diff --git a/docs/docs/authentication.md b/docs/docs/authentication.md
index 3e543c23e..9cf3d8664 100644
--- a/docs/docs/authentication.md
+++ b/docs/docs/authentication.md
@@ -1,13 +1,50 @@
 # Authentication
 
-The StreamSync authentication module allows you to restrict access to your application.
+The Writer framework authentication module allows you to restrict access to your application.
 
-Streamsync will be able to authenticate a user through an identity provider such as Google, Microsoft, Facebook, Github, Auth0, etc.
+Writer framework offers either simple password authentication or identity provider authentication (Google, Microsoft, Facebook, Github, Auth0, etc.).
 
 ::: warning Authentication is done before accessing the application
 Authentication is done before accessing the application. It is not possible to trigger authentication for certain pages exclusively.
 :::
 
+## Use Basic Auth
+
+Basic Auth is a simple authentication method that uses a username and password. Authentication configuration is done in [the `server_setup.py` module](custom-server.md).
+
+::: warning Password authentication is not safe for critical application
+Basic Auth authentication is not secure for critical applications.
+
+A user can intercept the plaintext password if https encryption fails. 
+It may also try to force password using brute force attacks.
+
+For added security, it's recommended to use identity provider (Google, Microsoft, Facebook, Github, Auth0, etc.).
+:::
+
+*server_setup.py*
+```python
+import os
+import writer.serve
+import writer.auth
+
+auth = writer.auth.BasicAuth(
+    login=os.get('LOGIN'),
+    password=os.get('PASSWORD'),
+)
+
+writer.serve.register_auth(auth)
+```
+
+### Brute force protection
+
+A simple brute force protection is implemented by default. If a user fails to log in, the IP of this user is blocked.
+Writer framework will ban the IP from either the X-Forwarded-For header or the X-Real-IP header or the client IP address.
+
+When a user fails to log in, they wait 1 second before they can try again. This time can be modified by
+modifying the value of delay_after_failure.
+
+<img src="./images/auth_too_many_request.png" style="width: 100%; margin: auto">
+
 ## Use OIDC provider
 
 Authentication configuration is done in [the `server_setup.py` module](custom-server.md). The configuration depends on your identity provider. 
@@ -18,10 +55,10 @@ Here is an example configuration for Google.
 *server_setup.py*
 ```python
 import os
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
-oidc = streamsync.auth.Oidc(
+oidc = writer.auth.Oidc(
     client_id="1xxxxxxxxx-qxxxxxxxxxxxxxxx.apps.googleusercontent.com",
     client_secret="GOxxxx-xxxxxxxxxxxxxxxxxxxxx",
     host_url=os.getenv('HOST_URL', "http://localhost:5000"),
@@ -30,17 +67,17 @@ oidc = streamsync.auth.Oidc(
     url_userinfo='https://www.googleapis.com/oauth2/v1/userinfo?alt=json'
 )
 
-streamsync.serve.register_auth(oidc)
+writer.serve.register_auth(oidc)
 ```
 ### Use pre-configured OIDC
 
-StreamSync provides pre-configured OIDC providers. You can use them directly in your application.
+Writer framework provides pre-configured OIDC providers. You can use them directly in your application.
 
-|                                                                                    | Provider                                                                                | Function | Description                                                                                     |
-|------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|----------|-------------------------------------------------------------------------------------------------|
-| <img src="./images/auth_google_fill.png" style="width: 25px; min-width:25px" />    | Google  | `streamsync.auth.Google` | Allow your users to login with their Google Account                                             |
-| <img src="./images/auth_github_fill.png" style="width: 25px; min-width:25px" />    | Github                                                                                  | `streamsync.auth.Github` | Allow your users to login with their Github Account                                             |
-| <img src="./images/auth_auth0_fill.png" style="width: 25px; min-width:25px" />     | Auth0                                                                                   | `streamsync.auth.Auth0` | Allow your users to login with different providers or with login password through Auth0 |
+|                                                                                    | Provider                                                                                | Function                | Description                                                                                     |
+|------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|-------------------------|-------------------------------------------------------------------------------------------------|
+| <img src="./images/auth_google_fill.png" style="width: 25px; min-width:25px" />    | Google  | `writer.auth.Google`    | Allow your users to login with their Google Account                                             |
+| <img src="./images/auth_github_fill.png" style="width: 25px; min-width:25px" />    | Github                                                                                  | `writer.auth.Github`    | Allow your users to login with their Github Account                                             |
+| <img src="./images/auth_auth0_fill.png" style="width: 25px; min-width:25px" />     | Auth0                                                                                   | `writer.auth.Auth0` | Allow your users to login with different providers or with login password through Auth0 |
 
 
 #### Google
@@ -50,16 +87,16 @@ You have to register your application into [Google Cloud Console](https://consol
 *server_setup.py*
 ```python
 import os
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
-oidc = streamsync.auth.Google(
+oidc = writer.auth.Google(
 	client_id="1xxxxxxxxx-qxxxxxxxxxxxxxxx.apps.googleusercontent.com",
 	client_secret="GOxxxx-xxxxxxxxxxxxxxxxxxxxx",
 	host_url=os.getenv('HOST_URL', "http://localhost:5000")
 )
 
-streamsync.serve.register_auth(oidc)
+writer.serve.register_auth(oidc)
 ```
 
 #### Github
@@ -69,16 +106,16 @@ You have to register your application into [Github](https://docs.github.com/en/a
 *server_setup.py*
 ```python
 import os
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
-oidc = streamsync.auth.Github(
+oidc = writer.auth.Github(
 	client_id="xxxxxxx",
 	client_secret="xxxxxxxxxxxxx",
 	host_url=os.getenv('HOST_URL', "http://localhost:5000")
 )
 
-streamsync.serve.register_auth(oidc)
+writer.serve.register_auth(oidc)
 ```
 
 #### Auth0
@@ -88,17 +125,17 @@ You have to register your application into [Auth0](https://auth0.com/).
 *server_setup.py*
 ```python
 import os
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
-oidc = streamsync.auth.Auth0(
+oidc = writer.auth.Auth0(
 	client_id="xxxxxxx",
 	client_secret="xxxxxxxxxxxxx",
 	domain="xxx-xxxxx.eu.auth0.com",
 	host_url=os.getenv('HOST_URL', "http://localhost:5000")
 )
 
-streamsync.serve.register_auth(oidc)
+writer.serve.register_auth(oidc)
 ```
 
 ### Authentication workflow
@@ -129,23 +166,23 @@ See [User information in event handler](#user-information-in-event-handler)
 ```python
 from fastapi import Request
 
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
 oidc = ...
 
 def callback(request: Request, session_id: str, userinfo: dict):
     if userinfo['email'] not in ['nom.prenom123@example.com']:
-        raise streamsync.auth.Unauthorized(more_info="You can contact the administrator at <a href='https://support.example.com'>support.example.com</a>")
+        raise writer.auth.Unauthorized(more_info="You can contact the administrator at <a href='https://support.example.com'>support.example.com</a>")
 
-streamsync.serve.register_auth(oidc, callback=callback)
+writer.serve.register_auth(oidc, callback=callback)
 ```
 
 The default authentication error page look like this:
 
 <img src="./images/auth_unauthorized_default.png">
 
-*streamsync.auth.Unauthorized*
+*writer.auth.Unauthorized*
 
 | Parameter | Description |
 |-----------|-------------|
@@ -160,8 +197,8 @@ User info can be modified in the callback.
 ```python
 from fastapi import Request
 
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
 oidc = ...
 
@@ -173,7 +210,7 @@ def callback(request: Request, session_id: str, userinfo: dict):
 	else:
 		userinfo['group'].append('user')
 	
-streamsync.serve.register_auth(oidc, callback=callback)
+writer.serve.register_auth(oidc, callback=callback)
 ```
 from fastapi import Request
 
@@ -187,12 +224,12 @@ import os
 from fastapi import Request, Response
 from fastapi.templating import Jinja2Templates
 
-import streamsync.serve
-import streamsync.auth
+import writer.serve
+import writer.auth
 
 oidc = ...
 
-def unauthorized(request: Request, exc: streamsync.auth.Unauthorized) -> Response:
+def unauthorized(request: Request, exc: writer.auth.Unauthorized) -> Response:
     templates = Jinja2Templates(directory=os.path.join(os.path.dirname(__file__), "templates"))
     return templates.TemplateResponse(request=request, name="unauthorized.html", status_code=exc.status_code, context={
         "status_code": exc.status_code,
@@ -200,7 +237,7 @@ def unauthorized(request: Request, exc: streamsync.auth.Unauthorized) -> Respons
         "more_info": exc.more_info
     })
 
-streamsync.serve.register_auth(oidc, unauthorized_action=unauthorized)
+writer.serve.register_auth(oidc, unauthorized_action=unauthorized)
 ```
 
 ## Enable in edit mode
@@ -209,6 +246,6 @@ Authentication is disabled in edit mode. To activate it,
 you must trigger the loading of the server_setup module in edition mode.
 
 ```bash
-streamsync edit --enable-server-setup
+writer edit --enable-server-setup
 ```
 
diff --git a/docs/docs/images/auth_too_many_request.png b/docs/docs/images/auth_too_many_request.png
new file mode 100644
index 000000000..d2962c937
Binary files /dev/null and b/docs/docs/images/auth_too_many_request.png differ
diff --git a/pyproject.toml b/pyproject.toml
index 270f40fc0..05c6f710e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -4,7 +4,7 @@ build-backend = "poetry.core.masonry.api"
 
 [tool.poetry]
 name = "writer"
-version = "0.6.0"
+version = "0.6.1"
 description = "An open-source, Python framework for building feature-rich apps that are fully integrated with the Writer platform."
 authors = ["Writer, Inc."]
 readme = "README.md"
diff --git a/src/ui/src/core_components/input/CoreDropdownInput.vue b/src/ui/src/core_components/input/CoreDropdownInput.vue
index 28277bc3c..d77aac8e4 100644
--- a/src/ui/src/core_components/input/CoreDropdownInput.vue
+++ b/src/ui/src/core_components/input/CoreDropdownInput.vue
@@ -5,7 +5,7 @@
 		class="CoreDropdownInput"
 	>
 		<WdsDropdownInput
-			:value="formValue"
+			v-model="formValue"
 			@input="
 				($event) =>
 					handleInput(
diff --git a/src/writer/auth.py b/src/writer/auth.py
index cec780e5a..bc768ce8f 100644
--- a/src/writer/auth.py
+++ b/src/writer/auth.py
@@ -1,12 +1,14 @@
+import asyncio
 import dataclasses
 import os.path
+import time
 from abc import ABCMeta, abstractmethod
-from typing import Callable, Optional
+from typing import Callable, Dict, Optional
 from urllib.parse import urlparse
 
 from authlib.integrations.requests_client.oauth2_session import OAuth2Session  # type: ignore
-from fastapi import Request, Response
-from fastapi.responses import RedirectResponse
+from fastapi import Request, Response, status
+from fastapi.responses import HTMLResponse, RedirectResponse
 from fastapi.templating import Jinja2Templates
 
 import writer.serve
@@ -14,6 +16,8 @@
 from writer.serve import WriterFastAPI
 from writer.ss_types import InitSessionRequestPayload
 
+# Dictionary for storing failed attempts {ip_address: timestamp}
+failed_attempts: Dict[str, float] = {}
 
 class Unauthorized(Exception):
     """
@@ -35,12 +39,106 @@ class Auth:
 
     @abstractmethod
     def register(self,
-                 app: WriterFastAPI,
+                 asgi_app: WriterFastAPI,
                  callback: Optional[Callable[[Request, str, dict], None]] = None,
                  unauthorized_action: Optional[Callable[[Request, Unauthorized], Response]] = None
     ):
         raise NotImplementedError
 
+@dataclasses.dataclass
+class BasicAuth(Auth):
+    """
+    Configure Writer Framework to use Basic Authentication. If this is set, Writer Framework will
+    ask anonymous users to authenticate using Basic Authentication.
+
+    >>> _auth = auth.BasicAuth(
+    >>>     login=os.getenv('LOGIN'),
+    >>>     password=os.getenv('PASSWORD')
+    >>> )
+    >>> writer.server.register_auth(_auth)
+
+    Brute force protection
+    ----------------------
+
+    A simple brute force protection is implemented by default. If a user fails to log in, the IP of this user is blocked.
+    Writer framework will ban the IP from either the `X-Forwarded-For` header or the `X-Real-IP` header or the client IP address.
+
+    When a user fails to log in, they wait 1 second before they can try again. This time can be modified by
+    modifying the value of `delay_after_failure`.
+
+    >>> _auth = auth.BasicAuth(
+    >>>     login=os.getenv('LOGIN'),
+    >>>     password=os.getenv('PASSWORD')
+    >>>     delay_after_failure=5 # 5 seconds delay after a failed login
+    >>> )
+    >>> writer.server.register_auth(_auth)
+
+    The user is stuck by default after a failure.
+
+    >>> _auth = auth.BasicAuth(
+    >>>     login=os.getenv('LOGIN'),
+    >>>     password=os.getenv('PASSWORD'),
+    >>>     delay_after_failure=5,
+    >>>     block_webserver_after_failure=False
+    >>> )
+    """
+    login: str
+    password: str
+    delay_after_failure: int = 1  # limit attempt when authentication fail (reduce brute force risk)
+    block_user_after_failure: bool = True  # delay the answer to the user after a failed login
+
+    callback_func: Optional[Callable[[Request, str, dict], None]] = None  # Callback to validate user authentication
+    unauthorized_action: Optional[Callable[[Request, Unauthorized], Response]] = None  # Callback to build its own page when a user is not allowed
+
+
+    def register(self,
+                 asgi_app: WriterFastAPI,
+                 callback: Optional[Callable[[Request, str, dict], None]] = None,
+                 unauthorized_action: Optional[Callable[[Request, Unauthorized], Response]] = None):
+
+        @asgi_app.middleware("http")
+        async def basicauth_middleware(request: Request, call_next):
+            import base64
+            client_ip = _client_ip(request)
+
+            try:
+                if client_ip in failed_attempts and time.time() - failed_attempts[client_ip] < self.delay_after_failure:
+                    remaining_time = int(self.delay_after_failure - (time.time() - failed_attempts[client_ip]))
+                    raise Unauthorized(status_code=429, message="Too Many Requests", more_info=f"You can try to log in every {self.delay_after_failure}s. Your next try is in {remaining_time}s.")
+
+                session_id = session_manager.generate_session_id()
+                _auth = request.headers.get('Authorization')
+                if _auth is None:
+                    return HTMLResponse("", status.HTTP_401_UNAUTHORIZED, {"WWW-Authenticate": "Basic"})
+
+                scheme, data = (_auth or ' ').split(' ', 1)
+                if scheme != 'Basic':
+                    return HTMLResponse("", status.HTTP_401_UNAUTHORIZED, {"WWW-Authenticate": "Basic"})
+
+                username, password = base64.b64decode(data).decode().split(':', 1)
+                if self.callback_func:
+                    self.callback_func(request, session_id, {'username': username})
+                else:
+                    if username != self.login or password != self.password:
+                        raise Unauthorized()
+
+                return await call_next(request)
+            except Unauthorized as exc:
+                if exc.status_code != 429:
+                    failed_attempts[client_ip] = time.time()
+
+                    if self.block_user_after_failure:
+                        await asyncio.sleep(self.delay_after_failure)
+
+                if self.unauthorized_action is not None:
+                    return self.unauthorized_action(request, exc)
+                else:
+                    templates = Jinja2Templates(directory=os.path.join(os.path.dirname(__file__), "templates"))
+                    return templates.TemplateResponse(request=request, name="auth_unauthorized.html", status_code=exc.status_code, context={
+                        "status_code": exc.status_code,
+                        "message": exc.message,
+                        "more_info": exc.more_info
+                    })
 
 @dataclasses.dataclass
 class Oidc(Auth):
@@ -243,3 +341,19 @@ def _urlstrip(url_path: str):
     >>> "http://localhost/app1"
     """
     return url_path.strip('/')
+
+def _client_ip(request: Request) -> str:
+    """
+    Get the client IP address from the request.
+
+    >>> _client_ip(request)
+    """
+    x_forwarded_for = request.headers.get("X-Forwarded-For")
+    if x_forwarded_for:
+        # X-Forwarded-For can contain a list of IPs, the first is the real IP of the client
+        ip = x_forwarded_for.split(",")[0].strip()
+    else:
+        # Otherwise, use the direct connection IP
+        ip = request.headers.get("X-Real-IP", request.client.host)  # type: ignore
+
+    return ip
diff --git a/src/writer/command_line.py b/src/writer/command_line.py
index 1ac3c8169..a6b2d767a 100644
--- a/src/writer/command_line.py
+++ b/src/writer/command_line.py
@@ -45,7 +45,6 @@ def main():
         args.path) if args.path else None
     host = args.host if args.host else None
     api_key = args.api_key if args.api_key else None
-    print(args.env)
 
     _perform_checks(command, absolute_app_path, host, enable_remote_edit, api_key)
     api_key = _get_api_key(command, api_key)
diff --git a/src/writer/templates/auth_unauthorized.html b/src/writer/templates/auth_unauthorized.html
index 460e57a8d..ca22e6f23 100644
--- a/src/writer/templates/auth_unauthorized.html
+++ b/src/writer/templates/auth_unauthorized.html
@@ -1,35 +1,61 @@
 <html>
-<style>
-body {
-	background-color: #e9eef1;
-	color: #000000;
-	font-family: Inter, sans-serif;
-}
 
-#container {
-	height: 100%;
-}
+<head>
+	<title>{{status_code}} {{message}}</title>
+	<link
+		href="https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap"
+		rel="stylesheet">
+</head>
+<style>
+	body {
+		background-color: #ffffff;
+		color: #000000;
+		font-family: Poppins, sans-serif;
+		display: flex;
+		align-items: center;
+		justify-content: center;
+	}
 
-#container {
-	padding-top: 30vh;
-	padding-left: 20%;
-	vertical-align: middle;
-	text-align: left;
+	#container {
+		text-align: center;
+		width: 50%;
+		color: #5A677C;
+		font-size: 14px;
+		font-style: normal;
+		font-weight: 400;
+	}
 
-}
+	h1 {
+		font-size: 40px;
+		font-weight: 600;
+		line-height: 118%;
+		margin: 0;
+		color: #000000;
+	}
 
-#container h1 {
-	font-size: 4em;
-}
+	h2 {
+		color: #6985ff;
+		margin: 0;
+		margin-top: 8px;
+		margin-bottom: 18px;
+		font-size: 24px;
+		font-weight: 600;
+		line-height: 35px;
+	}
 
-#container p {
-	font-size: 1em;
-}
+	img {
+		margin-top: 48px;
+	}
 </style>
+
 <body>
-<div id="container">
-	<h1>{{status_code}} {{message}}</h1>
-	<p>{{more_info | safe}}</p>
-</div>
+	<div id="container">
+		<h1>{{status_code}}</h1>
+		<h2>{{message}}</h2>
+		<div>{{more_info | safe}}</div>
+		<img alt="Drawing of sad woman"
+			src="data:@file/png;base64,iVBORw0KGgoAAAANSUhEUgAAAJwAAACcCAYAAACKuMJNAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAABwzSURBVHgB7V0JlFTllf5e9b7R9N5AA90goOwIKCCo7YIsooMTdCQmGmPMOMecJJOYmcRkJCeLyTGLmUlMRmOcyYkmR03UGIyaKG3AgAIuIYgiQiPQNFvTTdNbbS/3e69e1avu6qW6q6teV/0f3NO1vK2q7rv7vT+goKCgoKCgoKCgoKCgoKCgkJLQoDAU8PurFJohNFuoUMgv1CzUJTRKqFHohNAeoQYhN1IYiuGiR4HQEqFZQquE5gqNRv/fpUfoQ6HtQruE3hZ6CSYD+qGgYAOZ6UKh/4UpsfQYEZmNzPctoTwopDyKhFbDlEQ+xI7RItFuoaugkJJwCS0U2gpTFepxotNCN0OZOikD/tDnCT0t1I74MVp3prscCkmPMqGvCbUiMYxmp4MwHROFJESG0LVC7yPxjGanzULZUEgqkNnoeTJm5iRms+hWKCQNSoV+i8QzlR99S7l8KIx4TIHpgSaa2QbCjBchieBC6qFE6HGYgVyng17zZVAYsRgntBPOl2x2eg3KeRiRYJJ9C0YWs5GaA9euMILAFNUOjCxGs4h23HwkCVLBhssR+jVGzo/2nlC97TntuOlQGBGgKqrDyJBkrBy5F2YYhPV1x23vfQcKjgfV6B8xMpiNavMehJL2/GuPEf4CSYJkVam5Ql/FyCn3eVDo2zCZC4G/e2zvJ83vlI7kA6XD7UJ3wvllPmQsxgT/A2YZlAVet70g0wsFx+JqoVNwvhplVco9QlkRPgMl2kbbtvdDwZGgJ8pGFacz29+FFqF3VcnXX7dt/19QcBwyhTbB2Yx2RujrQuX9fJapQmdt+30SCo7DQ3Auo9ELZV/EpTBLovrDxxCqIkm6BH4yYD1i23sQy4YZ2pNrMPB8aJrQ7237H4NKbTkK58Ls94ylNIrFcXgDMDQzBtGB3ulB23FegMmECg4AwzpPInbMFgtiEwz7TOkUZCJ6XAIzDGId78tQcAxuQfiPk0hqgxm+qMHQ8Nlux70SCo4ARy4cQWKZjGrzZaEbEJtScKrO39mOT/svqey3kZppoKf3Y6GxGH5Ydh0DtRzzUC/0gdCfhV4VOhnYJhZgSs7+md6EmcRPGoxUhmOj8HoMH8hAtA05cIYMVS90CCajsaqDgVkfYo+lCC+j+gvUoJuEgyqGNWPDqSrJXKMQHZj/HC9UjcHjDoTbhElTeDlSQclyH4aHyezhkP9H9ODIrr0wQxqDmYREj/ZPtmuguk7G4ooRBUbcOzG80o2MtwbR41KYapbXZ0lHprAotaYNYH9K7n226/h3KCQU9ALZwTRcTGZJuMOIXp0SawP7M19K45/S6VmYTLgN/cfkahHKlnQgPg5R3DFSRDbto3+FOUJruI5vgZ1dZ6wnuq67GhowTstEhbBCrqsMOys1rS3CMSwmtRiXw2iugGkGtMCMF5IRVwj9DaY0s5+f0tv6PdikfRQKCUMFTENeH2Yisyy3TkpmO3JM/67Q0cPH9A6hrkPH9NcOHtVnRLjGmwLHoJSqFvpD4Dkl3OrANh8PvE87tFjoRzAzCVS9b9mu42YoJAy8+1kJEqscZ1/EkqAJ1okbjutfPtxoMJpuJ2HA7wkzdq8mpkSzkv40/q0BOXUwO8eIBwOvfQVmRbIV31sp1BR4j89LkKQYCbXyFwhdj/iUi5NRWAiAxka9xq9L8l3rWeUhr59XV9cjoc6iyg8Cj6lKabORee6GaZNpCNlxtM8+F3iNx1kM08slGP87hSSF0xmOGQVKg8EY8QOFbnv8ivXAoxtMnhtpB03DntparXufAe2+L8G01wgGjD8FM7xhnedQ4DFV5uTAY6rVOTCZj9s8jSSG050Gem7DPX7UkpxkELbmBWy3yB1fwhEer9/wPiOBzELHhgFbzjB5v9v7b8B0Hqy86wGhn8Mcy0Ww0uRtKCQElGr2uv5YEIOynHZ5I0y1ZS+0pJFvqDxhuDRxDt7rbrsZ9luj/g4GD0psBpXpOFD9srLkItt1kJGTeqC0U1Uqr4uSLdapHfYGPANz9MOXEf75mbe0VolxuTRDGnVHk89n2F6DBRntNqFJMLvrKeFutV2H1amVtHAqw3HAM8cexPL6KEXs6or2lJUYZ1wtaL9pmuYRO+37MHO2ZlBYR72m49bxYw3Hwg7L8KeapDPAOSBVMCdsMnuQiXCp5QmcmxkJpsCsOXVdUOo0IeCPw0LG4YixLQ2cg4z8gO09epg98p+iWgsOn9BrDx3XV+xr1CN1WtGzZNUKPUuqWvYfkHEY4mDGoh5mIJmf52aY8+nsTTRcNsnKLvwNA2uwUYgx1sE0nocjzkYJwvgXA6/28fjfQ/S2E6XaIxh4ww0ZngWjD8MMZHP/X9nefwApAKcZqBxAUwdzZb54gTEyZhe2RLdbUBIz0c/CzCOBv2Qs2mdUqdUwnZ/u3zMT8/RoKVkZeiHTMuX1ZyjEDfxRPoPhX9OKZB+TT0bLweCgBfZ1IXzykWXXsWOLXjFjbVSxVrbkNzClo3UNDJ8UQCGuYErJXp4znGRn6nsx/CADUuJ9UeiXQl9AeGf9E1CIOxilj0e+tLtdtRLxAxmPGYa3Ec78V0AhrqBaYiBUjzPVo5f01TCBgd7u60Mw9qbWSo0zbkF8bLfu9DDiA4Y72Eq4q9v5addVQyGuoJph9D/ezEYGvxjDCzoOlGpPoWfDNmN1qsk5AWDwNJbLeg+UGhAqCYo1eBOR0eidnoxwboZDLoBCQnANEqNOGWgdjtQebUKGdw5HOCfTWWzgroJCwmBPMcVTnf4LYgtKNaroekT2ttlIcwHU8uIJBevxdiP+DMeswATEDiwJZ11bJElN75shH7UMpQPA6orhypv2RY8iNolySism9ftad/UeKASR6Irf6zB8hntvIBM8j/Ax9YMFJRsT8H15m6wIscrHUx6JrIfjjzAD8QclarSJ+kiwemX7yxKwX0HlSR0AxqjYYBJvdcpS8ljcaExRHR7A+VjcWQ0FA4mUcDSiz0N8Qe/xKcRmBBabbMYNYDum7RZAwUAiGY6d5/H23BgH24Ghg9/bJf1sY9lsVL2rkJrLvfdAIr8EzlKLt9MSqxgYC0XnDmA7S5KyGUhNIkdiGc6+xtRwenB29UkGj3aMfSTwexuIdLamZDLNVQGFhDEcJc1ChFfJDhfsn5EMNxVDB6VVf9fM961YH+24iVBIGMNRohVj+NFdcpIJzsHQQUaKRkWS0VX+FM5RqcOFSFKoErGRqNHaZPH2yB2JRDKc/dyxiPqHQdM0uFyuHo9hqrahfu7sQRxDVfUisTacPaUVc29V13X4/aa/MH32YhQWllpvMXY2VMeBxZNno9vFaBdM+dBIIm24/YgTLly8Arn5wYlfrFdLRIiCHJ/ypUmJvOPisuCFy5WGWXMuQmlZcEYzwxlDdRys3tNoQJWqJBwSh722xzG982mzWSivHI+p0xeiqDgYBqN0G6o9xUbqtij3Ga7Va0YUEslwB7o9j1nwl/abhbkLapGdnYfC0cGxufzMjPwPJa02mBuEFSMpP6wm0QxnH1sa87ufkm7RkpWGhzq2aor9LS6cy5a9b8NMrA90tWY7omUefr6UXzcrkQzHurR62/OYe6o5ufmYPc/sBCwYFVbnyc9dDXMoIQcRsoKE68zPhCmJqHIzA9tZZO3H62QNXDmiA73alGe4RFb8snKDM9EsA556MKa23MJFy0WVlpkHt6lZkXxN8pzTLhkEZtqJk4tYbsQRXgx5uAPEFj/aa7w5yISUUgypzEb0A3B4XMVwSCw4TPm6wOOYOw7nL7g8GPAdXRQSSBkZ2e+63R1cpONqmCNQuRYWVeQoDN/E9GaoMvOEu+kvITRXN6bIyclH7fJQJ2B5xQS40szwW0ZmRs3UqfM53t4aWc/5cJxgxG4ujr/v7OfwVhtgNHgfCgmXcO/CnCRkraHFH3LQN0GaMJTPZ/oeNVNmIS+/MPhecXG5vJ8Bv7yvQStZuOTKmr17d54MnLMuQOkBYpCWuU9mJWjTsaWQNwbVIqefc4gh55IMNLzCi9oOhYQzHL3UxxBiuCFJXIvZiLFjJ9nzpxhVWCJSLw8edyc6O9szO9vbGRrZHuF6SIcD1BvmIToTgLZh3DIrTkaiVSrVEtWqFzEEswtXrvxoj9eyc0yBxBxrxbjqofQZMIYXTVhkj9AJKDgi1cLO+5jOtq2eNF3SWcvCXqP9VjXejMXpul+Yzrc4wgJtAwG5thoDl3C8qdiVH/OKmJEIJzAcbaifYoghAyudRTtuzXWfRnZuT/PKr5unYIjk9a3Pj6mqnrIIZngjUm60+8xemh9chI1N1A9i4OYIHRA1LDoAp6y19RzMcQnrMEhYcbaKygm47Kr1Ebeh52rhjddfYiMMF/mg48KsAz1Uqj1KIgbvGH+j80DXtihAXKYobGnJ7Oxc2oToA1xc5DgUDDiF4WjDcQQ95+1GneOkdLMYbtp5C5Fv807tqBrfo0iEYnA+olxiyX6+MeMm4eCBPVTRvW1OidhfmCVl4KRyGc6+/Ua31/qPdWkhbZiRmWXE3uzeqR1MdVnILyhCzeSZnJpuLYw7gFNpGDd+MpbVXhd8bWzVZNRMmt7bLryRXoFCEE5avpI/+i9gDoax5nX0a5gbU2ICtlnNpJmYf2Hvq10WjAr17YwqLMb9D/3lhWsvKyaTMyzDPCpVaEaAKCYZe6Po8mVn55+8/c5v/fNly9dPe/yx7weP4/V6cP4FV+CDfbsinZKjulT8zQanrZfKQCyXJvodzEXS+oVdNE2fdSFyc3vPTJWUBoswJR7XBc3v5zAdro/1hwARdmfBOry+8a+tE11+XM9XTp08GjxOocT3lly8Bk/++v6wfG0AdTBTWgoBOLEClUY2dRYT+/2rOtuPPKG678ao4tLKoLo9e7YFHV0dkx/ZpHcvTbKG0NinWFI5jpNHZZSmHe2hdobMrFxMmXZ+mEMSANUpF31L+aJLO5xa8kym+wjMVZV7DZfYK3sn1kzvEeztjgKx29LSTKHe2dmG733zk6Wfvbb0dnnKAF1WIC5nV+N8zO8oa+PTPzv3je0v5zzwwy9g+7YXgxvk5OQiN28U5swPGzVCt/Uhob9CIQxOXoKcyW4aZD+DuV5VjwU87CrsE5/eYDgCfSEjIxNaQMLpkm3YvvVFxuCYwKeHfEgY+C2YdhvzpTw4bTl26k/6wbfvYI16j++LsT0y/pzzL8XWzZZWNlJZ34LJeAo2OJnhCFZuUGzdIvQd2Ioe7aGJ4uJKzFtwWb8HY4lScVEFGhsPGs/Z53Cm5ZTkYL2UZBMwiLm/jPsRc86/xEifBcIjdD5WwwwQK9gwErqIyFWPCC0TJttmqVG7dFt88dVhHmhvyMzKRmlFaKTb9Td9Aff9zwtcZ/4HMNV4r+knUcW+0UVl+qy5S4M5WcKlmV9hcUmFIUGtzYWWQLUF9sBIalvb+9hzDTfe/Y1HT1RNCM2jycrKwYo1nwiz53pDZmY2KsfUBJ8f2Pc3zJ1fm7lhg34XzCpeHpgbMLFPG/IOmOr8os/c9cMrfvP7+pP33r8RuTkFtvObml6YURgubHoF6+ycrkHijhHzhdCgf2UHllVcdUPJrjc34/CHZpfhtOkLxUucN6BjkCkLi8qCz0+fPk4ZNG3OJUaVL8MX9YG3+Henfd9rb7yzSu9Cq6etuczr8wSPl5VjMhyZrXryDPz97VetXahrJ8GUnAoBjBgJt3UrssWHXOtxu13bX/uT8Zom6qx2+Q2G5BooSktDUx5OnWiUwK17XGlu/w0xXW1od2lo9nm9sAvTrKzswLVoWHTRKvsuDBzPgUIYRgzD+fNEYui4+I3tL6GxwWxpLSkbg8UXrR6QOrVQWBScMYLmpmM429qc4RsAY5RmGvnQJmFQkOkI2pEtzU3BbRYvW2NPq9GOY45W2XE2jAiGozr1uHGpuAlFG5/+eTBRfrHkNCvGRDfnLzMz1GzV2dUBL0vO0wz7rU/sz5FAro4mv88vUtFkODJ6SWllcJuJNedJbjWsQIApOmXH2TAiGK6uDnnCbGtOn2x07dhmqtO09AysFGchWpSISrWkEIO/x49+KLE0nNvffuumC8O5cNLv98r2oeSBpoW+QgaVl6/6mH03jtafBIUgRoaEG4VpklKa/9yzvzCYhJg5a7EY6TMRLYqF4azmGkqrwx8aNv2Mbdv0/toDqUFPu91uG5NpSA+FQgysvOYTRo1cAMx3RX+RSQzHMxzVaZqOK7xud+mLG38ZfH31P92G9PToR3Uw2V4QzEjoaDxaz2qTyW3pKOtrP037uub1uc+KOtd9Pk9wf71bHRwLBM4Jec2WHacQgOMZru4tFIrKW3Hk0L70I4fM1s7ikjFYtPRqDAb0aPMKQmMfGg5/wG6vTPFAp/S95wZdorwtXo/HqoYCJRwH5dhBu25ieBEB03OZUDDgeIbzaxKM1TFz4zM/D060XLx0tWQWigZ1vMzMLCMVZoEerzARhVV/nqqejoxWV5rL5onq8EWo9J00JcwHoVdTCgUDjmY4UaeudC9qW1pOFW+pe8p4LT0jA+tv+U8MFnQ2JkwKSSA5Nrq62sk7V+zYofepo8WbbXO7O8NKpro6e46JO1/yurbYIJktEYvYORKOZriXXkeRqNOrtmz6nevEcbMvmfNCKsdWYygYU1kdjN3xuC3NJxgsu6DVH94g0x0eL9oLC0v9VokTvYgzZ3rWV44uLrdnNGjHqQnmATia4TIk7SSe5Ow//fFXhjplNcbVa283/g4Fk6fNCR6js6Mdx44dYoXAKFd634uGpIuEE4fDn5UdiuW1t7X02I7qftp5Yb4C43EpP26VcOyXQO/U78LF9Qd2F723x0xrllVUYYlE84eKseMmoaCwOHAePxoOfWA8lhDbBX3tJyza7vN6fJYtSbS1nem5nUhAlivZwDifCgDDwQz37E7kuN2ey5958gEXY2801Nfd+HmxwYb+u+WLlzp+wjTjMdXiu7tfN7IXomWX97Wf5HI7hJk89mvoLY87Z94ldknMwF+08+SSEo5luAI3Juzf++bsl55/1HheXjkBq9fehliAJUVloanmOCqeKhlO1Oq8vsY/dHrRKU6Hx2XLLhgORwSUVYwzshoB0KVWdhwczHBuX+eSR//v3pK2tlZDuq0R2617zGuwoMMweWpo9UkGf8+axn/Jlu2o6W2/PA+6NJfmSbMFnNvOnom4LcvdbZkQ7rAECs5kOIYnnn7yx6u2bv6DoZNmzFqCaz5yB2KJyrGhpP/JE0fQcMSYpqVJWv663qScJxtu3a93ptmclkhhEYJZkIk1YSla9r6m/JqpjmS49evnzX3oJ1+5xufzoqy8Cp+560fIzx+NWKK0rCrYwcVyo6NHAuPbNFz19brIjNHcCq8Efru0sLlzvcd02ZhtfwrlODiT4a5a+6nKc89b4JoxezHu+trDRt9nrDF2XA1y80Kl4ocPc+qDzv+Vi92RVzocXQ5vZ2dHpy23hebTvc+pmXzObHvZOb2U8UhxOO6OM0rJd6J65eqbNbby2ZkilmBgtrikEq1nThvPm04eNSZopqell+RXGkNueujKrFHwacfQ6feF5ifm5/eeYmMYp6ioHMePHzI2hdl1tg8pDMdJuJ075SbQMTcnJ881XMxGpKdnYsq5Icn5Yf278HlY64ZC4buIerJrn9wPXn+XyxW6T8+caer1HIXCbJOmBvOq3KnPOF8qwHEM19qKPH9sVm3uE/RU7c03HLl15myTeMTI9Pgjr95cXg5/emZGFzRbOlXvfY5imm3qZgDMZKR0xsFxH96bh2JxEcciDpg8ZU6w8oOS6qTkVSUOLBmsyAzf0WFo/A57ak3vZ/xJSVnYR2EFcEp7qo5jOIm/lslvWIg4gHVrVqZAUlZoOmU6AJofMzZs0Ht8N/vnw5+dnXPWtjKh0bnfF6bPWgyXeMMMk4wuLuNw6ZQebuM4hkvXhNlc8SlYzMjKCktNHTtab/z1a5h+8809r2GdCDRXWsYZ5kmtahN7U04kMIk/Z94yfOSjn8djT+3nSNeUXv7IcV6q/I4ZIuHiciNwllzVxKl4Z9c243n9/t3WW+c0nAbF2MFuu+iigZtvuvVuvanpmHb08H6svf7OPs/ByQD3/fhFI+YnypeT013CrCnLdM4Li4ipJDa5Nx7dnJwFMn/h5UGGe2vHJjOJ70or7/IYzS9hDEehtul1nOEsuC999eFAQ3T/F2oFmFlzV7fdCI00IkXhOJWaoeOkWE+nEScsv/rjGD9xmsEUZZXjjQoPYYxMLQ2Lem4toUEdbQwPa1r0q5DLLqWSNJuMFIbjJJxbTKk03ViePC79nFXjp+Jr33wM+95/27C1LIiUXfrcc3rWqlVal337dBda/INcFVA8YNaZMBb3KlIUjpNw7hI0y6/yMuK4cgsDwGyqtnfNiySaWVCKcd239Wk4pQ9hqSZh1hWPP66nbGjEcQy3aorW5fJgo0iDd5BI6CjxunBZj9ddOOzSjAmXgz3uorHnoAIpCkdGvUsKsE+so/uF6Y4hcdBEra7d1G3odOdZNAjTDHplQLHjCiTkF91AlCSCIxluxgzNLcGRp8Um/2/5gRowAJtJtot5qEEchPn+bmq1PNeYI1enDVbla2gRtZyyE5Ucm9ernac1jyrGT+SX4XTKv8rfs1o3xuOYX/nHMMpWP5kgxkzH4UhpHeHrRSxYoHnEAntCH5yUY2XnJpFwKVsx4uiCwAWTtRbxFH+bV4E3RdpcInfHUr8fNeJU5AiTdRg/uguvyt8tfi/KJKLBuvH+h/0OHOIwY9IGCdZusAVrqwqw60iLMTD6Hjl3f0Nw7PjQ58XPli8xFkBJSTi+AjUQltgjEfq977yDXx1vQ74rCxn+DngyRqHNcxQdtbWa98ABPfvgSWPll7WI3RBARtsKpz8Rfrwp4ths3qw/4stGlUjY2+Tdfuuo5AANuh/f7GrCK6mcaUgqW2LTTn2FSL7HROoMbvBIT+i6D3fXXojvRmKSTW/qo/1u3CRe6+fkm6xGhEoQkZBu+ZLfFMn83Rwfnl+yROtACiOpauyL07G5yY0X5OENiNHNJOqbC2tFdFpoZ+7erT8oUndLmoa1wlRLxUiboDNToaFN9tongeKXRS8/627HwSW1WkyXWh+JSDpvSaTcInEduDjcGAwVYicKw9QuW6C91t+m7DRrTUOexBALJH6XmeVCB9rR2tCA9uuv19R6WwEkXRfRXh07z9XxsF/DF+XpwMebR4BIt3e95hKU/YLeK8zR+2r1wD6QdOXOn5YfvisdPxXRvUUbZM4zAJ/Ygs+80qoYKJZI0gCkrv1lOxaKlf+oPsj+CPli9qZlYM2yudpeKMQMSdrQoemNB7BTPtwXRcYdQfRoEY6733t68CkshchI2g4iGuovb8SzErL4N5jLDw1MveqSmHfhvmwvHq1VXmXMkfQ5PQkYp728E3NcupEiuxJmJqLH59bMdVLfE678UYcPT6xaxIoQbSg2oEIEpEQSmb19W3ZhtM+DS+HDKvnUc3Rz9m4Gc7QSszgksbJN8tofy/PwjlE8oDAsSKmqBTJeXT2yJD42OqMdhT4NmenyrCMdzU270LpuHTyapqSawjChr+GDCgoKCgoKCgoKCgoKCgoKyY5/AMakWCD2MygwAAAAAElFTkSuQmCC" />
+	</div>
 </body>
-</html>
+
+</html>
\ No newline at end of file
diff --git a/tests/backend/__init__.py b/tests/backend/__init__.py
index 942382f1c..180de2413 100644
--- a/tests/backend/__init__.py
+++ b/tests/backend/__init__.py
@@ -2,3 +2,4 @@
 
 test_app_dir = Path(__file__).resolve().parent / 'testapp'
 test_multiapp_dir = Path(__file__).resolve().parent / 'testmultiapp'
+test_basicauth_dir = Path(__file__).resolve().parent / 'testbasicauth'
diff --git a/tests/backend/test_auth.py b/tests/backend/test_auth.py
new file mode 100644
index 000000000..6e7aa6f69
--- /dev/null
+++ b/tests/backend/test_auth.py
@@ -0,0 +1,28 @@
+import fastapi
+import fastapi.testclient
+import writer.serve
+
+from tests.backend import test_basicauth_dir
+
+
+class TestAuth:
+
+    def test_basicauth_authentication_module_should_ask_user_to_write_basic_auth(self):
+        """
+        This test verifies that a user has to authenticate when the basic auth module is active.
+
+        """
+        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run", enable_server_setup=True)
+        with fastapi.testclient.TestClient(asgi_app) as client:
+            res = client.get("/api/init")
+            assert res.status_code == 401
+
+    def test_basicauth_authentication_module_should_accept_user_using_authorization(self):
+        """
+        This test verifies that a user can use the application when providing basic auth credentials.
+
+        """
+        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run", enable_server_setup=True)
+        with fastapi.testclient.TestClient(asgi_app) as client:
+            res = client.get("/static/file.js", auth=("admin", "admin"))
+            assert res.status_code == 200
diff --git a/tests/backend/testbasicauth/main.py b/tests/backend/testbasicauth/main.py
new file mode 100644
index 000000000..fc036cfe4
--- /dev/null
+++ b/tests/backend/testbasicauth/main.py
@@ -0,0 +1,4 @@
+import writer as wf
+
+initial_state = wf.init_state({
+})
diff --git a/tests/backend/testbasicauth/server_setup.py b/tests/backend/testbasicauth/server_setup.py
new file mode 100644
index 000000000..3aad409c4
--- /dev/null
+++ b/tests/backend/testbasicauth/server_setup.py
@@ -0,0 +1,10 @@
+import writer.auth
+import writer.serve
+
+_auth = writer.auth.BasicAuth(
+    login='admin',
+    password='admin',
+    delay_after_failure=0
+)
+
+writer.serve.register_auth(_auth)
diff --git a/tests/backend/testbasicauth/static/file.js b/tests/backend/testbasicauth/static/file.js
new file mode 100644
index 000000000..e69de29bb
diff --git a/tests/backend/testbasicauth/ui.json b/tests/backend/testbasicauth/ui.json
new file mode 100644
index 000000000..25b939367
--- /dev/null
+++ b/tests/backend/testbasicauth/ui.json
@@ -0,0 +1,16 @@
+{
+    "metadata": {
+        "writer_version": "0.5.0"
+    },
+    "components": {
+        "root": {
+            "id": "root",
+            "type": "root",
+            "content": {
+                "appName": "My App"
+            },
+            "isCodeManaged": false,
+            "position": 0
+        }
+    }
+}