Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How does req.headers.authorization get set

Tags:

node.js

I was browsing through some authentication code in nodejs and restify written by a fellow programmer when I came across the following lines

if (req.header.authorization) {
 // do soemthing 
} else {
var cookieValues = req.cookies["demo"]
}

What got me confused is that nowhere in this code did I see any line that is setting the "header.authorization" property of the req object or response object.

what am I missing here ?

like image 506
runtimeZero Avatar asked Jun 02 '14 18:06

runtimeZero


People also ask

What is req headers Authorization?

The HTTP Authorization request header can be used to provide credentials that authenticate a user agent with a server, allowing access to a protected resource. The Authorization header is usually, but not always, sent after the user agent first attempts to request a protected resource without credentials.

How do I pass the Authorization header in GET request?

To send a GET request with a Bearer Token authorization header, you need to make an HTTP GET request and provide your Bearer Token with the Authorization: Bearer {token} HTTP header.

Where is Authorization header stored?

These can be stored in the browser local storage or session storage.


1 Answers

Authorization is a request header, commonly use for HTTP Basic Auth. It would be set if the server requested authorization, and the browser then prompted the user for a username/password and sent it (base64-encoded) to the server with a subsequent request. For example:

Server sends:

WWW-Authenticate: Basic realm="your server"

Client sends:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

See also: http://en.wikipedia.org/wiki/Basic_access_authentication

like image 152
Brad Avatar answered Sep 21 '22 13:09

Brad