Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Node.js

You're reading from   Mastering Node.js Expert techniques for building fast servers and scalable, real-time network applications with minimal effort

Arrow left icon
Product type Paperback
Published in Nov 2013
Publisher Packt
ISBN-13 9781782166320
Length 346 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Sandro Pasquali Sandro Pasquali
Author Profile Icon Sandro Pasquali
Sandro Pasquali
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Understanding the Node Environment 2. Understanding Asynchronous Event-Driven Programming FREE CHAPTER 3. Streaming Data Across Nodes and Clients 4. Using Node to Access the Filesystem 5. Managing Many Simultaneous Client Connections 6. Creating Real-time Applications 7. Utilizing Multiple Processes 8. Scaling Your Application 9. Testing your Application A. Organizing Your Work B. Introducing the Path Framework C. Creating your own C++ Add-ons Index

Authenticating connections


In conjunction with establishing client session objects, a Node server often demands authentication credentials. The theory and practice of web security is extensive. We want to simplify our understanding into two main authentication scenarios:

  • When the wire protocol is HTTPS

  • When it is HTTP

The first is naturally secure, and the second is not. For the first we will learn how to implement Basic authentication in Node, and for the second a challenge-response system will be described.

Basic authentication

As mentioned, Basic authentication sends plain text over the wire containing a username/password combination, using standard HTTP headers. It is a simple and well-known protocol. Any server sending the correct headers will cause any browser to display a login dialog, like the following one:

Nonetheless this method remains insecure, sending non-encrypted data in plain text over the wire. For the sake of simplicity we will demonstrate this authentication method on a HTTP...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime