Sessions
Novel maintains a session for each client that comes in via a session cookie. This is handled by https://github.com/fastify/fastify-secure-session. Both application and admin context's are supported.
You can access this session via the request variable in your handler.
export default async function Route (instance: FastifyInstance) {
instance.get('/api/v1/account', handler);
instance.authenticated();
async function handler(request, reply) {
console.log(request.session);
reply.status(204);
}
}
There are also additional request variables available to you for convenience.
request.account
request.account
This includes details on which user is accessing that request.
request.account = {
id: string,
role: string,
verified: boolean,
};
request.org
request.org
This includes details on which organization is being used by the current request
request.org = {
id: string,
}
Cookie Session
Available under
export default function Route(instance) {
instance.authenticated();
instance.get('/your/route', handler);
async function handler () {
reply.send('ONLY FOR AUTHENTICATED USERS');
}
}
also available under request via
await request.authenticated();
you can also provide an array of roles where the endpoint only responds to the session if they have the role.
API Session
When using an API key, you can respond to requests and scope routes under
export default function Route(instance) {
instance.authorized();
instance.get('/your/route', handler);
async function handler () {
reply.send('ONLY FOR AUTHENTICATED API KEYS');
}
}
also available under request via
await request.authorized();
You can provide an array of scopes specific to the key if you need to have a more granular control.
Changelog
2024-12-20 - Initial Documentation
Last updated
Was this helpful?