{"id":44428033,"url":"https://github.com/alexandrainst/node-red-http-basic-auth","last_synced_at":"2026-02-12T11:30:43.260Z","repository":{"id":199478162,"uuid":"702933246","full_name":"alexandrainst/node-red-http-basic-auth","owner":"alexandrainst","description":"Node-RED node for HTTP Basic Auth","archived":false,"fork":false,"pushed_at":"2026-02-01T04:15:57.000Z","size":588,"stargazers_count":2,"open_issues_count":4,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-01T15:32:36.354Z","etag":null,"topics":["basic-authentication","node-red","node-red-contrib"],"latest_commit_sha":null,"homepage":"https://flows.nodered.org/node/@alexandrainst/node-red-http-basic-auth","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"endemecio02/node-red-contrib-httpauth","license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alexandrainst.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-10-10T09:31:47.000Z","updated_at":"2026-01-07T08:37:27.000Z","dependencies_parsed_at":"2024-05-01T05:30:32.388Z","dependency_job_id":"49313662-2df8-4dbb-b3cb-8c7a93618ad5","html_url":"https://github.com/alexandrainst/node-red-http-basic-auth","commit_stats":null,"previous_names":["alexandrainst/node-red-http-basic-auth"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/alexandrainst/node-red-http-basic-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexandrainst%2Fnode-red-http-basic-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexandrainst%2Fnode-red-http-basic-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexandrainst%2Fnode-red-http-basic-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexandrainst%2Fnode-red-http-basic-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alexandrainst","download_url":"https://codeload.github.com/alexandrainst/node-red-http-basic-auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alexandrainst%2Fnode-red-http-basic-auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29364195,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-12T08:51:36.827Z","status":"ssl_error","status_checked_at":"2026-02-12T08:51:26.849Z","response_time":55,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["basic-authentication","node-red","node-red-contrib"],"created_at":"2026-02-12T11:30:42.466Z","updated_at":"2026-02-12T11:30:43.255Z","avatar_url":"https://github.com/alexandrainst.png","language":"JavaScript","readme":"# @alexandrainst/node-red-http-basic-auth\n\n[Node-RED](https://nodered.org/) node for HTTP Basic Auth.\n\nThis Node-RED module performs [HTTP Basic authentication](https://developer.mozilla.org/docs/Web/HTTP/Authentication).\nIt is to be used in conjunction with an [HTTP Input node](https://cookbook.nodered.org/http/create-an-http-endpoint).\n\nIn other words, it allows putting a password on a Node-RED HTTP listener node.\n\nNote that this standard protocol sends passwords in plain-text by design, so HTTPS is required to ensure the security of the transmission.\n\nSupports [bcrypt](https://en.wikipedia.org/wiki/Bcrypt) to store passwords on disc\n(such as in the [Apache htpasswd format](https://httpd.apache.org/docs/current/misc/password_encryptions.html)).\nNote that this node will cache the bcrypt checks in memory (until the flow is redeployed / restarted)\nto improve performance (bcrypt is slow by design, to protect passwords on disc).\n\n## Example\n\nExample of flow, with username `test` and password `test`: [`flow.json`](./examples/flow.json)\n\n[![flow.png](images/flow.png)](./examples/flow.json)\n\nCan be tested with e.g.:\n\n```sh\ncurl 'https://test:test@nodered.example.net/basic-auth-demo'\n```\n\n## Config\n\nThere are three types of configuration:\n\n1. *Simple*: each node has its own credentials. (one credential)\n2. *Multiple credentials*: credentials shared with multiple nodes. (multiple credentials)\n3. *File with multiple credentials*: the user credentials are stored in a file. (multiple credentials)\n\n## Definitions\n\n* *Realm*\n\t* Authorization realm for which the credentials will be valid\n\t* Example: `node-red`\n\n* *Username*\n\t* The username\n\t* Example: `alice`\n\n* *Password*\n\t* The password may be in plain-text or hashed (only bcrypt is supported)\n\t* Example in plain-text: `test`\n\t* Example in bcrypt: `$2y$10$5TSZDldoJ7MxDZdtK/SG2O3cwORqLDhHabYlKX9OsM.W/Z/oLwKW6`\n\n* *File*\n\t* Location of the file containing the credentials relative to the presently working directory\n\t* Example: `/data/.htpasswd`\n\t* The format for each line is `username:password`\n\n\u003c/dl\u003e\n\nExample of file: (see also [Apache `htpasswd`](https://httpd.apache.org/docs/current/programs/htpasswd.html))\n\n```plain\nuser1:test\nuser2:$2y$10$5TSZDldoJ7MxDZdtK/SG2O3cwORqLDhHabYlKX9OsM.W/Z/oLwKW6\n```\n\n## Outputs\n\nThe first node output is used when the authentication succeeded, and it contains the username:\n\n```json\n\"msg\": {\n\t\"realm\": \"node-red\",\n\t\"username\": \"alice\",\n\t\"req\": \"...\",\n\t\"res\": \"...\",\n\t\"...\": \"...\"\n}\n```\n\nThe second node output is used when the authentication failed, and it contains error information:\n\n```json\n\"msg\": {\n\t\"realm\": \"node-red\",\n\t\"username\": \"\",\n\t\"authError\": \"Unknown user 'test'\",\n\t\"req\": \"...\",\n\t\"res\": \"...\",\n\t\"...\": \"...\"\n}\n```\n\nBoth outputs contain the `req` object, which can be inspected for detailed information about HTTP request headers, IP address, URL, etc.\n\n## Hints\n\nHere are examples to create hashed passwords:\n\n### In Linux Debian / Ubuntu command line\n\n```sh\nsudo apt install apache2-utils\nhtpasswd -nbB -C 10 '' 'my-password' | cut -d: -f2\n```\n\n### With Node.js\n\n```sh\nnpm install bcryptjs\nnode -e \"console.log(require('bcryptjs').hashSync('my-password', 10));\"\n```\n\n## Credits\n\nForked from [endemecio02/node-red-contrib-httpauth](https://github.com/endemecio02/node-red-contrib-httpauth) (abandoned)\nby [Alexandre Alapetite](https://github.com/Alkarex) for the [Alexandra Institute](https://alexandra.dk/), October 2023.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falexandrainst%2Fnode-red-http-basic-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falexandrainst%2Fnode-red-http-basic-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falexandrainst%2Fnode-red-http-basic-auth/lists"}