File tree 1 file changed +49
-0
lines changed
1 file changed +49
-0
lines changed Original file line number Diff line number Diff line change 1+ Basic Authentication
2+ -------------------
3+ HTTP Basic Access Authentication
4+ ----------------------------------
5+ -> Method for HTTP user agent to provide username and password with a request;
6+ -> Server can challenge a client to authenticate itself;
7+ -> Client needs to send a response;
8+
9+ Client Server
10+ | |
11+ | -----Initiates request---> |
12+
13+ <---HTTP/1.1 401 UNAUTHORIZED WWW-Authenticate : Basic ---------- |
14+
15+ -->---Get/index.html HTTP/1.1 ----Authorization : Basic (Base64 encoded string)- Host: www.....com -------->
16+
17+ Authorization Header
18+ -------------------------
19+ -> Authorization Header is constructed as follows:
20+ 1. Username and password are combined into a string "username:password".
21+ 2. The resulring string literal is then encoded using Base64;
22+ 3. The authorization method and a space, i.e. "Basic" is put before the encoded string;
23+
24+ Authorization: Basic (Base64 Encoded string);
25+
26+ Express and Authentication
27+ ---------------------------
28+
29+ Express application is structured as a sequence of middleware that are executed in a sequence one after another;
30+ Middleware
31+ |
32+ |
33+ \ /
34+ Middleware
35+ |
36+ |
37+ \ /
38+ Authentication Middleware-----
39+ |Authenticated |
40+ |Next(); |
41+ \ / |Not Authenticated
42+ Middleware |Next(error);
43+ | |
44+ | \ /
45+ \ / Error Handler
46+ Middleware
47+
48+
49+
You can’t perform that action at this time.
0 commit comments