runtimeZero runtimeZero - 4 months ago 49
Node.js Question

How does req.headers.authorization get set

I was browsing through some authentication code in nodejs and restify written by a fellow programmer when I came across the following lines

if (req.header.authorization) {
// do soemthing
} else {
var cookieValues = req.cookies["demo"]

What got me confused is that nowhere in this code did I see any line that is setting the "header.authorization" property of the req object or response object.

what am I missing here ?


Authorization is a request header, commonly use for HTTP Basic Auth. It would be set if the server requested authorization, and the browser then prompted the user for a username/password and sent it (base64-encoded) to the server with a subsequent request. For example:

Server sends:

WWW-Authenticate: Basic realm="your server"

Client sends:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

See also: