使用 express js 的 http-auth 摘要
[英]http-auth digest using express js
问题描述
I'm developing an API in Express JS.
我正在用 Express JS 开发 API。 I want to use http-auth library and I've been trying to use digest authentication, but I have not been able to use it.我想使用http-auth 库,我一直在尝试使用摘要式身份验证,但我一直无法使用它。 Here is my code:这是我的代码:
var app = require('express')(),
routes = require('./routes'),
bodyParser = require('body-parser'),
auth = require('http-auth');
app.use(bodyParser.json()); // Soporta json encoded bodies
app.use(bodyParser.urlencoded({ // Soporta encoded bodies
extended: true
}));
var digest = auth.digest({
realm: 'prueba',
file: __dirname + "/usr.pass"
});
app.use(auth.connect(digest));
// Conectamos todas nuestras rutas
app.use('/', routes);
// Levantamos servidor
app.listen(9999, () => {
Console.log('running');
});
My usr.pass file has this line: jdurini:prueba:88bfcf02e7f554f9e9ea350b699bc6a7 (password is a MD5 representation por '2315').我的usr.pass文件中有这一行: jdurini:prueba:88bfcf02e7f554f9e9ea350b699bc6a7 (密码是 MD5 表示 por '2315')。
I'm using POSTMAN to call my endpoints.我正在使用 POSTMAN 来调用我的端点。 In this case, I'm trying POST method on localhost:9999 , and everytime I try, It goes to digest.on('fail') event.在这种情况下,我在localhost:9999上尝试 POST 方法,每次尝试时,它都会转到digest.on('fail') 事件。
In the Authorization tab, I use this data .在Authorization选项卡中,我使用此数据。
What am I doing wrong?我究竟做错了什么? This is my first time using Express, so any comment could be helpful.这是我第一次使用 Express,所以任何评论都可能有所帮助。
Edit 1 - August 14th编辑 1 - 8 月 14 日
Authorization header in postman is as follows: Digest username="jdurini", realm="prueba", nonce="", uri="/", response="2c01bce3e1980c575fc82e32f9943617", opaque="" . Digest username="jdurini", realm="prueba", nonce="", uri="/", response="2c01bce3e1980c575fc82e32f9943617", opaque=""授权头如下: Digest username="jdurini", realm="prueba", nonce="", uri="/", response="2c01bce3e1980c575fc82e32f9943617", opaque="" 。 This header is autogenerated when I fill Authorization's form with:当我使用以下内容填写授权表单时,会自动生成此标题:
- type : Digest Auth类型:摘要验证
- username : jdurini用户名:jdurini
- Realm : prueba领域:普鲁巴
- Password : 2315密码:2315
No other header is used in the request.请求中没有使用其他标头。
1 个解决方案
解决方案1
3 已采纳 2017-08-12 10:02:45
Reason原因
Looks like there is a problem with your authentication file.您的身份验证文件似乎有问题。
Soluton解决方案
I just re-generated authentication line with htdigest :我只是用htdigest重新生成了身份验证行:
htdigest usr.pass prueba jdurini
and got something like this:得到了这样的东西:
jdurini:prueba:546bb2109e9d875fb486bf90a55fdbd6
And new version works for me.新版本对我有用。
Notice注意
I guess you may want to change Console.log('running') line to lower case, as your version does not compile for me.我猜您可能想将Console.log('running')行更改为小写,因为您的版本不适合我编译。
解决方案2
0 2021-07-16 09:47:49
For people who have error TypeError: auth.check is not a function对于有错误TypeError: auth.check is not a function
use app.use(digest.check());使用app.use(digest.check()); instead反而
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.