		@@ -48,2 +48,3 @@ /**
		* @param {Response} response HTTP response object.
		* @return {Boolean} true if is authenticated, else false.
		*/
		@@ -50,0 +51,0 @@ Basic.prototype.isAuthenticated = function(request, response) {

lib/auth/digest.js

		@@ -9,3 +9,3 @@ /**
		*/
		var util = require('../util');
		var utils = require('../utils');

		@@ -75,2 +75,3 @@ /**
		* @param {String} requestBody HTTP request body string.
		* @return {Boolean} true if is authenticated, else false.
		*/
		@@ -91,5 +92,5 @@ Digest.prototype.isAuthenticated = function(request, response, requestBody) {
		if(co.qop == "auth-int") {
		ha2 = util.md5(request.method + ":" + co.uri + ":" + util.md5(requestBody));
		ha2 = utils.md5(request.method + ":" + co.uri + ":" + utils.md5(requestBody));
		} else {
		ha2 = util.md5(request.method + ":" + co.uri);
		ha2 = utils.md5(request.method + ":" + co.uri);
		}
		@@ -102,7 +103,7 @@
		if(userHash && typeof userHash === 'string') {
		var ha1 = util.md5(this.users[co.username]);
		var ha1 = utils.md5(this.users[co.username]);

		// If algorithm is MD5-sess.
		if(co.algorithm == 'MD5-sess') {
		ha1 = util.md5(ha1 + ":" + co.nonce + ":" + co.cnonce);
		ha1 = utils.md5(ha1 + ":" + co.nonce + ":" + co.cnonce);
		}
		@@ -117,3 +118,3 @@
		// Evaluating final authentication response.
		var authRes = util.md5(ha1 + ":" + co.nonce + ":" + co.nc + ":" + co.cnonce + ":" + co.qop + ":" + ha2);
		var authRes = utils.md5(ha1 + ":" + co.nonce + ":" + co.nc + ":" + co.cnonce + ":" + co.qop + ":" + ha2);
		authenticated = (authRes == co.response);
		@@ -123,3 +124,3 @@ }
		// Evaluating final authentication response.
		var authRes = util.md5(ha1 + ":" + co.nonce + ":" + ha2);
		var authRes = utils.md5(ha1 + ":" + co.nonce + ":" + ha2);
		authenticated = (authRes == co.response);
		@@ -142,3 +143,3 @@ }
		// Generating unique nonce.
		var nonce = util.md5(uuid());
		var nonce = utils.md5(uuid());
		// Adding nonce.
		@@ -169,2 +170,3 @@ this.nonces[nonce] = 0;
		* @param {String} header authorization header.
		* @return {Array} parsed array with authorization header data.
		*/
		@@ -171,0 +173,0 @@ Digest.prototype.parseAuthHeader = function(header) {

lib/http-auth.js

		@@ -23,2 +23,3 @@ /**
		* - authList list where user details are stored in format {user:pass}, ignored if authFile is specified.
		* @return {Basic} basic authentication instance.
		*/
		@@ -40,2 +41,3 @@ 'basic' : function(options) {
		* - algorithm algorithm that will be used, may be MD5 or MD5-sess, optional, default is MD5.
		* @return {Digest} digest authentication instance.
		*/
		@@ -42,0 +44,0 @@ 'digest' : function(options) {

lib/option_parser.js

		/**
		* Modules.
		*/
		var fs = require('fs'), util = require('./util'), defaults = require('./defaults');
		var fs = require('fs'), utils = require('./utils'), defaults = require('./defaults');

		@@ -14,2 +14,3 @@ /**
		* @param {Array} options initial options.
		* @return {Array} array with parsed options.
		*/
		@@ -23,2 +24,3 @@ 'parseBasic' : function(options) {
		* @param {Array} options initial options.
		* @return {Array} array with parsed options.
		*/
		@@ -39,2 +41,3 @@ 'parseDigest' : function(options) {
		* @param {String} type may be 'digest' \| 'basic'.
		* @return {Array} array with parsed options.
		*/
		@@ -57,4 +60,4 @@ 'parse' : function(options, type) {

		for(authItem in authList) {
		var authLine = authList[authItem];
		for(var i = 0; i < authList.length; ++i) {
		var authLine = authList[i];

		@@ -67,3 +70,3 @@ if(type == 'digest') {
		// Pushing token to users array.
		authUsers.push(util.base64(authLine));
		authUsers.push(utils.base64(authLine));
		} else {
		@@ -70,0 +73,0 @@ throw new Error('Invalid type, may be digest \| basic!');

lib/provider.js

		@@ -14,2 +14,3 @@ /**
		* @param {Array} options authentication options.
		* @return {Basic} basic authentication instance.
		*/
		@@ -23,2 +24,3 @@ 'basic' : function(options) {
		* @param {Array} options authentication options.
		* @return {Digest} digest authentication instance.
		*/
		@@ -25,0 +27,0 @@ 'digest' : function(options) {

package.json

		{
		"name": "http-auth",
		"description": "Node.js module for HTTP basic and digest access authentication.",
		"version": "1.0.3",
		"version": "1.0.4",
		"author": "Gevorg Harutyunyan",
		@@ -6,0 +6,0 @@ "maintainers": [

160

README.md

		@@ -8,93 +8,95 @@ # http-auth

		$ git clone git://github.com/gevorg/http-auth.git

		```bash
		$ git clone git://github.com/gevorg/http-auth.git
		```
		Via [npm](http://npmjs.org/):

		$ npm install http-auth

		```bash
		$ npm install http-auth
		```
		## Digest access authentication usage

		/**
		* Requesting new digest access authentication instance.
		*/
		var digest = auth.digest({
		authRealm : 'Private area with digest access authentication.',
		authList : ['Shi:many222', 'Lota:123456'],
		algorithm : 'MD5-sess' //Optional, default is MD5.
		```javascript
		/**
		* Requesting new digest access authentication instance.
		*/
		var digest = auth.digest({
		authRealm : 'Private area with digest access authentication.',
		authList : ['Shi:many222', 'Lota:123456'],
		algorithm : 'MD5-sess' //Optional, default is MD5.
		});

		/**
		* Creating new HTTP server.
		*/
		http.createServer(function(req, res) {
		// Apply authentication to server.
		digest.apply(req, res, function() {
		res.end('Welcome to private area with digest access authentication!');
		});

		/**
		* Creating new HTTP server.
		*/
		http.createServer(function(req, res) {
		// Apply authentication to server.
		digest.apply(req, res, function() {
		res.end('Welcome to private area with digest access authentication!');
		});
		}).listen(1337);
		}).listen(1337);
		```
		## Basic access authentication usage
		```javascript
		/**
		* Requesting new basic access authentication instance.
		*/
		var basic = auth.basic({
		authRealm : 'Private area with basic access authentication.',
		authList : ['mia:supergirl', 'Carlos:test456', 'Sam:oho']
		});

		## Basic access authentication usage

		/**
		* Requesting new basic access authentication instance.
		*/
		var basic = auth.basic({
		authRealm : 'Private area with basic access authentication.',
		authList : ['mia:supergirl', 'Carlos:test456', 'Sam:oho']
		/**
		* Creating new HTTP server.
		*/
		http.createServer(function(req, res) {
		// Apply authentication to server.
		basic.apply(req, res, function() {
		res.end('Welcome to private area with basic access authentication!');
		});

		/**
		* Creating new HTTP server.
		*/
		http.createServer(function(req, res) {
		// Apply authentication to server.
		basic.apply(req, res, function() {
		res.end('Welcome to private area with basic access authentication!');
		});
		}).listen(1337);
		}).listen(1337);
		```
		## You can load users from file
		```javascript
		/**
		* Requesting new digest access authentication instance.
		*/
		var digest = auth.digest({
		authRealm : 'Private area with digest access authentication.',
		authFile : __dirname + "/users.htpasswd"
		});

		## You can load users from file

		/**
		* Requesting new digest access authentication instance.
		*/
		var digest = auth.digest({
		authRealm : 'Private area with digest access authentication.',
		authFile : __dirname + "/users.htpasswd"
		/**
		* Creating new HTTP server.
		*/
		http.createServer(function(req, res) {
		// Apply authentication to server.
		digest.apply(req, res, function() {
		res.end('Welcome to private area with digest access authentication!');
		});

		/**
		* Creating new HTTP server.
		*/
		http.createServer(function(req, res) {
		// Apply authentication to server.
		digest.apply(req, res, function() {
		res.end('Welcome to private area with digest access authentication!');
		});
		}).listen(1337);

		}).listen(1337);
		```
		## You can also use it with [express framework](http://expressjs.com/)

		/**
		* Requesting new digest access authentication instance.
		*/
		var digest = auth.digest({
		authRealm : 'Private area with digest access authentication.',
		authList : ['Shi:many222', 'Lota:123456'],
		algorithm : 'MD5-sess' //Optional, default is MD5.
		});

		/**
		* Handler for digest path, with digest access authentication.
		*/
		app.get('/', digest.apply, function(req, res) {
		res.send('Welcome to private area with digest access authentication!');
		});
		```javascript
		/**
		* Requesting new digest access authentication instance.
		*/
		var digest = auth.digest({
		authRealm : 'Private area with digest access authentication.',
		authList : ['Shi:many222', 'Lota:123456'],
		algorithm : 'MD5-sess' //Optional, default is MD5.
		});

		/**
		* Handler for digest path, with digest access authentication.
		*/
		app.get('/', digest.apply, function(req, res) {
		res.send('Welcome to private area with digest access authentication!');
		});
		```
		## Configurations

		- authRealm - Authentication realm.
		- authFile - File where user details are stored in format {user:pass}.
		- authList - List where user details are stored in format {user:pass}, ignored if authFile is specified.
		- algorithm - Algorithm that will be used for authentication, may be MD5 or MD5-sess, optional, default is MD5. ONLY FOR DIGEST!
		- `authRealm` - Authentication realm.
		- `authFile` - File where user details are stored in format {user:pass}.
		- `authList` - List where user details are stored in format {user:pass}, ignored if `authFile` is specified.
		- `algorithm` - Algorithm that will be used for authentication, may be MD5 or MD5-sess, optional, default is MD5. ONLY FOR DIGEST!

		@@ -101,0 +103,0 @@ ## Dependencies

lib/util.js

http-auth - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics