mention how to secure Basic authentication

mojolicious · Jul 19, 2014 · 119d195 · 119d195
1 parent fecf76b
commit 119d195
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/Changes b/Changes
@@ -1,5 +1,5 @@
 
-5.16  2014-07-18
+5.16  2014-07-19
 
 5.15  2014-07-17
   - Improved Mojo::DOM::HTML performance slightly.

diff --git a/lib/Mojolicious/Guides/Cookbook.pod b/lib/Mojolicious/Guides/Cookbook.pod
@@ -849,7 +849,8 @@ L<Mojo::Message/"json">.
 
 =head2 Basic authentication
 
-You can just add username and password to the URL.
+You can just add username and password to the URL, an C<Authorization> header
+will be automatically generated.
 
   use Mojo::UserAgent;
 
@@ -1168,12 +1169,17 @@ C<Authorization> header.
     return $c->render(text => 'Hello Bender!')
       if $c->req->url->to_abs->userinfo eq 'Bender:rocks';
 
+    # Require authentication
     $c->res->headers->www_authenticate('Basic');
-    $c->render(text => 'Authorization required!', status => 401);
+    $c->render(text => 'Authentication required!', status => 401);
   };
 
   app->start;
 
+This can be combined with TLS for a secure authentication mechanism.
+
+  $ ./myapp.pl daemon -l https://*:3000?cert=./server.crt&key=./server.key
+
 =head2 Adding a configuration file
 
 Adding a configuration file to your application is as easy as adding a file to