I was struggling to find a simple way to add username and password authentication to a Node.js app running on an Express server, like .htpasswd for Apache. Finally, a StackOverflow answer helped me out.

To start, install the basic-auth package:

npm install basic-auth

Create an auth.js with the following code, changing username and password to whatever you want.

const auth = require('basic-auth')

const admin = { name: 'username', password: 'password' }

module.exports = function (request, response, next) {
  var user = auth(request)
  if (!user || !admin.name || admin.password !== user.pass) {
    response.set('WWW-Authenticate', 'Basic realm="example"')
    return response.status(401).send()
  return next()

And in server.js, include this at the top of your file.

const auth = require('./auth')
const app = express()


Make sure to hide auth.js with a .gitignore file, and you're all set!