You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Would it be possible to implement a server configuration option that implements Basic Auth for all http requests? I know it's not really the most secure method but some authentication is better than no authentication for requests made to the FlyingFox HTTP Server. Something as simple as a configurable user name and password that implements the Basic Auth spec would be nice.
The text was updated successfully, but these errors were encountered:
I think that is a nice idea, this really is just another HTTPHandler that acts as a middleware in-between requests and handlers. It may take me a while to workout exactly how to handle this in a generic way but I have pushed a quick branch that shows how you could easily implement it: basic-auth:
varauthRoutes=BasicAuthRoutedHTTPHandler(realm:"fox", username:"fish", password:"chips")
authRoutes.appendRoute("/auth/fish"){HTTPResponse(statusCode:.ok,
headers:[.contentType:"text/plain; charset=UTF-8"],
body:"🎣 🍟".data(using:.utf8)!)}
// all routes under this path require authentication;
await server.appendRoute("/auth/*", to: authRoutes)
Your basic auth branch is working nicely in my app. Had a little bit of trickery with my apps internal web view but was able to find a solution by removing the credential persistence so it re-authenticates every time including right after a credential change and a restart of FlyingFox to immediately start using the new credentials.
Thank you for adding this. Let me know when something like this gets merged back into main.
Would it be possible to implement a server configuration option that implements Basic Auth for all http requests? I know it's not really the most secure method but some authentication is better than no authentication for requests made to the FlyingFox HTTP Server. Something as simple as a configurable user name and password that implements the Basic Auth spec would be nice.
The text was updated successfully, but these errors were encountered: