= BookmarksProject: Authentication =

You can configure authentication for all non-GET requests by adding the following to your `server.yml` config file:
{{{
auth: 1
htdigest: /path/to/htdigest/file
# default realm is "Bookmarks"; uncomment and change if you want to use something different
#realm: Bookmarks
}}}

The `htdigest` file can be created using Apache's [https://httpd.apache.org/docs/2.2/programs/htdigest.html htdigest] utility:

{{{
$ htdigest -c /path/to/htdigest/file Bookmarks user
}}}

The ''htdigest'' utility comes with the Apache webserver, or in the `apache2-utils` package if you don't have the full Apache and don't want to install it. The realm you use in the `htdigest` file ''must'' match the `realm` configuration setting ("Bookmarks" by default).

== Configuration Setting Reference ==

    auth:: Set to a true value to enable authentication on non-GET requests.
    htdigest:: Path to the htdigest-style credentials file. Relative paths are interpreted relative to the `server_root` location. Required if `auth` is set.
    realm:: ''(Optional)'' Authentication realm to use. Defaults to "Bookmarks". Must match the realm used in the `htdigest` file.
    digest_key:: ''(Optional)'' Secret used during digest authentication. If not provided, one is generated at server startup using [perldoc:Bytes::Random::Secure].