Hacking Strider


Currently Strider supports two kinds of authentication, cookie and basic. In the near future, Hawk will be added.

Cookie authentication is done by posting to /login with a payload of email and password. Content-type is www-form-urlencoded. You then have a session cookie.


say something about expiration...

Basic auth is done by sending the header "Authorization: basic " + base64(username + ":" + password). This must be done for every request that requires authentication.


Strider supports CORS so that you may call it from a browser or open a websocket to it (Socket.io initiation protocol requires it).

To enable CORS pass a cors configuration option when instantiating Strider, which is then passed to the cors npm module.


var strider = require('strider');
var config = {
  cors: {
    origin: 'http://localhost:1337',
    credentials: true,
    headers: [
    methods: [
    maxAge: 1728000

var app = strider(includePath, config, function(){
  console.log("Strider is running");