From 7aa44cd1a9ea79d7de6e99359efe1e3b13ac2bda Mon Sep 17 00:00:00 2001 From: Marcos Kirsch Date: Fri, 30 Dec 2016 14:37:15 -0600 Subject: [PATCH] Improve documentation related to HTTP Basic Authentication. Fixes https://github.com/marcoskirsch/nodemcu-httpserver/issues/71 --- README.md | 5 +++-- httpserver-conf.lua | 10 ++++++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 5d01052..a7a0930 100644 --- a/README.md +++ b/README.md @@ -65,12 +65,13 @@ Let the abuse begin. 4. How to use HTTP Basic Authentication. - Enable and configure HTTP Basic Authentication by editing "httpserver-conf.lua" file. + Modify variables in configuration file httpserver-conf.lua in order to enable and to configure usernames/passwords. + See comments in that file for more details. When enabled, HTTP Basic Authentication is global to every file served by the server. Remember that HTTP Basic Authentication is a very basic authentication protocol, and should not be - considered secure if the server is not using encryption, as your username and password travel + considered as secure since the server is not using encryption. Username and passwords travel in plain text. ## How to use server-side scripting using your own Lua scripts diff --git a/httpserver-conf.lua b/httpserver-conf.lua index 54ef5fd..85ab358 100644 --- a/httpserver-conf.lua +++ b/httpserver-conf.lua @@ -4,12 +4,14 @@ local conf = {} --- Basic Authentication Conf +-- Configure Basic HTTP Authentication. local auth = {} -auth.enabled = true -auth.realm = "nodemcu-httpserver" -- displayed in the login dialog users get +-- Set to true if you want to enable. +auth.enabled = false +-- Displayed in the login dialog users see before authenticating. +auth.realm = "nodemcu-httpserver" -- Add users and passwords to this table. Do not leave this unchanged if you enable authentication! auth.users = {user1 = "password1", user2 = "password2", user3 = "password3"} -conf.auth = auth +conf.auth = auth return conf