Thursday, 27 April 2017

basic auth, server nodejs . client from android

android client side:

if you use retrofit, then it has perfect integration:

or you can just change your url:

Nodejs server side:

npm basic-auth

app.use('*', basicAuth.basicAuth('username', 'password'));
app.use('', basicAuth.basicAuth('username', 'password'));
app.use('/*', basicAuth.basicAuth('username', 'password'));
app.use('/', basicAuth.basicAuth('username', 'password'));

exports.basicAuth = function(username, password) {
    return function(req, res, next) {
        var user = basicAuth(req);
        if (!user || !== username || user.pass !== password) {
            res.set('WWW-Authenticate', 'Basic realm=Authorization Required');
            return res.send(401);
        } else {



Your app should work ok locally after above changes.
but you may have small issues with CI:

If you use CI and use url checking from CI, then you may get below issue:

because you have put CI ip into the whitelist,  and your CI cannot do basic auth automatically.... then you :


For Hosting 

I am using Heroku for hosting, other cloud platform should have similar issue:

fwd: HTTP request X-Forwarded-For header value

Then you should use this in your nodejs code:

    app.use(ipfilter(whitelistIPs, {mode: 'allow', logLevel:'deny', allowedHeaders:["X-Forwarded-For", "x-forwarded-for"]}));

BTW, you may use localhost when you are developing locally, and "localhost" is not the ip. you need to put this"'::1'" into your whitelist.

No comments:

Post a comment