HTTP简单身份验证与POST表单身份验证
[英]HTTP Simple Authentication vs POST Form Authentication
问题描述
i'm reading RESTful Web Services and on the first chapters they talk about taking advantages over the stuff HTTP already serves. 
我正在阅读RESTful Web服务 ,在第一章中,他们谈到利用HTTP已经提供的服务来获得优势。
They introduce en example that does authentication to del.icio.us using HTTP Basic Authentication . 他们介绍了一个使用HTTP Basic Authentication验证对del.icio.us进行身份验证的示例。
Until now, the apps I've been written in NodeJS implemeted Authentication by sending a POST request from a form containing user and a password field. 到目前为止,我已经用NodeJS编写的应用通过从包含user和password字段的表单发送POST请求来实现身份验证。
How do you guys implement this? 你们如何实现呢? Do webpages implement auth via http basic auth ? 网页是否通过http basic auth实现身份http basic auth ? Which one is recommended? 推荐哪一个?
Thanks in advance. 提前致谢。
2 个解决方案
解决方案1
1 2012-11-08 19:01:49
You may find Basic HTTP authentication in Node.JS? 您可以在Node.JS中找到基本的HTTP身份验证吗? useful as it describes how to do Basic Authentication in NodeJS. 有用,因为它描述了如何在NodeJS中执行基本身份验证。
As for its use in Web Services, well...there are lots of ways to authorize requests from using a shared secret (like an API key), cookies (like Basic Auth) or user credentials added to a request string. 至于它在Web服务中的用法,...有很多方法可以使用添加到请求字符串中的共享密钥(例如API密钥),cookie(例如Basic Auth)或用户凭据来授权请求。 All have their pluses and minuses. 都有优点和缺点。
For most of my coding, I rely on public/private key pairs to assure the identity of clients. 对于我的大多数编码,我都依赖于公钥/私钥对来确保客户端的身份。
解决方案2
0 2016-04-22 10:47:44
http-auth module should do the job http-auth模块应该可以完成这项工作
// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
realm: "Simon Area.",
file: __dirname + "/../data/users.htpasswd" // gevorg:gpass, Sarah:testpass ...
});
// Creating new HTTP server.
http.createServer(basic, function(req, res) {
res.end("Welcome to private area - " + req.user + "!");
}).listen(1337);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.