I created a basic authentication example with Express and when I create a Authentication Basic header with {session: false} it still prompts my web browser with a dialog asking for username and password.

server.js

var app = express();
app.use(express.static(__dirname + '/public')); // starting static fileserver
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(passport.initialize());

app.get('/v1/test', 
       passport.authenticate('basic', {session: false}),
       function(req, res) {
           res.send('yup. worked.');
       });

I can include more code but this seems to really be all that is required at the moment because I cannot even get to my passport.use(new BasicStrategy....) code because my browser is prompting me for username and password.

So the issue is...the code above creates Basic auth for my server. When I run the code and curl: curl -D- -X GET -H "Authorization: Basic am9lOmpvZ" http://localhost:5000/v1/test I receive 401 Unauthorized but the header should authorize me.

I tried out the example basic authentication example included in this repo and it worked just fine on my machine. So the issue has to deal with my application.

My app is setup like the example application is except I am using oauth2orize where I exchange an access token after basic authentication is complete. Also, I have moved all the oauth2orize server code and passport BasicStrategy and BearerStrategy code into another file but that shouldn't affect anything I would think. So this may be an issue with oauth2orize (I am more then positive it is something I am doing wrong mixing the two together)?

Will continue to look into.