Basic HTTP authentication in Node.JS?

by

The username:password is contained in the Authorization header as a base64-encoded string.

Try this:

const http = require('http');
 
http.createServer(function (req, res) {
  var header = req.headers.authorization || '';       // get the auth header
  var token = header.split(/\s+/).pop() || '';        // and the encoded auth token
  var auth = Buffer.from(token, 'base64').toString(); // convert from base64
  var parts = auth.split(/:/);                        // split on colon
  var username = parts.shift();                       // username is first
  var password = parts.join(':');                     // everything else is the password
 
  res.writeHead(200, { 'Content-Type': 'text/plain' });
  res.end('username is "' + username + '" and password is "' + password + '"');
}).listen(1337, '127.0.0.1');

From HTTP Authentication: Basic and Digest Access Authentication – Part 2 Basic Authentication Scheme (Pages 4-5)

Basic Authentication in Backus-Naur Form

basic-credentials = base64-user-pass
base64-user-pass  = <base64 [4] encoding of user-pass,
                    except not limited to 76 char/line>
user-pass   = userid ":" password
userid      = *<TEXT excluding ":">
password    = *TEXT

More Related Contents:

  1. How to log out user from web site using BASIC authentication?
  2. Node.js EACCES error when listening on most ports
  3. How can I use an http proxy with node.js http.Client?
  4. How to display the Authentication Challenge in UIWebView?
  5. Easy HTTP requests with gzip/deflate compression
  6. What encoding should I use for HTTP Basic Authentication?
  7. How to set a timeout on a http.request() in Node?
  8. How to redirect user’s browser URL to a different page in Nodejs?
  9. How to make external HTTP requests with Node.js [closed]
  10. Preemptive Basic Auth with HttpUrlConnection?
  11. What is the “realm” in basic authentication
  12. ASP.NET MVC – HTTP Authentication Prompt
  13. Basic static file server in NodeJS
  14. Escaping username characters in basic auth URLs
  15. “Cannot GET /” with Connect on Node.js
  16. How to define the basic HTTP authentication using cURL correctly?
  17. HTTPS Proxy Server in node.js
  18. Getting Basic Authentication to work with ColdFusion
  19. Why is an OPTIONS request sent and can I disable it?
  20. HTTP status code for update and delete?
  21. Which status code should I use for failed validations or invalid duplicates?
  22. What does HTTP/1.1 302 mean exactly?
  23. What is the usefulness of PUT and DELETE HTTP request methods?
  24. HTTP 400 (bad request) for logical error, not malformed request syntax
  25. Avoid caching of the http responses
  26. Is it possible to set more than one cookie with a single Set-Cookie?
  27. HTTP Headers: Controlling Cache and History Mechanism
  28. luaSocket HTTP requests always respond with a redirect (301 or 302)
  29. Should a 502 HTTP status code be used if a proxy receives no response at all?
  30. Do we need to close the response object if an error occurs while calling http.Get(url)?

Leave a Comment