To implement API authentication in KeystoneJS, you need the following:
For key based authentication
- Middleware that validates the key in the request body or a header
For session based authentication
- An endpoint that handles signin
- An endpoint that handles signout
- Middleware that validates the session
Examples of both methods are below.
Note that the code in each file below would normally be spread across several files, depending on your project organisation, e.g. route handlers in a /routes/api/...
folder, and route bindings in /routes/index.js
.
There's a closing curly brace missing for the signout method.