Basic HTTP authentication in Node.js using the request module
Here’s an easy way to use basic authentication while using the request library for Node.js.
Unfortunately request doesn’t come with an easy convenience parameter you can use, so you need to provide it by yourself. The common way is to add it as an extra HTTP header.
Let’s say you need to login to example.com using user and pass as your username/password.
var request = require('request'),
username = "john",
password = "1234",
url = "http://www.example.com",
auth = "Basic " + new Buffer(username + ":" + password).toString("base64");
request(
{
url : url,
headers : {
"Authorization" : auth
}
},
function (error, response, body) {
// Do more stuff with 'body' here
}
);
This is pretty verbose. Fortunately, you can use a trick using the URL itself, as specified in RFC 1738. Simply pass the user/pass before the host with an @ sign.
var request = require('request'),
username = "john",
password = "1234",
url = "http://" + username + ":" + password + "@www.example.com";
request(
{
url : url
},
function (error, response, body) {
// Do more stuff with 'body' here
}
);
Nice one huh?
Anonymous
Awesome, thanks for posting this. Not sure why this isn’t highlighted in the readme file for the request module
Reto
Nice but deprecated according to rfc3986 :(
Ravi Agrawal
Excellent work
Aj
Thank you for this post! It was helpful :-)
Emerson Carvalho
Cool… Thanks.
Wot
This is not recommended as URLs are commonly logged on the server. This represents a security risk
Anonymous
The user@pass options is a terrible idea, since most browsers log the url in their access logs.
Manasa
Thank you so much!! this post is my life saver… Awesome idea of basic authentication in node.
Anonymous
Seems doesn’t work with request 2.65.0, CORS
Anonymous
Please use the first option in this post of adding the header and not the appending to the url one as that creates a large security vulnerability
Stevejrmc
Thank you for this! It worked great!
Jasyn
Thx a lot for this concise guide. I’m trying to request json from jenkins’ rest API that is using preemptive authentication, from what I gathered. None of what you provided works for me. Do you have an idea how can I go about this?
Meghana Lobhi
Nice… Thanks.
Antxon
Thanks, straight to the point but good introduction to the module!
Hotoke
I find this very helpfull, but i would like know how can i use this with router, i\’m new in express 4 and nodeJS
AndyL
Very helpful information. Thank you.
Daniel Escoz
Please, don’t do this. Specify user and password using the auth field of the request options object, as specified here: https://github.com/request/request#http-authentication
Anonymous
very nice…
also can you tell us how send json payload?
Gagan Bansal
Very helpful. Thank you.
Anonymous
my question is where (place) to write this basic authentication code?
Anonymous
Thanks.
sudhir600
your code is not working correctly. in my node application i change my password, even user name but i am getting success msg. it should be failed actually.
Aaa
it’s return
{ code: -1, message: ‘ not supperted’ },
Any one please help me
Anusha
This is gold!
thanks :)
Gagan
Superb!, Simple and complete.
dev
stop comment to yourself it doesn’t work
Anonymous
Thank you so much! This worked like a gem
Romick
Why this is not recommended? Any arguments? And please provide more info why this is bad?
Frank
Thanks, works fine this example.