koa-instance-digest
v0.0.3
Published
A middleware to handle verification of HTTP digest headers as described in [RFC-3230](https://tools.ietf.org/html/rfc3230) "Instance Digests in HTTP".
Downloads
6
Readme
koa-instance-digest
A middleware to handle verification of HTTP digest headers as described in RFC-3230 "Instance Digests in HTTP".
Note that, as per the RFC, this module provides:
- Digest coverage for entire instances communicated via HTTP.
- Support for multiple digest algorithms.
- Negotiation of the use of digests.
However, it does NOT provide:
- header integrity
- authentication
- privacy
- authorization
Status
Installation
Install the package via yarn
:
❯ yarn add koa-instance-digest
or via npm
:
❯ npm install koa-instance-digest --save
Available algorithms
The following algorithms are available: md5
, sha
, sha-256
, sha-512
.
Configuration
The middleware can be configured with the following parameters:
algorithms
: List of supported algorithms (all by default).required
: Whether to set a digest header as mandatory (false
by default).
You can change the defaults by doing:
middleware({
algorithms: ['sha-256'],
required: true
});
Usage
const { middleware } = require('koa-instance-digest');
const Koa = require('koa');
const app = new Koa();
app.post('/', middleware(), async ctx => {
// Your code here ...
});
app.listen(3000);
Request
The Digest
header can be provided as follows:
'Digest: <algorithm>=<value>'
Response
If the header is missing the following header will be added to the response:
'Want-Digest: <list-of-accepted-algorithms>'
Tests
❯ yarn test
Release
❯ npm version [<new version> | major | minor | patch] -m "Release %s"