npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

s3-basic-auth

v1.2.0

Published

Express middleware to protect an Amazon S3 bucket with Basic Authentication

Downloads

15

Readme

S3 Basic Auth

Express middleware for adding Basic Authentication to an Amazon S3 Bucket

Requires Node.js v6.0.0 or greater

version codecov travis

Instructions

This middleware sits in front of an S3 bucket and wraps the bucket with Basic Authentication.

As such, it requires a small amount of setup.

1. Setup S3

Create an S3 Bucket and keep it private.

image

Don't add a grantee for 'Everyone', that would defeat the purpose of this middleware.

image

2. Deploy an Express app with this middleware

Here is an example Express app that will get you up and running.

// server.js
var express = require('express');
var app = express();
var s3BasicAuth = require('s3-basic-auth');

var protectedProxy = s3BasicAuth({
  key: 'AKIAIOSFODNN7EXAMPLE',
  secret: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
  host: 'examplebucket.s3.amazonaws.com',
  region: 'us-west-2', // if not specified, defaults to us-east-1
  expires: 10, // seconds that the presigned URL is valid for
  credentials: 'foo:bar', // username:password
  method: 'proxy' // 'proxy', 'redirect', 'presignedUrl' are valid options
})

app.use('/:path', protectedProxy); // Important: the `:path` param is expected by the middleware

app.listen(3000, function () {
  console.log('Example app listening on port 3000!');
});

3. Use it

$ node server.js
$ open http://localhost:3000/test.txt

More Demos

var express = require('express');
var app = express();
var s3BasicAuth = require('s3-basic-auth');

var protectedRedirect = s3BasicAuth({
  key: 'AKIAIOSFODNN7EXAMPLE',
  secret: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
  region: 'us-west-2',
  host: 'examplebucket.s3.amazonaws.com',
  expires: 10,
  credentials: 'foo:bar',
  method: 'redirect'
})

var protectedpresignedUrl = s3BasicAuth({
  key: 'AKIAIOSFODNN7EXAMPLE',
  secret: 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
  region: 'us-west-2',
  host: 'examplebucket.s3.amazonaws.com',
  expires: 86400,
  credentials: 'foo:bar',
  method: 'presignedUrl'
})

app.get('/', function(req, res) {
  res.redirect('/index.html');
})

app.use('/redirect/:path', protectedRedirect);
app.get('/presignedUrl/:path', protectedpresignedUrl, function(req, res) {
  res.send(req.presignedUrl); // `presignedUrl` is attached to the request object
});

app.listen(3000, function () {
  console.log('Example app listening on port 3000!');
});

If you are using the redirect option then you can setup your html files like so:

<html>
  <head>
    <base href="http://myredirectserver.example.com">
  </head>
  <body>
    <img src="/kramer.jpg" />
    <a href="/page2.html">page 2</a>
  </body>
</html>

By using the base meta tag then after a user visits http://mypresignedUrlserver.example.com/ they will be able to browse the S3 bucket like a normal website.

Related work and future work

Yegor Bugayenko has already built the same proxy service in Java. He even provides a free hosted service at http://www.s3auth.com/

Read more on his blog at http://www.yegor256.com/2014/04/21/s3-http-basic-auth.html

Eventually, I would like to convert this to an Amazon Lambda function using Serverless


PS I love feedback, please email me or create a GitHub issue if you'd like me to change functionality or add new features.