Implementing HTTP Basic Authentication
Let's implement the Basic Auth protocol in Contacts App. As you have learned in the previous sections, you will need to add the Authorization header for every request that you make to the server in order to be authenticated. From the server side, you will need to read and parse this header.
A useful npm package to decode the Authorization header has been developed. With the basic-auth module, you can read the request headers and return an object with two fields: name and pass, these fields can be used to authenticate the user. For simplicity, we will use a hardcoded user and password, not a real database:
// server/basicAuthMiddleware.js
var basicAuth = require('basic-auth');
var authorizationRequired = function (req, res, next) {
var credentials = basicAuth(req) || {};
if (credentials.name === 'john' && credentials.pass === 'doe') {
return next();
} else {
return res.sendStatus(401);
}
};...
