How to use http-auth - 10 common examples
To help you get started, we’ve selected a few http-auth examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
mwittig / node-fronius-solar / test / server.js View on Github 
"Timestamp": "2019-08-09T07:59:05+02:00"
}
}));
} else {
console.log("404 Not Found");
response.writeHead(404, {
"Content-Type": "text/plain"
});
response.write("404 Not Found\n");
response.end();
return;
}
}
if (useDigestAuth) {
var digest = auth.digest({
realm: realm
}, function (username, callback) { // Expecting md5(username:realm:password) in callback.
if (username === "admin") {
var hash = crypto.createHash('md5');
hash.update("admin:" + realm + ":admin");
callback(hash.digest('hex'));
} else {
callback();
}
});
http.createServer(digest, requestListener).listen(parseInt(port, 10));
} else {
http.createServer(requestListener).listen(parseInt(port, 10));
}
console.log("Server running at\n => http://localhost:" + parseInt(port, 10) + "/\nCTRL + C to shutdown");const fs = require('fs')
const path = require('path')
const auth = require('http-auth')
const config = require('../config')
const basic = auth.basic({
realm: 'Http Auth Realm',
}, (username, password, cb) => {
cb(username === config.HTTP_AUTH.USERNAME && password === config.HTTP_AUTH.PASSWORD)
})
module.exports = (req, res, next) => {
// 1. intercept request on favicon.ico
if (req.path === '/favicon.ico') {
return res.status(204).end()
}
// 2. apply http auth to log accessing
if (config.HTTP_AUTH.ITEMS_REG.test(req.path)) {
return basic.check(req, res, (request, response, err) => {
if (err) {
return next(err)(function() {
var auth = require('http-auth'), // @see https://github.com/gevorg/http-auth
express = require('express'),
app = express(),
scribe = require('../scribe')(),
console = process.console;
app.set('port', (process.env.PORT || 5000));
/**
* User : test
* Pwd : tes
*/
var basicAuth = auth.basic({ //basic auth config
realm: "ScribeJS WebPanel",
file: __dirname + "/users.htpasswd" // test:test
});
app.get('/', function(req, res) {
res.send('Hello world, see you at /logs');
});
app.use('/logs', auth.connect(basicAuth), scribe.webPanel());
//Make some logs
console.addLogger('log');
console.addLogger('debug', 'inverse');
console.addLogger('fun', 'rainbow');
console.time().fun('hello world');// twitter info
auth.twitter_oauth = {
consumer_key: process.env.TWITTER_CONSUMER_KEY,
consumer_secret: process.env.TWITTER_CONSUMER_SECRET,
token: process.env.TWITTER_ACCESS_TOKEN,
token_secret: process.env.TWITTER_ACCESS_TOKEN_SECRET
}
auth.twitter_webhook_environment = process.env.TWITTER_WEBHOOK_ENV
// basic auth middleware for express
if (typeof process.env.BASIC_AUTH_USER !== 'undefined' &&
typeof process.env.BASIC_AUTH_PASSWORD !== 'undefined') {
auth.basic = httpAuth.connect(httpAuth.basic({
realm: 'admin-dashboard'
}, function(username, password, callback) {
callback(username === process.env.BASIC_AUTH_USER && password === process.env.BASIC_AUTH_PASSWORD)
}))
} else {
console.warn([
'Your admin dashboard is accessible by everybody.',
'To restrict access, setup BASIC_AUTH_USER and BASIC_AUTH_PASSWORD',
'as environment variables.',
].join(' '))
}
// csrf protection middleware for express
auth.csrf = require('csurf')()}
}
}
});
// Application setup.
var app = express();
if (bUseAuth) {
console.log('Starting with basic authentication');
var basic = auth.basic({
realm: 'Datawake Forensic',
file: './.htpassword'
}
);
app.use(auth.connect(basic));
} else {
console.log('Starting with no authentication');
}
// Setup route.
app.use('/',express.static('../server/forensic_v2'));
app.listen(port);
console.log('Listening on port ' + port);app.use(compression());
const upload = multer({
dest: 'uploads/'
});
// Upload areas and reset/delete for videos and images can be protected by basic authentication
// by configuring ADMIN_USERNAME and ADMIN_PASSWORD environment variables.
const basic = auth.basic({
realm: 'Adminstrative Area'
}, (username, password, callback) => { // Custom authentication method.
// Authentication is configured through environment variables.
// If there are not set, upload is open to all users.
callback(username === process.env.ADMIN_USERNAME && password === process.env.ADMIN_PASSWORD);
});
const authenticator = auth.connect(basic);
const checkForAuthentication = (req, res, next) => {
if (process.env.ADMIN_USERNAME) {
console.log('Authenticating call...');
authenticator(req, res, next);
} else {
console.log('No authentication configured');
next();
}
};
// initialize local VCAP configuration
let vcapLocal = null;
if (!fs.existsSync('../local.env')) {
console.log('No local.env defined. VCAP_SERVICES will be used.');
} else {
try {var forceSsl = function(req, res, next) {
if (req.headers['x-forwarded-proto'] !== 'https') {
return res.redirect(['https://', req.get('Host'), req.url].join(''));
}
return next();
};
app.use(forceSsl);
}
// Logging
logger.express.access(app);
logger.express.error(app);
// Authentication
if (config.get('auth:enabled')) {
var basic = auth.basic({
realm: config.get('auth:realm')
}, function(username, password, callback) {
// Custom authentication method.
callback(username === config.get('auth:username') &&
password === config.get('auth:password'));
});
app.use(auth.connect(basic));
}
// Asset handling
var assets = {};
try {
assets = require('../assets.json');
} catch (e) {}const auth = require('http-auth');
const bodyParser = require('body-parser');
const config = require('config');
const elasticsearch = require('elasticsearch');
const Express = require('express');
const passport = require('passport');
const path = require('path');
const Router = Express.Router;
const _ = require('lodash');
const { makeElasticsearchOptions } = require('../util/elasticOptions.js');
const context = new Router();
const basicAuth = auth.basic({
file: config.ElasticsearchAPI.htpasswd
});
passport.use(auth.passport(basicAuth));
const app = Express();
app.use(bodyParser.json());
app.use(context);
// redirect http to https
if (process.env.NODE_ENV === "production") {
app.enable('trust proxy');
app.use(function(req, res, next) {
if (req.headers['x-forwarded-proto'] && req.headers['x-forwarded-proto'].toLowerCase() === 'http') {
return res.redirect('https://' + req.headers.host + req.url);
}
return next();const config = require('config');
const moment = require('moment');
const Express = require('express');
const path = require('path');
const Promise = require('bluebird');
const SenecaWeb = require('seneca-web');
const _ = require('lodash');
const bodyParser = require('body-parser');
const auth = require('http-auth');
const passport = require('passport');
const Router = Express.Router;
const context = new Router();
const basicAuth = auth.basic({
file: config.Dashboard.htpasswd
});
passport.use(auth.passport(basicAuth));
const senecaWebConfig = {
context,
adapter: require('seneca-web-adapter-express'), // eslint-disable-line
options: { parseBody: false },
};
const app = Express();
app.use(bodyParser.json());
app.use(context);
app.use(Express.static(path.resolve(`${__dirname}/../public`)) );
app.set('view engine', 'pug');
app.set('views', path.resolve(`${__dirname}/../views`));}, function(err, user) {
done(err, user);
});
});
passport.use(new SteamStrategy({
returnURL: host + '/return',
realm: host,
apiKey: api_key
}, utility.initializeUser));
var basic = auth.basic({
realm: "Kue"
}, function(username, password, callback) { // Custom authentication method.
callback(username === (process.env.KUE_USER || "user") && password === (process.env.KUE_PASS || "pass"));
});
app.use(compression());
app.use("/kue", auth.connect(basic));
app.use("/kue", kue.app);
app.use("/public", express.static(path.join(__dirname, '/public')));
app.use(session({
store: new RedisStore({
client: redis
}),
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: false
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(bodyParser.urlencoded({
extended: false
}));
app.use(function(req, res, next) {http-auth
Node.js package for HTTP basic and digest access authentication.
