http-auth

Node.js package for HTTP basic and digest access authentication

Fork me on GitHub

Installation

Via git (or downloaded tarball):

$ git clone git://github.com/http-auth/http-auth.git

or via npm:

$ npm install http-auth

Basic example

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Creating new HTTP server.
http.createServer(basic, (req, res) => {
    res.end(`Welcome to private area - ${req.user}!`);
}).listen(1337);

Custom authentication

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
        realm: "Simon Area."
    }, (username, password, callback) => {
        // Custom authentication.
        // Use callback(error) if you want to throw async error.
        callback(username === "Tina" && password === "Bullock");
    }
);

// Creating new HTTP server.
http.createServer(basic, (req, res) => {
    res.end(`Welcome to private area - ${req.user}!`);
}).listen(1337);

express framework integration

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Application setup.
var app = express();
app.use(auth.connect(basic));

// Setup route.
app.get('/', (req, res) => {
    res.send(`Hello from express - ${req.user}!`);
});

koa framework integration

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Final handler.
app.use(function *(next) {
    yield next;
    this.body = `Hello from koa - ${this.req.user}!`;
});

// Enable auth.
app.use(auth.koa(basic));

For koa@next you can use http-auth-koa

// Authentication module.
import auth from 'http-auth'
import koaAuth from 'http-auth-koa'
const basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Koa setup.
import Koa from 'koa'
const app = new Koa();

// Setup basic handler.
app.use(async (ctx, next) => {
    await next();
    ctx.body = `Welcome to koa ${ctx.req.user}!`;
});

// Setup auth.
app.use(koaAuth(basic));

hapi framework integration

// Authentication module.
const auth = require('http-auth');

// Setup auth.
const basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Create server.
const server = new Hapi.Server();
server.connection({ port: 1337 });

// Register auth plugin.
server.register(auth.hapi());

// Setup strategy.
server.auth.strategy('http-auth', 'http', basic);

// Setup route.
server.route({
    method: 'GET',
    path: '/',
    config: {
        auth: 'http-auth',
        handler: (request, reply) => {
            reply(`Welcome from Hapi - ${request.auth.credentials.name}!`);
        }
    }
});

Protecting specific path

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Application setup.
var app = express();

// Setup route.
app.get('/admin', auth.connect(basic), (req, res) => {
    res.send(`Hello from admin area - ${req.user}!`);
});

// Setup route.
app.get('/', (req, res) => {
    res.send("Not protected area!");
});

passport integration

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Application setup.
var app = express();

// Setup strategy.
var passport = require('passport');
passport.use(auth.passport(basic));

// Setup route.
app.get('/', passport.authenticate('http', { session: false }),
    (req, res) => {
        res.end(`Welcome to private area - ${req.user}!`);
    }
);

http-proxy integration

// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
    realm: "Simon Area.",
    file: __dirname + "/../data/users.htpasswd"
});

// Create your proxy server.
httpProxy.createServer(basic, {
    target: 'http://localhost:1338'
}).listen(1337);

// Create your target server.
http.createServer((req, res) => {
    res.end("Request successfully proxied!");
}).listen(1338);