Skip to content

Latest commit

 

History

History
156 lines (123 loc) · 4.92 KB

basic-auth.md

File metadata and controls

156 lines (123 loc) · 4.92 KB
title
basic-auth

Summary

Name

basic-auth is an authentication plugin that need to work with consumer. Add Basic Authentication to a service or route.

The consumer then adds its key to the request header to verify its request.

For more information on Basic authentication, refer to Wiki for more information.

Attributes

For consumer side:

Name Type Requirement Default Valid Description
username string required Different consumer should have different value which is unique. When different consumer use a same username, a request matching exception would be raised.
password string required the user's password

For route side:

Name Type Requirement Default Valid Description
hide_credentials boolean optional false Whether to pass the Authorization request headers to the upstream.

How To Enable

1. set a consumer and config the value of the basic-auth option

curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
    "username": "foo",
    "plugins": {
        "basic-auth": {
            "username": "foo",
            "password": "bar"
        }
    }
}'

you also can add a Consumer through the web console:

auth-1

then add basic-auth plugin in the Consumer page:

auth-2

2. add a Route or add a Service, and enable the basic-auth plugin

curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
    "methods": ["GET"],
    "uri": "/hello",
    "plugins": {
        "basic-auth": {}
    },
    "upstream": {
        "type": "roundrobin",
        "nodes": {
            "127.0.0.1:1980": 1
        }
    }
}'

Test Plugin

  • missing Authorization header
$ curl -i http://127.0.0.1:9080/hello
HTTP/1.1 401 Unauthorized
...
{"message":"Missing authorization in request"}
  • user is not exists:
$ curl -i -ubar:bar http://127.0.0.1:9080/hello
HTTP/1.1 401 Unauthorized
...
{"message":"Invalid user key in authorization"}
  • password is invalid:
$ curl -i -ufoo:foo http://127.0.0.1:9080/hello
HTTP/1.1 401 Unauthorized
...
{"message":"Password is error"}
  • success:
$ curl -i -ufoo:bar http://127.0.0.1:9080/hello
HTTP/1.1 200 OK
...
hello, world

Disable Plugin

When you want to disable the basic-auth plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately:

$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d '
{
    "methods": ["GET"],
    "uri": "/hello",
    "plugins": {},
    "upstream": {
        "type": "roundrobin",
        "nodes": {
            "127.0.0.1:1980": 1
        }
    }
}'