Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The Node.js module implements the main mechanisms of web authentication. At the moment webauth supports the following types of authentication:
This project is a Node.js module that you can add to your application via the npm
packet manager:
npm install webauth
To authenticate the request to the server, use the auth
method:
auth(reqOptions, credentials, callback, [isHttps=false], [res], [method])
reqOptions
- The request options object uses signature identical to the Node.js http/https request options;credentials
- The object to which authentication parameters are passed:{
username : 'Churkin.Andrey', // required field
password : 'myPass$1', // required field
domain : 'CORP', // is used in the NTLM auth
workstation: 'CHURKIN-LINUX' // is used in the NTLM auth
}
callback
- The function that will be called after the authentication;isHttps
- Set true
to use https protocol (false
by default);res
- An optional parameter that you need to pass to the method if you have already received a response from the server with the 401 error;method
- The authentication type to be used. Possible values are: NTLM
, Basic
. If this value is not specified, it will be automatically selected based on the following priorities:
var webauth = require('webauth');
var reqOptions = {
host: 'localhost',
headers: {
'accept-encoding' : 'gzip,deflate,sdch'
}
},
credentials = {
username: 'Churkin.Andrey',
password: 'myPass$1',
domain: 'CORP',
workstation: 'CHURKIN-LINUX'
};
webauth.auth(reqOptions, credentials, function(res) {
console.log(res.statusCode);
});
FAQs
Web authentication module
The npm package webauth receives a total of 51,381 weekly downloads. As such, webauth popularity was classified as popular.
We found that webauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.