new AccessToken()
Token based authentication and access control.
**Default ACLs**
- DENY EVERYONE `*`
- ALLOW EVERYONE create
Properties:
| Name | Type | Description | ||||||
|---|---|---|---|---|---|---|---|---|
id |
String | Generated token ID. | ||||||
ttl |
Number | Time to live in seconds, 2 weeks by default. | ||||||
created |
Date | When the token was created. | ||||||
settings |
Object | Extends the `Model.settings` object.
Properties
|
- Source:
Members
(static) ANONYMOUS
Anonymous Token
```js
assert(AccessToken.ANONYMOUS.id === '$anonymous');
```
- Source:
Methods
(static) getIdForRequest(req) → {String}
Extract the access token id from the HTTP request
Parameters:
| Name | Type | Description |
|---|---|---|
req |
Request | HTTP request object |
Properties:
| Name | Type | Attributes | Description |
|---|---|---|---|
cookies |
Array |
<optional> |
Array of cookie names. |
headers |
Array |
<optional> |
Array of header names. |
params |
Array |
<optional> |
Array of param names. |
searchDefaultTokenKeys |
Boolean |
<optional> |
Use the default search locations for Token in request |
bearerTokenBase64Encoded |
Boolean |
<optional> |
Defaults to `true`. For `Bearer` token based `Authorization` headers, decode the value from `Base64`. If set to `false`, the decoding will be skipped and the token id will be the raw value parsed from the header. |
- Source:
Returns:
The access token
- Type
- String