svrjs-nextjs-website/pages/docs/config/http-auth.md

12 lines
845 B
Markdown
Raw Normal View History

---
title: HTTP authentication
---
2024-09-07 18:48:32 +02:00
# HTTP authentication
2024-09-06 19:36:08 +02:00
You can add HTTP basic authentication by including a 401 code (with _scode_ property set to 401) entry in the _nonStandardCodes_ property of _config.json_. To enable HTTP basic authentication, you need to specify the URL you want to restrict in the _url_ or _regex_ property of the entry. Additionally, you can set the authentication realm in the _realm_ property. If the realm is not specified, the default realm is "_SVR.JS HTTP Basic Authorization_". The encoding used for authentication will always be UTF-8.
By default, SVR.JS enables brute force protection for HTTP authentication, so you don't need to worry about potential brute force attacks against the authentication mechanism.
From SVR.JS 3.8.0 onwards, you can specify a list of allowed users in the _userList_ property.