@se-oss/htpasswd is a high-performance, modern TypeScript library for managing HTTP Basic Authentication password files with zero runtime dependencies on system binaries.

• Installation
• Usage
• Documentation
• Contributing
• License

📦 Installation

pnpm add @se-oss/htpasswd

npm

npm install @se-oss/htpasswd

yarn

yarn add @se-oss/htpasswd

📖 Usage

Core API

The core API is environment agnostic and works in Edge runtimes, Browsers, and Node.js.

import { parse, verify } from '@se-oss/htpasswd';

// Verify a password against a hash
const isValid = verify('password', '$apr1$salt$H6otmod9v9.WAn1o6Jtyf.');

// Parse htpasswd content
const entries = parse('user1:{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=');

File System API

Node.js specific utilities for direct file manipulation with atomic writes.

import { addUser, authenticate } from '@se-oss/htpasswd/fs';

// Authenticate a user from a file
const isValid = await authenticate('.htpasswd', 'username', 'password');

// Add or update a user
await addUser('.htpasswd', 'username', 'password', 'bcrypt');

CLI Usage

The package includes a CLI tool for managing .htpasswd files from the terminal.

# Create a new file with a bcrypt user
pnpm dlx @se-oss/htpasswd -c .htpasswd username password

# Add a user with MD5 (APR1) encryption
pnpm dlx @se-oss/htpasswd -m .htpasswd user2 pass2

Supported Algorithms

• Bcrypt: Modern and secure (default).
• APR1: Apache's MD5-based algorithm.
• SHA1: Standard SHA1 hashing.
• Plaintext: Supported for legacy purposes (requires unsafe option in parse).

📚 Documentation

For all configuration options and detailed API references, please see the API docs.

🤝 Contributing

Want to contribute? Awesome! To show your support is to star the project, or to raise issues on GitHub.

Thanks again for your support, it is much appreciated! 🙏

License

MIT © Shahrad Elahi and contributors.