http.createServer(function (req, res) { var credentials = auth(req) if (!credentials || credentials.name !== 'john' || credentials.pass !== 'secret') { res.statusCode = 401 res.setHeader('WWW-Authenticate', 'Basic realm="example"') res.end('Access denied') } else { res.end('Access granted') } })
function get_app(req, res, callback) { var credentials = auth(req); if (!credentials || !credentials.name || !credentials.pass) { unauthorized(req, res, 'API Key is missing'); } else { storage.get_api_key(credentials.pass, function(application) { if (application && application.get('id') === credentials.name) { callback(application); } else { unauthorized(req, res, 'Invalid API Key or Application name'); } }); } }
app.use((req, res, next) => { const user = auth(req) // if (user === undefined || user.name !== ConfigData.basicAuth.name || user.pass !== ConfigData.basicAuth.pass) { // res.send('unauthorised access attempt') // return // } next() })
http.createServer(function(req, res) { var credentials = auth(req) // console.log(credentials) console.log(req.headers.authorization) if ( !credentials || credentials.name !== 'john' || credentials.pass !== 'secret' ) { res.statusCode = 401 res.setHeader('WWW-Authenticate', 'Basic realm="example"') res.end('Access denied') } else { res.end('Access granted') } })
// Route to issue JWT when a user logs in with basic authentication server.get('/user_token', (req, res) => { const user = auth(req) const db = router.db const users = db.get('users').value() // This is a naive way to validate username and password, the password should be hashed const foundUser = users.find((u) => u.username === user.name && u.password === user.pass) if (foundUser) { const token = jwtBase.sign({ id: foundUser.id, username: foundUser.username, role: foundUser.role }, secret) res.json({ username: foundUser.username, role: foundUser.role, token: token }) } else res.status(401).json({error: 'Incorrect credentials'}) })
app.use((request, response, next) => { const user = auth(request); if (!user || !(user.name === username && user.pass === password)) { response.set('WWW-Authenticate', 'Basic realm="Please Login"'); return response.status(401).send(); } return next(); });
/** * remote user */ morgan.token('remote-user', function getRemoteUserToken(req) { // parse basic credentials var credentials = auth(req) // return username return credentials ? credentials.name : undefined })
router.use(function (request, response, next) { //Load the header var user = auth(request); //Check if the user exists if (!user || user.name !== 'access' || user.pass !== 'access') { //Is not a valid user //Set the headers response.set('WWW-Authenticate', 'Basic realm=Authorization Required'); return response.send(401); } //If exists continue next(); });
/** * remote user */ morgan.token('remote-user', function getRemoteUserToken(req) { // parse basic credentials var credentials = auth(req) // return username return credentials ? credentials.name : undefined })