{"library":"passport-http-bearer","title":"Passport HTTP Bearer Strategy","description":"The `passport-http-bearer` module provides an authentication strategy for Passport.js, specifically designed to handle HTTP Bearer tokens as defined by RFC 6750. This module allows Node.js applications, particularly those using Connect-style middleware like Express, to easily integrate token-based authentication for API endpoints. Bearer tokens are a common mechanism for securing REST APIs and are frequently issued in conjunction with OAuth 2.0. The current stable version is 1.0.1, last published in 2013, indicating a mature and stable codebase with a very low release cadence, focusing on reliability rather than frequent feature additions. It differentiates itself by providing a robust, battle-tested solution for a core authentication pattern within the Passport.js framework, leveraging its pluggable middleware architecture. TypeScript definitions are available via `@types/passport-http-bearer` for enhanced developer experience.","language":"javascript","status":"maintenance","last_verified":"Tue Apr 21","install":{"commands":["npm install passport-http-bearer"],"cli":null},"imports":["import { Strategy as BearerStrategy } from 'passport-http-bearer';","const BearerStrategy = require('passport-http-bearer').Strategy;","import { Strategy as BearerStrategy } from 'passport-http-bearer';\nimport { VerifyFunction, VerifyFunctionWithRequest } from 'passport-http-bearer';"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import express from 'express';\nimport passport from 'passport';\nimport { Strategy as BearerStrategy } from 'passport-http-bearer';\n\nconst app = express();\nconst PORT = process.env.PORT || 3000;\n\n// Dummy User/Token database for example purposes\nconst users = [\n  { id: '1', username: 'testuser', token: 'a1b2c3d4e5f6' },\n];\n\n// Configure the Bearer strategy\npassport.use(new BearerStrategy(\n  async (token, done) => {\n    console.log(`Attempting to verify token: ${token}`);\n    try {\n      const user = users.find(u => u.token === token);\n      if (!user) {\n        console.log('Invalid token provided.');\n        return done(null, false, { message: 'Invalid token' });\n      }\n      console.log(`Token verified for user: ${user.username}`);\n      return done(null, user, { scope: 'all' });\n    } catch (err) {\n      console.error('Error during token verification:', err);\n      return done(err);\n    }\n  }\n));\n\n// Initialize Passport\napp.use(passport.initialize());\n\n// Protected route using bearer authentication\napp.get('/api/protected', \n  passport.authenticate('bearer', { session: false }),\n  (req, res) => {\n    // If authentication successful, req.user will be populated\n    const user = req.user as typeof users[0] | undefined;\n    if (user) {\n      res.json({ message: `Hello, ${user.username}! You have access to protected data.` });\n    } else {\n      res.status(401).json({ message: 'Authentication required.' });\n    }\n  }\n);\n\n// Start the server\napp.listen(PORT, () => {\n  console.log(`Server running on http://localhost:${PORT}`);\n  console.log('Test with: curl -H \"Authorization: Bearer a1b2c3d4e5f6\" http://localhost:3000/api/protected');\n  console.log('Test with invalid token: curl -H \"Authorization: Bearer wrongtoken\" http://localhost:3000/api/protected');\n});\n","lang":"typescript","description":"This quickstart demonstrates how to set up `passport-http-bearer` with Express and Passport to protect an API endpoint using a static bearer token. It includes a simple in-memory user store for token verification.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}