mirror of
https://github.com/warmcat/libwebsockets.git
synced 2025-03-16 00:00:07 +01:00
d9f982a055
1) update the logos to svg 2) add svg icon for strict security policy where used 3) define new vhost option flag to enforce sending CSP headers with the result code 4) add vhost option flag to minimal examples to enforce sending CSP where applicable 5) Go through all the affecting examples confirming they still work 6) add LWS_RECOMMENDED_MIN_HEADER_SPACE constant (currently 2048) to clarify when we need a buffer to hold headers... with CSP the headers have become potentially a lot larger. |
||
|---|---|---|
| .. | ||
| mount-origin | ||
| mount-secret-origin | ||
| ba-passwords | ||
| CMakeLists.txt | ||
| minimal-http-server-basicauth.c | ||
| README.md | ||
lws minimal http server basic auth
This demonstrates how to protect a mount using a password file outside of the mount itself.
The demo has two mounts, a normal one at / and one protected by basic auth at /secret.
The file at ./ba-passwords contains valid user:password combinations.
Discovering the authenticated user
After a successful authentication, the WSI_TOKEN_HTTP_AUTHORIZATION token
contains the authenticated username.
build
$ cmake . && make
usage
$ ./lws-minimal-http-server-basic-auth
[2018/04/19 08:40:05:1333] USER: LWS minimal http server basic auth | visit http://localhost:7681
[2018/04/19 08:40:05:1333] NOTICE: Creating Vhost 'default' port 7681, 1 protocols, IPv6 off
Visit http://localhost:7681, and follow the link there to the secret area.
Give your browser "user" and "password" as the credentials.