{"library":"passport-http","title":"Passport HTTP Basic & Digest Strategies","description":"This package provides authentication strategies for HTTP Basic and HTTP Digest schemes, designed to integrate with the Passport.js authentication middleware for Node.js. It allows applications to secure endpoints using standard HTTP authentication headers, often used for API access or intranet applications. The current stable version is 0.3.0, last published nine years ago. This package is part of the original Passport ecosystem and differentiates itself by offering direct implementations of these fundamental HTTP authentication methods, enabling their use with any Connect/Express-style middleware. Its release cadence is non-existent, suggesting a mature but abandoned state, with focus on core functionality without frequent updates. While functional, developers should consider its age and lack of recent security patches.","language":"javascript","status":"abandoned","last_verified":"Tue Apr 21","install":{"commands":["npm install passport-http"],"cli":null},"imports":["import { BasicStrategy } from 'passport-http';","import { DigestStrategy } from 'passport-http';","import passport from 'passport';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import express from 'express';\nimport passport from 'passport';\nimport { BasicStrategy, DigestStrategy } from 'passport-http';\n\nconst app = express();\nconst PORT = process.env.PORT || 3000;\n\n// A mock user database for demonstration\nconst users = [\n  { id: 1, username: 'john', password: 'password', secret: 'shared-secret' },\n  { id: 2, username: 'jane', password: 'secure', secret: 'another-secret' }\n];\n\n// Basic Strategy Configuration\npassport.use(new BasicStrategy(\n  function(userid, password, done) {\n    const user = users.find(u => u.username === userid);\n    if (!user) { return done(null, false); }\n    if (user.password !== password) { return done(null, false); }\n    return done(null, user);\n  }\n));\n\n// Digest Strategy Configuration\npassport.use(new DigestStrategy({ qop: 'auth' },\n  function(username, done) {\n    const user = users.find(u => u.username === username);\n    if (!user) { return done(null, false); }\n    // For Digest, 'done' needs to provide the user and the shared secret (password)\n    return done(null, user, user.secret);\n  },\n  function(params, done) {\n    // Optional: Validate nonce and other parameters to prevent replay attacks\n    // For simplicity, we just accept for this example.\n    done(null, true);\n  }\n));\n\napp.use(passport.initialize());\n\n// Routes for HTTP Basic Authentication\napp.get('/basic-private', \n  passport.authenticate('basic', { session: false }),\n  function(req, res) {\n    res.json({ message: 'Welcome to the basic private area!', user: req.user.username });\n  }\n);\n\n// Routes for HTTP Digest Authentication\napp.get('/digest-private', \n  passport.authenticate('digest', { session: false }),\n  function(req, res) {\n    res.json({ message: 'Welcome to the digest private area!', user: req.user.username });\n  }\n);\n\napp.get('/', (req, res) => {\n  res.send('Hello! Try accessing /basic-private or /digest-private with auth.');\n});\n\napp.listen(PORT, () => {\n  console.log(`Server running on http://localhost:${PORT}`);\n  console.log('Test Basic Auth with: curl -u john:password http://localhost:3000/basic-private');\n  console.log('Test Digest Auth with: curl --digest -u jane:another-secret http://localhost:3000/digest-private');\n});\n","lang":"javascript","description":"This example demonstrates configuring and using both HTTP Basic and HTTP Digest authentication strategies with Passport.js and Express, showcasing how to protect routes without requiring session management.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}