added cookie strategy for session management for #8

lib/auth/strategy.js

@@ -15,10 +15,16 @@ exports.register = function (server, options, next) {
         isSecure: secure
     });
 
+    server.auth.strategy('session', 'cookie', {
+        password: process.env.AUTH_COOKIE_ENCRYPTION_PASSWORD,
+        redirectTo: '/login',
+        isSecure: secure
+    });
+
     next();
 };
 
 exports.register.attributes = {
     name: 'authentication-strategy',
-    dependencies: 'bell'
+    dependencies: ['bell', 'hapi-auth-cookie']
 };

lib/manifest.js

@@ -74,6 +74,7 @@ module.exports = {
         {plugin: './api/auth/strategy'},
         {plugin: './api/router'},
         {plugin: 'bell'},
+        {plugin: 'hapi-auth-cookie'},
         {
             plugin: {
                 register: './auth/strategy',

package.json

@@ -58,6 +58,7 @@
     "good-console": "5.3.1",
     "halacious": "3.5.3",
     "hapi": "13.0.0",
+    "hapi-auth-cookie": "6.1.1",
     "hapi-mustache": "0.0.1",
     "hapi-swaggered": "2.6.0",
     "hapi-swaggered-ui": "2.3.1",

test/unit/auth/strategy-test.js

@@ -14,11 +14,11 @@ suite('authentication strategy', () => {
     test('that the plugin is defined', () => {
         assert.equals(auth.register.attributes, {
             name: 'authentication-strategy',
-            dependencies: 'bell'
+            dependencies: ['bell', 'hapi-auth-cookie']
         });
     });
 
-    test('that bell is registered as a strategy', () => {
+    test('that the authentication and session strategies are registered', () => {
         const
             next = sinon.spy(),
             strategy = sinon.spy(),
@@ -43,6 +43,11 @@ suite('authentication strategy', () => {
             forceHttps: secure,
             isSecure: secure
         });
+        assert.calledWith(strategy, 'session', 'cookie', {
+            password,
+            redirectTo: '/login',
+            isSecure: secure
+        });
         assert.calledOnce(next);
     });
 });