{"library":"passport-http-2","title":"Passport HTTP Basic and Digest Strategies","description":"Passport-HTTP-2 provides HTTP Basic and Digest authentication strategies for Passport.js, enabling stateless authentication for Node.js applications that support Connect-style middleware like Express. Currently at version 1.1.1, the library's release cadence appears to be on-demand, with the last notable update in 2019 and last commit in 2022, suggesting a maintenance rather than actively developed status. It serves as a fork of the original `jaredhanson/passport-http` module, which itself is less actively maintained. This fork aims to offer continued support for these fundamental HTTP authentication schemes, often used for protecting API endpoints where sessions are not desired. Developers leverage this module to integrate standard basic (username/password over plaintext, requires HTTPS) and digest (challenge-response, avoids cleartext password) authentication into their Passport-based applications.","language":"javascript","status":"maintenance","last_verified":"Thu Apr 23","install":{"commands":["npm install passport-http-2"],"cli":null},"imports":["import { BasicStrategy } from 'passport-http-2';","import { DigestStrategy } from 'passport-http-2';","import passport from 'passport';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import express from 'express';\nimport passport from 'passport';\nimport { BasicStrategy, DigestStrategy } from 'passport-http-2';\n\nconst app = express();\n\n// In a real application, replace this with a database or secure user store\nconst users = new Map<string, { password?: string, digestSecret?: string, id: string }>([\n  ['alice', { password: 'password', id: 'alice' }],\n  ['bob', { digestSecret: 'secret', id: 'bob' }]\n]);\n\npassport.use(new BasicStrategy(\n  async (userid, password, done) => {\n    console.log(`Basic attempt for user: ${userid}`);\n    const user = users.get(userid);\n    if (!user || user.password !== password) {\n      return done(null, false); // Authentication failed\n    }\n    return done(null, user); // Authentication successful\n  }\n));\n\npassport.use(new DigestStrategy(\n  { qop: 'auth' }, // Quality of Protection (qop) for Digest authentication\n  async (username, done) => {\n    console.log(`Digest attempt for user: ${username}`);\n    const user = users.get(username);\n    if (!user) {\n      return done(null, false); // User not found\n    }\n    // Digest strategy expects user, then the shared secret (password)\n    return done(null, user, user.digestSecret); \n  },\n  async (params, done) => {\n    // Optional: Validate nonce-related parameters here to prevent replay attacks\n    // For this example, we just say 'true'\n    console.log('Digest nonce params:', params);\n    done(null, true);\n  }\n));\n\napp.use(passport.initialize());\n\napp.get('/', (req, res) => {\n  res.send('Hello, you can try accessing /basic or /digest');\n});\n\napp.get('/basic', passport.authenticate('basic', { session: false }), (req, res) => {\n  res.json({ message: `Hello Basic authenticated user: ${(req.user as any).id}` });\n});\n\napp.get('/digest', passport.authenticate('digest', { session: false }), (req, res) => {\n  res.json({ message: `Hello Digest authenticated user: ${(req.user as any).id}` });\n});\n\nconst PORT = process.env.PORT || 3000;\napp.listen(PORT, () => {\n  console.log(`Server running on http://localhost:${PORT}`);\n  console.log('Try: curl -u alice:password http://localhost:3000/basic');\n  console.log('Try: curl --digest -u bob:secret http://localhost:3000/digest');\n});","lang":"typescript","description":"This quickstart demonstrates setting up both HTTP Basic and Digest authentication using Passport-HTTP-2 with an Express application, showing strategy configuration and route protection.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}