When I use basicauth on part of my site, the browser will handle the login screen (ex. chrome’s white username and password box which pops down from the top of my screen).
What I’d like to do is handle the login screen my self.
I’m not worried about designing and coding the thing, I just would like to know if it is possible to send a request with ‘basic’ authentication to the basicauth caddy plugin?
If it is, where about would I send it?
Perhaps to the endpoint protected by basicauth, with ‘basic’ authentication headers?
I have never done this, but I suppose you can do something like this. Make an AJAX request to a protected endpoint with the Authorization header pre-filled from your own form.
Seconded this one, I just implemented loginsrv/JWT quite successfully for my home lab infrastructure.
Notably, though, it doesn’t rely on Authorization: Basic headers but instead sets a cookie. This would’ve been a bit inconvenient for me since I’m using multiple subdomains, but loginsrv allows for configuration of the cookie domain for all subdomains. Expiration is also configurable, and invalidating all logins is as straightforward as cycling the contents of the env var JWT_SECRET on the Caddy host.
It also takes a .htpasswd file, which is arguably neater than having your basicauth passwords in plain text.