HEAD
enableLegacyRoutes: false,
=======
>>>>>>> 0681945... Document how to secure client api #231
preRouterHook: app => {
app.use('/api/client', (req, res, next) => {
if (req.headers.authorization === sharedSecret) {