node.js basic auth parser
npm install basic-auth[![NPM Version][npm-image]][npm-url]
[![NPM Downloads][downloads-image]][downloads-url]
[![Node.js Version][node-version-image]][node-version-url]
[![Build Status][travis-image]][travis-url]
[![Test Coverage][coveralls-image]][coveralls-url]
Generic basic auth Authorization header field parser for whatever.
This is a Node.js module available through the
npm registry. Installation is done using thenpm install command:
``
$ npm install basic-auth
`js`
var auth = require('basic-auth')
Get the basic auth credentials from the given request. The Authorization
header is parsed and if the header is invalid, is returned,name
otherwise an object with and pass properties.
Parse a basic auth authorization header string. This will return an object
with name and pass properties, or undefined if the string is invalid.
Pass a Node.js request object to the module export. If parsing fails
undefined is returned, otherwise an object with .name and .pass.
`js`
var auth = require('basic-auth')
var user = auth(req)
// => { name: 'something', pass: 'whatever' }
A header string from any other location can also be parsed with
auth.parse, for example a Proxy-Authorization header:
`js`
var auth = require('basic-auth')
var user = auth.parse(req.getHeader('Proxy-Authorization'))
`js
var http = require('http')
var auth = require('basic-auth')
var compare = require('tsscmp')
// Create server
var server = http.createServer(function (req, res) {
var credentials = auth(req)
// Check credentials
// The "check" function will typically be against your user store
if (!credentials || !check(credentials.name, credentials.pass)) {
res.statusCode = 401
res.setHeader('WWW-Authenticate', 'Basic realm="example"')
res.end('Access denied')
} else {
res.end('Access granted')
}
})
// Basic function to validate credentials for example
function check (name, pass) {
var valid = true
// Simple method to prevent short-circut and use timing-safe compare
valid = compare(name, 'john') && valid
valid = compare(pass, 'secret') && valid
return valid
}
// Listen
server.listen(3000)
``
[coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/basic-auth/master
[coveralls-url]: https://coveralls.io/r/jshttp/basic-auth?branch=master
[downloads-image]: https://badgen.net/npm/dm/basic-auth
[downloads-url]: https://npmjs.org/package/basic-auth
[node-version-image]: https://badgen.net/npm/node/basic-auth
[node-version-url]: https://nodejs.org/en/download
[npm-image]: https://badgen.net/npm/v/basic-auth
[npm-url]: https://npmjs.org/package/basic-auth
[travis-image]: https://badgen.net/travis/jshttp/basic-auth/master
[travis-url]: https://travis-ci.org/jshttp/basic-auth