basic_authentication v0.2.0 BasicAuthentication

Submit and verify client credentials using Basic authentication.

The 'Basic' authentication scheme is specified in RFC 7617 (which obsoletes RFC 2617). This scheme is not a secure method of user authentication, see https://tools.ietf.org/html/rfc7617#section-4

The HTTP header authorization is actually used for authentication. Function names in this project use the term authentication where possible.

Link to this section Summary

Functions

Decode an authorization header to client credentials.

Encode client credentials to an authorization header value

Link to this section Functions

Link to this function

decode_authentication(authentication_header)

Decode an authorization header to client credentials.

Examples

iex> decode_authentication("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==")
{:ok, {"Aladdin", "open sesame"}}

iex> decode_authentication("Basic !!BAD")
{:error, :unable_to_decode_user_pass}

iex> decode_authentication("Bearer my-token")
{:error, :unknown_authentication_method}
Link to this function

encode_authentication(user_id, password)

Encode client credentials to an authorization header value

NOTE:

  1. The user-id and password MUST NOT contain any control characters
  2. The user-id must not contain a : -> {ok, headerstring}
Link to this function

encode_challenge(realm, charset)