Important: This is the documentation for a previous version of Feathers.
For the latest documentation please visit

Add authentication

We can now use the generator to add some local authentication to the app by running

feathers generate authentication

Generate authentication

The generator will add some new modules and modify some existing ones. You can see all the changes here: Unified | Split

New modules

The directory has changed:

Compare app and authentication folders

The users service

The generator has added a users service to the app because local authentication requires we keep a database of users.

This caused the following modules to be added:

  • src/models/users.model.js describes how users is indexed. NeDB is a NoSQL database that's simple to configure.

  • src/services/users contains the rest of the users service.

    • users.service.js configures the service.

    • users.hooks.js configures the hooks for the service. The authenticate('jwt') hooks ensure only authenticated users can perform method calls. The hashPassword() hook encrypts the password when a new user is added.

    • users.filters.js will allow you to control which clients are notified when a user is mutated.

  • test/services/users.test.js tests that the service gets configured.

The service has to be wired into the app, so the generator made the following changes:

  • config/default.json now (Unified | Split) keeps the path of the NeDB tables.

  • src/services/index.js now (Unified | Split) configures the users service.

The authentication service

The generator also added an authentication service to the app. Its responsible for authenticating clients against the users service, generating JWT tokens and verifying them.

The authentication service is a custom service, not a database service. It has no model, no database table, no hooks to run when one of its methods is called.

  • So instead of creating a set of folders as was done for users, the generator creates the only module authentication needs as src/authentication.js

This service also has to be wired into the app, so the generator made the following change:

  • src/config/default.json now (Unified | Split) retains authentication information.

  • src/app.js now (Unified | Split) configures the authentication service.

Other changes

The changes to our app have introduced new dependencies and they need to be defined.

What's next?

We have not previously covered Feathers authentication, so the authentication service written for that is brand new to us. You can refer to the authentication API and guides for more details.

A users service was created as its needed for the local authentication. That generated code contains no surprises for us as we have covered it before.

Next, we will generate a new service.

Is anything wrong, unclear, missing?

Leave a comment.

results matching ""

    No results matching ""