Skip to content

covenix / SecurityHandler

Type Alias: SecurityHandler

SecurityHandler = (req, scopes) => unknown | Promise<unknown>

Defined in: src/security.ts:17

Runtime authentication for a scheme. Receives the request and the scopes the route requires for this scheme, and resolves to the principal (any value — injected via @Principal()). Returning null/undefined rejects the request as 401; throwing rejects with that error (e.g. a 403 for insufficient scope). The handler owns the scope check.

Parameters

req

Request

scopes

string[]

Returns

unknown | Promise<unknown>