I'm not 100% sure but sometimes, with server and client on the same machine, I get log-in dialog boxes. I traced the problem (possibly) to out-of-order nonces when requests were fired by the browser in quick succession (simply an HTML page with elements).
I can trigger the problem by having a web page and associated images (3 images is enough to trigger it) that are digest protected, and using a browser to access the web page.
I'm not sure if this is really the case (out-of-order nonces) since I've seen seeminlgy in-order nonces (from the browser's point of view) fail. When I add a console.log of req.header.authorization, I see that when the nc are in-order, everything is good, and that when the nc are out-of-order, I get the 401 login prompt.
It seems I can fix it by keeping a cache of all used nonces, but that seems like an enormous memory leak to me.
If I change e.g. the elements of the this.nonces array to be "arrays of co.nc" instead of just the "last" nonce count then I don't get the problem even when the browser passes out-of-order nonces.
Thanks for reporting I will reproduce issue and let you know.
Fixing issue #16.
I have fixed the issue, by adding STALE option. Fix is committed to git and published to npm with 1.2.2 version.
Thanks. Will test it immediately!
Revert "Fixes issue 18, but introduces a memory leak (the nonce count…
…s). They do expire after a while, but the overhead might be problematic if you have too many requests."
This reverts commit f2c1aa7.
Issue #16 solved in a much more elegant way
It works perfectly :-) The occasional 401 I now see doesn't cause browsers to pop up a dialog box. Sweet!