signed-http
Use joyent's http signature scheme for http auth.
see http-signature and http-signature spec
Provides a http middleware and a few small helpers.
signed-http
will sign the hash of the body by default,
for maximum security.
signed-http
also, checks for replayed and out of date requests,
(note: replay is possible after server restarts, if replayed request is recent)
I strongly recommend that all http routes are idempotent.
Example
create a server
var http =var sr =//get a key pair//this will block the process for a few seconds.var pair = srhttp
Then, post a request to it. signed-http
will set sensible defaults on the
request for maximum security.
var pair = srrs
License
MIT