context object
The context object stores the context of the current authentication process, including authentication methods, identity provider, and request IP, address, etc.
Attributes
| Attribute name | Type | Description | | :---------------- | :---------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --- | | protocol | string | Authentication protocol. See below for details. | | connection | string | Identity provider. See below for details. | | | userPoolId | string | User pool ID | | userPoolName | string | User pool name | | userPoolMetadata | object | User pool configuration | | appId | string | Current user ID | | appName | string | Current application name | | appMetadata | object | Current application configuration information | | request | object | Detailed information of the current request, including:
ip: Client IP
geo: Client geographic location resolved by IP
body: Request body
query: Query string object, you can get the corresponding query parameter through request.query.xxx | | accessTokenTarget | Enum: programmaticAccount, user | Only has a value in the pipeline before issuing accessToken, indicating whether the current accessToken is issued for programmatic access account or user |
protocol
Authentication protocol.
| Possible values | Description |
|---|---|
| password | Authentication method based on account and password |
| sms | Authentication method based on SMS verification code |
| social | Social login authentication by default, this value is used when logging in using the social login method integrated with GenAuth. |
| ldap | Use LDAP for authentication. For information about how to connect to LDAP, see Configure LDAP Service. |
| saml | Use SAML for authentication. For information about how to connect to SAML, see Connect to SAML. |
| oidc | Use OIDC protocol for authentication. For information about how to connect to OIDC, see Use OIDC Authorization. |
connection
Identity provider.
Possible values Description ldap Login using the LDAP protocol. A GenAuth LDAP service corresponds to a GenAuth user directory or a third-party user directory. For details, see Configuring LDAP Services and Using an LDAP User Directory with GenAuth. saml Use SAML protocol to log in. For how to connect to SAML, see Connect to SAML. oidc Use OIDC protocol authentication. For how to connect to OIDC, see Use OIDC authorization. github Log in with GitHub. For details, see Log in to GitHub. wechat Log in by scanning the QR code on PC WeChat. For details, see Log in by scanning the QR code on PC WeChat. wechat:miniprogram Log in using WeChat Mini Program. For details, see Log in by scanning the QR code on PC WeChat. wechatwork Log in with WeChat for Business. qq Log in with QQ web version. For details, see Log in with QQ. weibo Log in with Weibo web version. For details, see Log in with Weibo. dingtalk Log in using the DingTalk web version. For details, see Log in using DingTalk. alipay Log in using the Alipay APP. For details, see Log in using the mobile APP Alipay .
data object
Before and after registration
Some request fields of the data object in the Pipeline before and after registration are as follows: For details, please see GenAuth GraphQL Debugger User Authentication - Registration interface.
WARNING
Fields such as email, phone, unionid may not exist at the same time. Please check whether they exist before using them! Such as
const email = context.request.body.email;
if (email) {
// Indicates that the registration is done by email
// Logic for whitelisting email registration
if (!email.endsWith("example.com")) {
return callback(new Error("Access Denied!"));
}
}| Field name | Type | Must exist | Description |
|---|---|---|---|
| username | string | No | Username, not empty when registering with username. |
| string | No | Email, not empty when registering with username. | |
| phone | string | No | Mobile number, not empty when registering with mobile number. |
| forceLogin | boolean | no | Whether to automatically perform the login process when registering, the default is false |
| profile | object | yes | User information filled in by the user when registering |
Before authentication, after authentication
The request fields of the data object in the pipeline before and after authentication are as follows:
WARNING
These fields may not all exist, please determine whether they exist before using them!
| Field name | Type | Must exist | Description |
|---|---|---|---|
| username | string | no | Username, not empty when logging in with username. |
| string | no | Email, not empty when logging in with email. | |
| phone | string | no | Mobile number, not empty when logging in with mobile number. |
userPool object
User pool related information
| Field name | Type | Description |
|---|---|---|
| id | string | User pool ID |
| name | string | User pool name |
geo attribute
Sample data:
{
"province": "Beijing",
"city": "Beijing",
"adcode": "110000",
"rectangle": "116.0119343,39.66127144;116.7829835,40.2164962"
}