deitch
commented
9 years ago @lholmquist cansecurity is entirely server-side, in node. You request login credentials from the user in a client-side app / browser.
cansecurity doesn't understand the concept of "login" because there is no such concept.
Each and every request must contain valid credentials. Those can be one of:
- username and password
- express session
- cansecurity token-based session
For username and password, you receive the credentials from the standard HTTP Basic-Authentication header, and pass them to the validate() method that was given during cansec.init(). If it calls back with the first argument of true, then the credentials are validated, else they are not.
See this part of the docs https://github.com/deitch/cansecurity#example
Does this answer your question?
After ready the docs, i'm failing how to see how to actually log in.