Vapor GitHub

You're viewing documentation for an older version. View the latest version

Auth Helper#

The Auth package adds a convenience property on every request that makes it easy to authenticate, persist, and unauthenticate users.

Authentication#

Checking#

You can get the currently authenticated user.

let user = req.auth.authenticated(User.self)

You can check to see if the user is authenticated.

if req.auth.isAuthenticated(User.self) {
    ...	
}

You can also assert that the user is authenticated.

let user = try req.auth.assertAuthenticated(User.self)

!!! note: A 403 Forbidden error will be thrown if the user is not authenticated.

Manual#

You can manually authenticate a user.

if let user = try User.find(1) {
	req.auth.authenticate(user)	
}

You can also unauthenticate the currently authenticated user.

try req.auth.unauthenticate()

!!! note: If the user is Persistable, they will also be unpersisted.

Headers#

The helper can be used to access common authorization headers.

print(req.auth.header)

Token#

The header has additional conveniences for parsing out bearer tokens.

print(req.auth.header?.bearer)

Tip

You can use _authorizationBasic and _authorizationBearer to send tokens in the URL string.

Password#

And basic auth username + password.

print(req.auth.header?.basic)