Skip to main content

Password file authenticator

Authenticate HTTP header with a password file.

Configuration

auth:
enabled: true
options:
password-file:
path: passwd.txt
users:
- name: jax
attr:
department: engineer

Password file

You need to create a password file in format <username>:<bcrypt-password>, one user per line. For example:

jax:$2y$10$QUAOLtJb3C80sdbmrDIG7O833YU6YMJHNs5P/idwWjvJRsyGy22qa
ivan:$2y$10$QUAOLtJb3C80sdbmrDIG7O833YU6YMJHNs5P/idwWjvJRsyGy22qa

This file provides two users "jax” and "ivan” with password "123”.

info

To generate bcrypt-password, you can use htpasswd command, for example, to generate user "ivan” and password "123”:

htpasswd -bnBC 10 "ivan" 123

If you want to add some attributes for these users, you can set them in the config file, for example,

auth:
enabled: true
options:
password-file:
path: passwd.txt
users:
- name: jax
attr:
department: engineer

This config adds department=engineer for user "jax”, but adds no attribute to user "ivan”.

Provide credentials

You need to add a header Authorization: password-file base64(<username>:<password>) when sending requests, for example, sending requests with username "ivan” and password "123”.

curl -H "Authorization: password-file aXZhbjoxMjM=" http://localhost:3000/api/customer