how to implement multiple authentication (existing one is jwt) in loopback 4

[dpardhi]

[marioestradarosa]

@dpardhi , the Authentication component acts as a central registry for different Authentication strategies. It is up to the API developer to do the following.

1. Use other people's extensions that conform to the @loopback/authentication architecture
2. Build his/her own strategy extension that conforms to the @loopback/authentication architecture

Each new strategy has its own unique name within your application (ie: 'jwt', 'mickey', 'pluto'), you the extension developer give to it its unique name. On the class method or class definition level you just place the decorator authenticate() with the list of these names you want the @loopback/authentication component to use (provided they were already registered with it) such as

@authenticate('jwt','pluto')
export class TestingController {
  constructor(
    @inject(SecurityBindings.USER)
    private userProfile: UserProfile, // ------------- END OF SNIPPET -------------
  ) {}

or at the method level

@authenticate('jwt','pluto')
@get('/whoami')
  whoAmI(): string {
    return this.userProfile[securityId];
  }