GithubHelp home page GithubHelp logo

might as well be auth(ctx) about basic-auth HOT 7 CLOSED

koajs avatar koajs commented on May 2, 2024
might as well be auth(ctx)

from basic-auth.

Comments (7)

tj avatar tj commented on May 2, 2024

going to redo with https://github.com/visionmedia/node-basic-auth
and make this a blanket middleware

from basic-auth.

jonathanong avatar jonathanong commented on May 2, 2024

so the last repo in the koajs org that touches the protos is the CSRF one. i'm not sure how to do it better - middleware just to create a getter is silly IMO, and doing it as csrf(this) is the same as a middleware, but more annoying.

csrf(this).get() and csrf(this).check(body) would be annoying, though it makes sense. i'd also like to be able to choose the "secret", i.e. cookie sessions could just use .sid whereas db stores should use .secret or something.

but then again, we can make it generic like basic-auth, but then so many options!!! i think it should just be included in session middleware.

from basic-auth.

tj avatar tj commented on May 2, 2024

im always a fan of generic stuff and then going progressively more special-cased as long as there's enough work to make it really worth the effort

from basic-auth.

jonathanong avatar jonathanong commented on May 2, 2024

i don't disagree, but for csrf, being generic is more difficult than just inlining it in your app since you have a lot of options/environments to take into account.

from basic-auth.

tj avatar tj commented on May 2, 2024

yeah that's how it was using visionmedia/send with generators, not worth the pain, the rewrite was easier than trying to get janky event stuff to work properly

from basic-auth.

jonathanong avatar jonathanong commented on May 2, 2024

you can only set a single username and password? kind of useless haha. should just be an example instead of a middleware.

from basic-auth.

tj avatar tj commented on May 2, 2024

that's the average use-case, when you want to chuck something up on a port that's all you ever really need, once you go beyond that there's no point using middleware for it. we use it all the time though, private stats, monitoring stuff, job queue UIs etc

from basic-auth.

Related Issues (8)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.