Slim Application Error: Basic auth not working properly

[1moere1]

Why can't I authenticate with postman Basic Auth (username: root, password: t00r). The /open/test route works just fine

<?php
require '../../vendor/autoload.php';
$app = new \Slim\App();
$app->add(new \Slim\Middleware\HttpBasicAuthentication(array(
    "path" => "/close",
    "realm" => "Protected",
    "users" => array(
        "root" => "t00r",
        "user" => "passw0rd"
    )
)));
$app->get('/open/test', 'getOpen');
$app->get('/close/test', 'getClose');
function getOpen() {
    echo "Success Open";
}
function getClose() {
    echo "Success Close";
}
$app->run();

[tuupola]

It is unclear from your report what is not working. Copy pasting the code you provided and running it works as expected.

$ php -S 0.0.0.0:8080 index.php 

$ curl --include http://localhost:8080/open/test
HTTP/1.1 200 OK

Success Open

$ curl --include http://localhost:8080/close/test
HTTP/1.1 401 Unauthorized

curl --user root:t00r --include http://localhost:8080/close/test
HTTP/1.1 200 OK

Success Close

[1moere1]

I tried it on localhost too, and there it works for me aswell. Only on an external IP it's not working. Did I forget to enable something?

When I try this on the ip then i get for the /close/test route a 500er error eventhough i don't see something being wrong with the code

[tuupola]

https://github.com/tuupola/slim-basic-auth#security

If you are not using https you need to specifically set secure to false.

$app->add(new \Slim\Middleware\HttpBasicAuthentication([
    "secure" => false,
    "users" => [
        "root" => "t00r",
        "user" => "passw0rd"
    ]
]));

[1moere1]

thank you very much. this solved the problem.

[tuupola]

Great :)

[BrevAlessio]

If it helps, I had a similar problem on a shaerd hosting, I solved by adding SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 to .htaccess