Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic & Digest authentication not working for some reason... #34

Open
thisissami opened this issue Jul 25, 2014 · 3 comments
Open

Basic & Digest authentication not working for some reason... #34

thisissami opened this issue Jul 25, 2014 · 3 comments

Comments

@thisissami
Copy link

Hi There,

I have been using Passport for numerous years now. In the current platform that I run, I use Passport's local strategy for authentication. This has been working fine for several months.

Today, I added a new Basic Strategy authentication system to the mix. This is completely separate from the standard Local Strategy that already exists.

My code is as follows:

  var basic = require('passport-http').BasicStrategy;

  passport.use(new basic({},
    function(username, password, done) {
      console.log('here we are');
    }
  ));

and the following is part of a different function

    if(path == '/the/correct/path'){
      console.log('OUTSIDE AUTH');
      passport.authenticate('basic', { session: false }, function(req, res){
        console.log('INSIDE AUTH');
      });
    }

When I make a request to /the/correct/path, OUTSIDE AUTH gets printed properly. However, I then expect here we are from the passport.use() function to get printed, which it never. I'm really frustrated, as I have no idea how this is supposed to work...

I have tried accessing this via browser, via curl calls (as per the example), using older & newer versions of the module, and using the DigestStrategy instead of the BasicStrategy. Any advice on what to do would be greatly appreciated... Also I am NOT using express if that makes a difference at all...

Best, and thanks either way,
Sami
@zenvisuals
Copy link

Hey there,

I also had this issue. If I am not wrong, the local strategy in passport authenticates against form data. However, if you would like to authenticate using the basic strategy, you have to add an Authorization header.

I never used CURL to do my requests, you can try use Postman to do the calls. In Postman, you just have to click on the Basic Auth tab and enter the credentials and they will auto generate an Authorization header with your encoded credentials and you can send it to the server.

The header should look like this: Authorization Basic wegTIyNy3h32SDGdgd

Adding the authorization header triggered the basic strategy for me.

Hope this helps

Cheers

@adborden
Copy link

I saw a similar behavior where I was mounting the auth endpoint to a non-root endpoint via app.use('/auth', authApp) and the uri check was failing. I opened a separate issue #43 and submitted a pull request.

passport-http is pretty silent about which check is failing. I added checkpoints in passport-http to track down which check was failing. Once I saw that it was the URI check, it was pretty easy to figure out what was going wrong. Hope that helps.

@srlowe
Copy link

srlowe commented Jan 9, 2015

I think we are seeing the same issue. Was using basic auth fine in certain testing scenarios - now it's hanging (no errors).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@thisissami @adborden @srlowe @zenvisuals