jfromaniello
commented
10 years ago Yes, it should be an option like getUsernameFromHeader for integrated auth.. Maybe getCredentials and that takes the credentials from body by default..?
Open dustinsmith1024 opened 10 years ago
jfromaniello
commented
10 years ago Yes, it should be an option like getUsernameFromHeader for integrated auth.. Maybe getCredentials and that takes the credentials from body by default..?
I just implemented passport-windowsauth and everything is going well. We are using HTTP Basic Auth to send the user/pass. So we pull the user/pass from the Authorization header first and push them onto the request.body.username and .password fields.
It's a bit awkward to populate the request.body manually. It'd be nice if we could remove this first piece of middleware and just have it all integrated here. Would you consider a PR for integrating Basic auth?
If not, we could make the user/pass assignment into a function that can be configured. https://github.com/auth0/passport-windowsauth/blob/master/lib/strategy.js#L121