Support for authorization header #64
Labels
enhancement
New feature or request
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
One standard header in HTTP requests is authorization. This can be used to provide credentials to the server and the server can then use this to authorize certain paths on the server demanding for example username and password for login. Maybe we can create a class that can handle this for incoming requests? Can also be extended with functionality for permitting and or banning ip-adresses.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication
Example, when from a client (Insomnia) using the Auth mode Basic we can provide a username and password.
This results in a header:
Authorization: Basic , where credentials is the Base64 encoding of ID and password joined by a single colon :.
For username: user and password:password the following will be sent to the server which has to base64 decode the textstring and separate username and password.
authorization: Basic dXNlcjpwYXNzd29yZA==
If no credentials are available or they are invalid the server can respond with a 401 (Unauthorized) status code.
The text was updated successfully, but these errors were encountered: