Basic Auth Header Parser

0.0.2-1 · abandoned · verified Wed Apr 22

The `basic-auth-parser` package provides a minimalist utility for parsing the `Authorization` HTTP header specifically for Basic Authentication schemes. It extracts the authentication scheme (e.g., 'Basic'), username, and password from a base64-encoded header string. The current stable version is 0.0.2-1, which was last published over four years ago, indicating that the package is no longer actively maintained. Due to its age and lack of updates, it does not support modern JavaScript module systems like ESM out-of-the-box, relying solely on CommonJS. Key differentiators from more actively maintained alternatives like `basic-auth` (from `jshttp`) or `http-auth-utils` include its extremely small footprint and singular focus, but this comes at the cost of modern features, security updates, and broader ecosystem support.

Common errors

```
TypeError: basicAuthParser is not a function
```
cause Attempting to use `basicAuthParser` as a function when it might be `undefined` or a malformed import due to incorrect module handling (e.g., in ESM context attempting to `import default as basicAuthParser`).

fix Ensure the module is correctly imported using `const basicAuthParser = require('basic-auth-parser');` for CommonJS. If in ESM, consider `const basicAuthParser = require('basic-auth-parser');` or a dynamic import with proper default export handling: `const { default: basicAuthParser } = await import('basic-auth-parser');`
```
SyntaxError: Unexpected token 'export'
```
cause This error typically occurs when a CommonJS module is attempting to be imported using an ESM `import` statement in an environment that strictly enforces module types without transpilation or interoperability layers. This library does not export via `export`.

fix Revert to CommonJS `require()` syntax: `const basicAuthParser = require('basic-auth-parser');`.

Warnings

breaking The package has not been updated in over four years (last published 0.0.2-1). It is highly unlikely to receive security patches, bug fixes, or new features. Consider using actively maintained alternatives like `basic-auth` (from `jshttp`) or `http-auth-utils` for production environments.
Fix: Migrate to a maintained library like `basic-auth` (`npm install basic-auth`) or `http-auth-utils` (`npm install http-auth-utils`).
gotcha This package is exclusively CommonJS (`require`) and lacks official ESM (`import`) support. Integrating it into modern TypeScript or ESM-native projects may require specific build configurations or a CommonJS wrapper.
Fix: For ESM projects, consider using a dynamic `import()` statement or a CommonJS-compatible module loader, or switch to an ESM-native alternative. Example for ESM: `const basicAuthParser = await import('basic-auth-parser').then(m => m.default || m);`
gotcha The package only handles 'Basic' scheme parsing. It will return `null` for other `Authorization` schemes (e.g., 'Bearer', 'Digest') or malformed Basic Auth strings (e.g., invalid base64 encoding or missing colon).
Fix: Always check for `null` return values and implement robust error handling or use a more comprehensive HTTP auth parsing library if supporting multiple schemes is required.

Install

npm install basic-auth-parser npm
yarn add basic-auth-parser yarn
pnpm add basic-auth-parser pnpm

Imports

basicAuthParser
wrong:
```
import basicAuthParser from 'basic-auth-parser';
```
correct:
```
const basicAuthParser = require('basic-auth-parser');
```
This package is CommonJS-only and does not officially support ESM `import` statements. Attempting to import it directly in an ESM context will likely result in a runtime error.

Quickstart

This quickstart demonstrates how to parse a Basic Auth `Authorization` header string using `basic-auth-parser`, showing both successful parsing and handling of invalid inputs.

const basicAuthParser = require('basic-auth-parser');

// Example: Parsing a valid Basic Auth header
const authHeader = 'Basic YWRtaW46cGFzc3dvcmQ='; // 'admin:password' base64 encoded
const parsedCredentials = basicAuthParser(authHeader);

console.log('Parsed Credentials:', parsedCredentials);
// Expected output: { scheme: 'Basic', username: 'admin', password: 'password' }

// Example: Handling an invalid or malformed header
const invalidAuthHeader = 'Bearer some-token';
const malformedAuthHeader = 'Basic invalid-base64-';

const parsedInvalid = basicAuthParser(invalidAuthHeader);
const parsedMalformed = basicAuthParser(malformedAuthHeader);

console.log('Parsed Invalid Header:', parsedInvalid);
// Expected output for non-Basic scheme: null
console.log('Parsed Malformed Header:', parsedMalformed);
// Expected output for malformed base64: null

view raw JSON →