Lolo API Auth
Summary
Authenticate an HTTP request.
Many API request may only be performed by authorized users. This function will often be placed between a HTTP trigger and request processing like below:
Ports
Events received on the in
port are attempted to be authenticated. If the event can be authenticated it is routed to out
.
Input/Output Format
Input
The received event is exepected to be an object with a headers
property. That in turn is expected to be an object with the the properties lolo-api-key
or authorization
. These properties are either a LoLo API key (which you can generate in your admin panel) or a JWT token (which you get by logging in) respectively. These are used to authenticate the user.
The headers property may also have a lolo-account-id
property which, if present, should be a string with a LoLo account ID. This is used to allow the user to access other accounts than their own which they are a member of.
Output
If the event can be authenticated, then a session
property is set on the event. The session
property holds an object with the following properties:
primaryAccountId
,email
,accountId
, androle
.
All properties are strings.
primaryAccountId
is the ID of the account the client authenticated as.
accountId
is the ID of the account the client is accessing.
email
is primary accounts email.
role
is a string corresponding to the role the user has. (Either 'read'
or 'write'
.)
Events
This function does not listen for, nor emits any events.
Other
If there is a query
property present on the event which has a lolo-api-key
property, then the lolo-api-key
property may be omitted from the headers
object. The same applies to authorization
.
Updated over 1 year ago