Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jshttp/basic-auth
Generic basic auth Authorization header field parser
https://github.com/jshttp/basic-auth
basic-auth http javascript nodejs
Last synced: 6 days ago
JSON representation
Generic basic auth Authorization header field parser
- Host: GitHub
- URL: https://github.com/jshttp/basic-auth
- Owner: jshttp
- License: mit
- Created: 2013-11-29T20:10:24.000Z (about 11 years ago)
- Default Branch: master
- Last Pushed: 2024-06-02T17:05:03.000Z (7 months ago)
- Last Synced: 2024-12-14T01:00:27.581Z (13 days ago)
- Topics: basic-auth, http, javascript, nodejs
- Language: JavaScript
- Homepage:
- Size: 64.5 KB
- Stars: 703
- Watchers: 22
- Forks: 86
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- Changelog: HISTORY.md
- License: LICENSE
Awesome Lists containing this project
- awesome-nodejs - basic-auth - Generic basic auth Authorization header field parser.  (Repository / Authorization)
README
# basic-auth
[![NPM Version][npm-version-image]][npm-url]
[![NPM Downloads][npm-downloads-image]][npm-url]
[![Node.js Version][node-image]][node-url]
[![Build Status][ci-image]][ci-url]
[![Coverage Status][coveralls-image]][coveralls-url]
Generic basic auth Authorization header field parser for whatever.
## Installation
This is a [Node.js](https://nodejs.org/en/) module available through the
[npm registry](https://www.npmjs.com/). Installation is done using the
[`npm install` command](https://docs.npmjs.com/getting-started/installing-npm-packages-locally):
```
$ npm install basic-auth
```
## API
```js
var auth = require('basic-auth')
```
### auth(req)
Get the basic auth credentials from the given request. The `Authorization`
header is parsed and if the header is invalid, `undefined` is returned,
otherwise an object with `name` and `pass` properties.
### auth.parse(string)
Parse a basic auth authorization header string. This will return an object
with `name` and `pass` properties, or `undefined` if the string is invalid.
## Example
Pass a Node.js request object to the module export. If parsing fails
`undefined` is returned, otherwise an object with `.name` and `.pass`.
```js
var auth = require('basic-auth')
var user = auth(req)
// => { name: 'something', pass: 'whatever' }
```
A header string from any other location can also be parsed with
`auth.parse`, for example a `Proxy-Authorization` header:
```js
var auth = require('basic-auth')
var user = auth.parse(req.getHeader('Proxy-Authorization'))
```
### With vanilla node.js http server
```js
var http = require('http')
var auth = require('basic-auth')
var compare = require('tsscmp')
// Create server
var server = http.createServer(function (req, res) {
var credentials = auth(req)
// Check credentials
// The "check" function will typically be against your user store
if (!credentials || !check(credentials.name, credentials.pass)) {
res.statusCode = 401
res.setHeader('WWW-Authenticate', 'Basic realm="example"')
res.end('Access denied')
} else {
res.end('Access granted')
}
})
// Basic function to validate credentials for example
function check (name, pass) {
var valid = true
// Simple method to prevent short-circuit and use timing-safe compare
valid = compare(name, 'john') && valid
valid = compare(pass, 'secret') && valid
return valid
}
// Listen
server.listen(3000)
```
# License
[MIT](LICENSE)
[ci-image]: https://badgen.net/github/checks/jshttp/basic-auth/master?label=ci
[ci-url]: https://github.com/jshttp/basic-auth/actions/workflows/ci.yml
[coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/basic-auth/master
[coveralls-url]: https://coveralls.io/r/jshttp/basic-auth?branch=master
[node-image]: https://badgen.net/npm/node/basic-auth
[node-url]: https://nodejs.org/en/download
[npm-downloads-image]: https://badgen.net/npm/dm/basic-auth
[npm-url]: https://npmjs.org/package/basic-auth
[npm-version-image]: https://badgen.net/npm/v/basic-auth