JHipster module, Adds stateless basic authentication support
This is a JHipster module, that is meant to be used in a JHipster application.
Warning : this module only works with Monolithic application. It is not compatible with the JWT mechanism used in Micro-Service Applications.
This module configures stateless basic auth security on the path /api_basic/** that is used in parallel of the existing security.
Before using this module, you should be aware of the security implications : the user/password will be sent on each request so an HTTPS/TLS reverse proxy shall be used in production for this path.
Also if your API is to be consumed by both web and non-web applications, you should consider using OAuth2 mechanism as it gives you more control on which application uses your API and it is fully supported by JHipster.
As this is a JHipster module, we expect you have JHipster and its related tools already installed:
To install this module:
npm install -g generator-jhipster-basic-authTo update this module:
npm update -g generator-jhipster-basic-authRun the module on a JHipster generated application:
yo jhipster-basic-auth
Options :
--forceif you don't want questions to be asked.--cleanto uninstall the module instead of installing.
This will configure basic auth security on path /api_basic/**. Existing entity resources will be added to this path (eg. GET /api_basic/foos).
You can now easily use curl to test your endpoints:
curl -X GET "http://admin:admin@localhost:8080/api_basic/foos"
Apache-2.0 © [Christophe Bornet]