{"library":"passport-trusted-header","title":"passport-trusted-header","description":"Passport.js strategy for authentication by trusted HTTP headers, typically used when TLS is terminated at a front-end proxy (e.g., nginx). Version 1.1.0 is current, with no recent updates. Key differentiators: specifically for proxied setups, complements passport-client-cert for direct TLS. Security warning about proxy whitelisting is critical; alternatives include passport-client-cert.","language":"javascript","status":"active","last_verified":"Sat Apr 25","install":{"commands":["npm install passport-trusted-header"],"cli":null},"imports":["import { Strategy } from 'passport-trusted-header'","const Strategy = require('passport-trusted-header').Strategy","import pkg from 'passport-trusted-header'; const Strategy = pkg.Strategy"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"const passport = require('passport');\nconst { Strategy } = require('passport-trusted-header');\n\nconst options = {\n  headers: ['X-Client-DN', 'X-Client-CN']\n};\n\npassport.use(new Strategy(options, (requestHeaders, done) => {\n  const userDn = requestHeaders['X-Client-DN'];\n  const userCn = requestHeaders['X-Client-CN'];\n  // Authentication logic\n  if (userDn === 'CN=test-user') {\n    return done(null, { name: 'Test User' });\n  }\n  return done(null, false);\n}));\n\n// Express example\nconst express = require('express');\nconst app = express();\napp.use(passport.initialize());\napp.get('/login', passport.authenticate('trusted-header', { session: false }), (req, res) => {\n  res.json({ user: req.user });\n});","lang":"javascript","description":"Initializes passport-trusted-header strategy with custom headers and a verify callback; shows Express usage.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}