A koa-police strategy using an htpasswd file to provide user and passwords.
Simply run
$ npm install --save koa-police-htpasswdThis module exports a function that take the scopes and their
related htpasswd files as an object, and returns a koa-police strategy.
You can call it like this.
var koaPoliceHtpasswd = require('koa-police-htpasswd');
var htpasswdStrategy = koaPoliceHtpasswd({
user: path.join(__dirname, 'users.htpasswd')
}, {loadFile: true});If loadFile is true, the passed string will be considered to be
the path on your filesystem, otherwise it will be considered to be the
content of the htpasswd file.
You then only need to add this strategy to the strategies array when
initializing koa-police.
A full example is provided in the example directory.
koa-police is meant to be minimal, and therefore does not handle
adding www-authenticate header.
However, you can do this very easily in any middleware, or in your error
handler. Here is the error handler used in the example:
app.use(function *(next) {
try {
yield next;
} catch (err) {
if (err instanceof koaPolice.AuthenticationError) {
this.body = 'Rejected by ' + err.policy;
this.status = 401;
if (err.policy.hasStrategy('htpasswd')) {
this.set('www-authenticate', 'Basic realm=' + err.policy.scope + '-realm');
}
}
}
});