Numbers Prefer Multiplication

    basic-auth
    DefinitelyTyped icon, indicating that this package has TypeScript declarations provided by the separate @types/basic-auth package

    2.0.1 • Public • Published

    basic-auth

    NPM Version NPM Downloads Node.js Version Build Status Test Coverage

    Generic basic auth Authorization header field parser for whatever.

    Installation

    This is a Node.js module available through the npm registry. Installation is done using the npm install command:

    $ npm install basic-auth
    

    API

    var auth = require('basic-auth')

    auth(req)

    Get the basic auth credentials from the given request. The Authorization header is parsed and if the header is invalid, undefined is returned, otherwise an object with name and pass properties.

    auth.parse(string)

    Parse a basic auth authorization header string. This will return an object with name and pass properties, or undefined if the string is invalid.

    Example

    Pass a Node.js request object to the module export. If parsing fails undefined is returned, otherwise an object with .name and .pass.

    var auth = require('basic-auth')
    var user = auth(req)
    // => { name: 'something', pass: 'whatever' }

    A header string from any other location can also be parsed with auth.parse, for example a Proxy-Authorization header:

    var auth = require('basic-auth')
    var user = auth.parse(req.getHeader('Proxy-Authorization'))

    With vanilla node.js http server

    var http = require('http')
    var auth = require('basic-auth')
    var compare = require('tsscmp')
     
    // Create server
    var server = http.createServer(function (req, res) {
      var credentials = auth(req)
     
      // Check credentials
      // The "check" function will typically be against your user store
      if (!credentials || !check(credentials.name, credentials.pass)) {
        res.statusCode = 401
        res.setHeader('WWW-Authenticate', 'Basic realm="example"')
        res.end('Access denied')
      } else {
        res.end('Access granted')
      }
    })
     
    // Basic function to validate credentials for example
    function check (name, pass) {
      var valid = true
     
      // Simple method to prevent short-circut and use timing-safe compare
      valid = compare(name, 'john') && valid
      valid = compare(pass, 'secret') && valid
     
      return valid
    }
     
    // Listen
    server.listen(3000)

    License

    MIT

    Install

    npm i basic-auth

    DownloadsWeekly Downloads

    4,814,151

    Version

    2.0.1

    License

    MIT

    Unpacked Size

    8.89 kB

    Total Files

    5

    Last publish

    Collaborators

    • avatar
    • avatar
    • avatar
    • avatar