is possible basic auth in node.js in apache?
http://doc.norang.ca/apache-basic-auth.html
i know if using express or connect can add middle-ware functionality , user verification, i'm trying restrict whole area (i don't need authenticate users database couple of defined users) - i'm using ubuntu.
https://github.com/kaero/node-http-digest
that's can do, i'm not sure if "exposing" or directly writing user , password in code secure enough.
many thanks.
passport provides clean mechanism implement basic auth. use in node.js express app protect both angularjs-based ui restful api. passport , running in app following:
npm install passport
npm install passport-http (contains "basicstrategy" object basic auth)
open app.js , add following:
var passport = require('passport') var basicstrategy = require('passport-http').basicstrategy passport.use(new basicstrategy( function(username, password, done) { if (username.valueof() === 'yourusername' && password.valueof() === 'yourpassword') return done(null, true); else return done(null, false); } )); // express-specific configuration section // *important* // note order of passport initialized // in configure section--it throw error // if app.use(passport.initialize()) called after // app.use(app.router) app.configure(function(){ app.use(express.cookieparser()); app.use(express.session({secret:'123abc',key:'express.sid'})); app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); app.set('view options', { layout: false }); app.use(express.bodyparser()); app.use(express.methodoverride()); app.use(express.static(__dirname + '/public')); app.use(passport.initialize()); app.use(app.router); app.use(logger); }); // routes app.get('/', passport.authenticate('basic', { session: false }), routes.index); app.get('/partials/:name', routes.partials); // json api app.get('/api/posts', passport.authenticate('basic', { session: false }), api.posts); app.get('/api/post/:id', passport.authenticate('basic', { session: false }), api.post) // --repeat every api call want protect basic auth-- app.get('*', passport.authenticate('basic', { session: false }), routes.index);
