How to use http-auth - 10 common examples

To help you get started, we’ve selected a few http-auth examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github mwittig / node-fronius-solar / test / server.js View on Github external
"Timestamp": "2019-08-09T07:59:05+02:00"
            }
        }));
    } else {
        console.log("404 Not Found");
        response.writeHead(404, {
            "Content-Type": "text/plain"
        });
        response.write("404 Not Found\n");
        response.end();
        return;
    }
}

if (useDigestAuth) {
    var digest = auth.digest({
        realm: realm
    }, function (username, callback) { // Expecting md5(username:realm:password) in callback.
        if (username === "admin") {
            var hash = crypto.createHash('md5');
            hash.update("admin:" + realm + ":admin");
            callback(hash.digest('hex'));
        } else {
            callback();
        }
    });
    http.createServer(digest, requestListener).listen(parseInt(port, 10));
} else {
    http.createServer(requestListener).listen(parseInt(port, 10));
}

console.log("Server running at\n  => http://localhost:" + parseInt(port, 10) + "/\nCTRL + C to shutdown");
github xiaozhongliu / node-api-seed / midware / filter.js View on Github external
const fs = require('fs')
const path = require('path')
const auth = require('http-auth')
const config = require('../config')

const basic = auth.basic({
    realm: 'Http Auth Realm',
}, (username, password, cb) => {
    cb(username === config.HTTP_AUTH.USERNAME && password === config.HTTP_AUTH.PASSWORD)
})

module.exports = (req, res, next) => {
    // 1. intercept request on favicon.ico
    if (req.path === '/favicon.ico') {
        return res.status(204).end()
    }

    // 2. apply http auth to log accessing
    if (config.HTTP_AUTH.ITEMS_REG.test(req.path)) {
        return basic.check(req, res, (request, response, err) => {
            if (err) {
                return next(err)
github mathew-kurian / Scribe.js / examples / webPanel_auth.js View on Github external
(function() {
    var auth = require('http-auth'), // @see https://github.com/gevorg/http-auth
        express = require('express'),
        app = express(),
        scribe = require('../scribe')(),
        console = process.console;


    app.set('port', (process.env.PORT || 5000));

    /**
     * User : test
     * Pwd  : tes
     */
    var basicAuth = auth.basic({ //basic auth config
        realm: "ScribeJS WebPanel",
        file: __dirname + "/users.htpasswd" // test:test
    });

    app.get('/', function(req, res) {
        res.send('Hello world, see you at /logs');
    });

    app.use('/logs', auth.connect(basicAuth), scribe.webPanel());

    //Make some logs
    console.addLogger('log');
    console.addLogger('debug', 'inverse');
    console.addLogger('fun', 'rainbow');

    console.time().fun('hello world');
github twitterdev / account-activity-dashboard / helpers / auth.js View on Github external
// twitter info
auth.twitter_oauth = {
  consumer_key: process.env.TWITTER_CONSUMER_KEY,
  consumer_secret: process.env.TWITTER_CONSUMER_SECRET,
  token: process.env.TWITTER_ACCESS_TOKEN,
  token_secret: process.env.TWITTER_ACCESS_TOKEN_SECRET
}
auth.twitter_webhook_environment = process.env.TWITTER_WEBHOOK_ENV


// basic auth middleware for express

if (typeof process.env.BASIC_AUTH_USER !== 'undefined' &&
  typeof process.env.BASIC_AUTH_PASSWORD !== 'undefined') {
    auth.basic = httpAuth.connect(httpAuth.basic({
        realm: 'admin-dashboard'
    }, function(username, password, callback) {
        callback(username === process.env.BASIC_AUTH_USER && password === process.env.BASIC_AUTH_PASSWORD)
    }))
} else {
  console.warn([
    'Your admin dashboard is accessible by everybody.',
    'To restrict access, setup BASIC_AUTH_USER and BASIC_AUTH_PASSWORD',
    'as environment variables.',
    ].join(' '))
}


// csrf protection middleware for express
auth.csrf = require('csurf')()
github Sotera / Datawake-Legacy / ForensicDemoServer / server.js View on Github external
}
        }
    }
});


// Application setup.
var app = express();
if (bUseAuth) {
    console.log('Starting with basic authentication');
    var basic = auth.basic({
            realm: 'Datawake Forensic',
            file: './.htpassword'
        }
    );
    app.use(auth.connect(basic));
} else {
    console.log('Starting with no authentication');
}

// Setup route.
app.use('/',express.static('../server/forensic_v2'));
app.listen(port);
console.log('Listening on port ' + port);
github IBM-Cloud / openwhisk-darkvisionapp / web / app.js View on Github external
app.use(compression());

const upload = multer({
  dest: 'uploads/'
});

// Upload areas and reset/delete for videos and images can be protected by basic authentication
// by configuring ADMIN_USERNAME and ADMIN_PASSWORD environment variables.
const basic = auth.basic({
  realm: 'Adminstrative Area'
}, (username, password, callback) => { // Custom authentication method.
    // Authentication is configured through environment variables.
    // If there are not set, upload is open to all users.
  callback(username === process.env.ADMIN_USERNAME && password === process.env.ADMIN_PASSWORD);
});
const authenticator = auth.connect(basic);
const checkForAuthentication = (req, res, next) => {
  if (process.env.ADMIN_USERNAME) {
    console.log('Authenticating call...');
    authenticator(req, res, next);
  } else {
    console.log('No authentication configured');
    next();
  }
};

// initialize local VCAP configuration
let vcapLocal = null;
if (!fs.existsSync('../local.env')) {
  console.log('No local.env defined. VCAP_SERVICES will be used.');
} else {
  try {
github vincentbernat / dashkiosk / lib / express.js View on Github external
var forceSsl = function(req, res, next) {
    if (req.headers['x-forwarded-proto'] !== 'https') {
      return res.redirect(['https://', req.get('Host'), req.url].join(''));
    }
  return next();
  };
  app.use(forceSsl);
}

// Logging
logger.express.access(app);
logger.express.error(app);

// Authentication
if (config.get('auth:enabled')) {
  var basic = auth.basic({
    realm: config.get('auth:realm')
  }, function(username, password, callback) {
    // Custom authentication method.
    callback(username === config.get('auth:username') &&
             password === config.get('auth:password'));
  });
  app.use(auth.connect(basic));
}

// Asset handling
var assets = {};
try {
  assets = require('../assets.json');
} catch (e) {}
github BarnesFoundation / barnes-tms-extract / src / es_api / server.js View on Github external
const auth = require('http-auth');
const bodyParser = require('body-parser');
const config = require('config');
const elasticsearch = require('elasticsearch');
const Express = require('express');
const passport = require('passport');
const path = require('path');
const Router = Express.Router;
const _ = require('lodash');
const { makeElasticsearchOptions } = require('../util/elasticOptions.js');

const context = new Router();

const basicAuth = auth.basic({
	file: config.ElasticsearchAPI.htpasswd
});
passport.use(auth.passport(basicAuth));

const app = Express();
app.use(bodyParser.json());
app.use(context);

// redirect http to https
if (process.env.NODE_ENV === "production") {
	app.enable('trust proxy');
	app.use(function(req, res, next) {
		if (req.headers['x-forwarded-proto'] && req.headers['x-forwarded-proto'].toLowerCase() === 'http') {
			return res.redirect('https://' + req.headers.host + req.url);
		}
		return next();
github BarnesFoundation / barnes-tms-extract / src / dashboard / src / index.js View on Github external
const config = require('config');
const moment = require('moment');
const Express = require('express');
const path = require('path');
const Promise = require('bluebird');
const SenecaWeb = require('seneca-web');
const _ = require('lodash');
const bodyParser = require('body-parser');
const auth = require('http-auth');
const passport = require('passport');

const Router = Express.Router;
const context = new Router();

const basicAuth = auth.basic({
	file: config.Dashboard.htpasswd
});
passport.use(auth.passport(basicAuth));

const senecaWebConfig = {
	context,
	adapter: require('seneca-web-adapter-express'), // eslint-disable-line
	options: { parseBody: false },
};

const app = Express();
app.use(bodyParser.json());
app.use(context);
app.use(Express.static(path.resolve(`${__dirname}/../public`)) );
app.set('view engine', 'pug');
app.set('views', path.resolve(`${__dirname}/../views`));
github odota / core / yasp.js View on Github external
}, function(err, user) {
        done(err, user);
    });
});
passport.use(new SteamStrategy({
    returnURL: host + '/return',
    realm: host,
    apiKey: api_key
}, utility.initializeUser));
var basic = auth.basic({
    realm: "Kue"
}, function(username, password, callback) { // Custom authentication method.
    callback(username === (process.env.KUE_USER || "user") && password === (process.env.KUE_PASS || "pass"));
});
app.use(compression());
app.use("/kue", auth.connect(basic));
app.use("/kue", kue.app);
app.use("/public", express.static(path.join(__dirname, '/public')));
app.use(session({
    store: new RedisStore({
        client: redis
    }),
    secret: process.env.SESSION_SECRET,
    resave: false,
    saveUninitialized: false
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(bodyParser.urlencoded({
    extended: false
}));
app.use(function(req, res, next) {

http-auth

Node.js package for HTTP basic and digest access authentication.

MIT
Latest version published 2 years ago

Package Health Score

56 / 100
Full package analysis