Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HTTP Basic Auth support #49

Merged
merged 4 commits into from
Dec 4, 2016
Merged

Add HTTP Basic Auth support #49

merged 4 commits into from
Dec 4, 2016

Conversation

timkendall
Copy link
Contributor

#30

@leo
Copy link
Contributor

leo commented Nov 30, 2016

Looks great! But please don't increment the version tag in package.json for us. Depending on what will follow, it might also be a major release... 😊

@timkendall
Copy link
Contributor Author

Gotcha. Was wondering about that. I'll revert it when I get back to my computer later today. Great little library thanks for sharing!

Did this so the library owners can choose to update it on their own.
@aesopwolf
Copy link

I'd be interested in seeing a slightly different API. One that pulls user/pass from environment variables automatically (perhaps process.env.LIST_BASIC_AUTH_USER and process.env.LIST_BASIC_AUTH_PASS by default). This would require only a single command line arg of --auth

You can then optionally supply a user/pass directly to the auth command in case you want to override looking up the environment variables. So --auth username:password

@timkendall
Copy link
Contributor Author

Hmm yeah this could be good. @leo any thoughts?

@leo
Copy link
Contributor

leo commented Dec 1, 2016

👌

But let's only do the env vars, so that we can prevent people from hardcoding stuff. On now, env variables can be filled with secrets defined on the platform.

LIST_USER
LIST_PASSWORD

My dream world would be to only request a password and not a user, not sure if that's possible.

@rauchg
Copy link
Member

rauchg commented Dec 3, 2016

Not possible with basic auth, but that would be dreamy for many many scenarios :)


if (flags.auth) {
const credentials = auth(req)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's missing error reporting if the env vars are not set

@timkendall
Copy link
Contributor Author

Oops. Hows that?

@leo leo merged commit 8fd3255 into vercel:master Dec 4, 2016
@leo
Copy link
Contributor

leo commented Dec 4, 2016

Thanks!

@leo leo mentioned this pull request Dec 4, 2016
@electerious
Copy link
Contributor

How can I use HTTP Basic Auth together with now? The following isn't working.

now -e SERVE_USER=abc -e SERVE_PASSWORD=abc

@leo
Copy link
Contributor

leo commented Jan 24, 2017

@electerious
Copy link
Contributor

True, but how can I pass the --auth to the serve module when deploying via now?

@derhuerst
Copy link

@electerious It should be just like to did above.

@electerious
Copy link
Contributor

But now --auth -e SERVE_USER=abc -e SERVE_PASSWORD=abc passes the --auth flag to now, right? It won't be forwarded to serve.

@leo
Copy link
Contributor

leo commented Jan 24, 2017

Correct. You can't pass flags to serve via now. You need a custom package.json

@derhuerst
Copy link

@electerious The start script in package.json would usually contain the --auth flag. User & password would be read from the env, provided by you via now -e ….

@t829702
Copy link

t829702 commented Jan 4, 2021

is this feature documented? how to use in standalone? (not with now)
https://github.com/vercel/serve#authentication (either in README or in --help ?)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants