-
Notifications
You must be signed in to change notification settings - Fork 97
Authenticating users
By default connecting users are not authenticated. If you start allowing connections from outside the same machine (by default all listeners are bound to loopback) then you need to provide some kind of authentication as well. Authentication can be enabled with the feeder.authentication option and authentication requests are done over HTTP (feeder.authUrl option).
The request sent by ZoneMTA is a simple HTTP GET with Authorization Basic headers where username is the username provided by SMTP/API client and password is the password for that username. The service should check if the credentials are correct and if so, then return a 200 response. If the credentials are not correct, then thse server should return a non 2xx response, ie 401.
Example authenticator in Express.js
var auth = require('http-auth');
var basic = auth.basic({
realm: "ZoneMTA"
}, function (username, password, callback) {
callback(username === 'admin' && password === 'p2ssw0rd');
}
);
server.get('/test-auth', auth.connect(basic), function(req, res) {
res.send('Credentials accepted');
});