I wanted to protect some of my public http in nodes (running in Bluemix).
I ended up putting a Function node behind the http in node to mimic HTTP server Basic Auth challenge and verification.
It would be nice to have Basic Auth available in the http in node UI, like for http request node >/(
Here is the code from the Function node. It has 2 outputs, one for successfull authentication, one for failed.
var username = 'janedoe';
var password = 'password';
console.log('Authorization header: ' + msg.req.get('Authorization'));
if (msg.req.get('Authorization')) {
var buf = new Buffer(msg.req.get('Authorization').split(' ')[1], 'base64');
console.log('Authorization header value: '+ buf.toString());
var user = buf.toString().split(':')[0];
var pwd = buf.toString().split(':')[1];
if (username == user && password == pwd) {
msg.payload = {'Auth' : 'ok'};
return [msg, null];
} else {
msg.headers = {'WWW-Authenticate' : 'Basic'};
msg.statusCode = 401;
return [null, msg];
}
} else {
msg.headers = {'WWW-Authenticate' : 'Basic'};
msg.statusCode = 401;
return [null, msg];
}