Understanding LifeCycle of hapi js

Question

  register: async (server, options) => {

        server.ext('onRequest', (request, h) => {
            if (request.params) {
                log.verbose(`onRequest:${request.method.toUpperCase()}:${request.path}/${request.params}`)
            } else {
                log.verbose(`onRequest:${request.method.toUpperCase()}:${request.path}`)
            }

            if (Object.getOwnPropertyNames(request.query).length) {
                log.verbose(`onRequest:queryParameters: ${JSON.stringify(request.query)}`)
            }

            if (request.headers && request.headers['x-access-token']) {
                log.verbose(`onRequest:heders:x-access-token ${JSON.stringify(request.headers['x-access-token'])}`)
            }

            return h.continue
        })

        server.ext('onPreAuth', (request, h) => {
            log.verbose('onPreAuth')
            return h.continue
        })

        server.ext('onCredentials', (request, h) => {
            log.verbose('onCredentials')
            return h.continue
        })

        server.ext('onPostAuth', (request, h, error) => {
            if (request.payload) {
                log.verbose(`onPostAuth:bodyPayload: ${JSON.stringify(request.payload)}`)
            }
            return h.continue
        })

        server.ext('onPreHandler', (request, h) => {
            log.verbose('onPreHandler')
            return h.continue
        })

        server.ext('onPostHandler', (request, h) => {
            log.verbose('onPostHandler')
            return h.continue
        })

        server.ext('onPreResponse', (request, h) => {
            if (request && request.response && request.response.source) {
                try {
                    log.verbose(`onPreResponse:${JSON.stringify(request.response.source)}`)
                } catch (err) {
                    log.warn(err)
                    log.verbose(h.request.response.source.toString())
                }
            }
            return h.continue
        })
    }

These are Hapi LifeCycle:

1. OnRequest: Called when request comes to server.
2. OnPreAuth: called when request comes to auth part of route.
3. OnPostAuth: called when request goes out from auth part of route.
4. OnPreHandler: called when request comes to handler part of route.
5. OnPostHandler: called when request goes out from Handler part of route.

6. OnPreResponse: called when returning response back.

   7 onCredentials: is new to Hapi v17.

   Not able to understand for what purpose onCredentials is used for. Also, correct me if i am understanding wrong the life cycle of hapi.

Answer 1

Your understanding is correct. onCredentials added to between OnPreAuth and OnPostAuth, here is little information about it.

A new onCredentials extension point and the ability to change the request credentials before authorization is validated.

source: https://github.com/hapijs/hapi/issues/3658

Here is little more

onCredentials: a new Request Extension Point Each request served with hapi follows a predefined path: the request lifecycle. Depending on whether you need authentication or validation, the framework skips individual lifecycle points.

There’s a new extension point in hapi v17: onCredentials. This extension point locates after onPreAuth and before onPostAuth. In onPreAuth, hapi authenticates the request and identifies the user. The authorization is part of onPostAuth, like checking the request scope to verify that the request has access rights.

In onCredentials, you can customize the credentials before the request authorization.

source: https://futurestud.io/tutorials/hapi-v17-upgrade-guide-your-move-to-async-await

That means you can modify credentials object. Here is simple sample code. Let's say you want to update credentials scope after authentication based on user information.

server.ext('onCredentials', (request, h) => {

    request.auth.credentials.scope = 'customadmin';
    return h.continue;
});

Hapi.js Scope Explanation