Skip to content

Password not required #30

New issue
New issue
Open
Open
Password not required#30
@jackdent

Description

@jackdent
jackdent
opened on Jul 1, 2014

Some APIs (including mine!) use HTTP Basic Auth, but read the username as an API token and ignore the password field. Notably, Stripe does this. It would be great to have the ability to pass a passwordRequired option, which defaults to true to preserve backwards compatability, but that can be set to false to disable the requirement.

From this:

var userid = credentials[0];
var password = credentials[1];
if (!userid || !password) {
    return this.fail(this._challenge());
}

To this:

var userid = credentials[0];
var password = credentials[1];
if (!userid || (options.passwordRequired && !password)) {
    return this.fail(this._challenge());
}

I'm happy to submit a pull request

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions