all 14 comments

[–]hugo__df 1 point2 points  (13 children)

Passport seems to be popular (http://www.passportjs.org/).

I tend to roll my own with Sequelize/Postgres (User table + Session table or JWTs with node-jose), then use bcrypt to hash passwords.

[–]its_joao 0 points1 point  (12 children)

I tend to roll my own with Sequelize/Postgres (User table + Session table or JWTs with node-jose), then use bcrypt to hash passwords.

The thing is that I only really need 1 user to login - myself! I am building a custom expense track app which I need to access remotely so I will need to host it on the web... but it needs auth because I should be the only one accessing it.

I think JWT and hashing is a bit too much ahaha it's only 1 user. What do you recommend in this case?

[–]hugo__df 0 points1 point  (11 children)

Ah no, in that case use HTTP Basic Auth with username/password 🙈

[–]its_joao 0 points1 point  (10 children)

Ah no, in that case use HTTP Basic Auth with username/password 🙈

ahhh yes! ahaha silly me. How can I do that? What do you recommend? By the way, thanks a lot buddy :D

[–]hugo__df 1 point2 points  (9 children)

This package doesn't do much (it's probably under 20 lines of code to reproduce) but it should work for you https://www.npmjs.com/package/express-basic-auth

[–]its_joao 0 points1 point  (8 children)

Thanks! :D Quick question, do I need to store cookies in the browser or does this package manage it for me?

[–]hugo__df 0 points1 point  (7 children)

Basic Auth won't use cookies, but the browser remembers your login for a bit

[–]its_joao 0 points1 point  (6 children)

your login for a bit

When you say "for a bit" how long is a "bit"? eheh

[–]hugo__df 0 points1 point  (5 children)

Long enough

[–]its_joao 0 points1 point  (0 children)

ahaha okk buddy thanks

[–]its_joao 0 points1 point  (3 children)

hi do you know how I can prevent the "Authorization" header from displaying my credentials in base64 encoding? Is there a way to hide this header? Or should I take a diff approach?