HTTP Simple Authentication vs POST Form Authentication
Question
i'm reading RESTful Web Services and on the first chapters they talk about taking advantages over the stuff HTTP already serves.
They introduce en example that does authentication to del.icio.us using HTTP Basic Authentication .
Until now, the apps I've been written in NodeJS implemeted Authentication by sending a POST request from a form containing user and a password field.
How do you guys implement this? Do webpages implement auth via http basic auth ? Which one is recommended?
Thanks in advance.
2 answers
solution1
1 2012-11-08 19:01:49
You may find Basic HTTP authentication in Node.JS? useful as it describes how to do Basic Authentication in NodeJS.
As for its use in Web Services, well...there are lots of ways to authorize requests from using a shared secret (like an API key), cookies (like Basic Auth) or user credentials added to a request string. All have their pluses and minuses.
For most of my coding, I rely on public/private key pairs to assure the identity of clients.
solution2
0 2016-04-22 10:47:44
http-auth module should do the job
// Authentication module.
var auth = require('http-auth');
var basic = auth.basic({
realm: "Simon Area.",
file: __dirname + "/../data/users.htpasswd" // gevorg:gpass, Sarah:testpass ...
});
// Creating new HTTP server.
http.createServer(basic, function(req, res) {
res.end("Welcome to private area - " + req.user + "!");
}).listen(1337);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.