= BookmarksProject: Authentication =

You can configure authentication for all non-GET requests by adding the following to your `server.yml` config file:
{{{
auth: 1
htdigest: /path/to/htdigest/file
# default realm is "Bookmarks"; uncomment and change if you want to use something different
#realm: Bookmarks
}}}

The `htdigest` file can be created using the `htdigest` utility:

{{{
$ htdigest -c /path/to/htdigest/file Bookmarks user
}}}

The `htdigest` utility comes with the Apache webserver, or in the `apache2-utils` package if you don't have the full Apache and don't want to install it. The realm you use in the digest file ''must'' match the `realm` configuration setting ("Bookmarks" by default). See the [https://httpd.apache.org/docs/2.2/programs/htdigest.html Apache docs] for more info.

== Configuration Setting Reference ==

    auth:: Set to a true value to enable authentication on non-GET requests.
    htdigest:: Path to the htdigest credentials file. Relative paths are interpreted relative to the `server_root` location. Required if `auth` is set.
    digest_key:: ''(Optional)'' Secret used during digest authentication. If not provided, one is generated at server startup using [perldoc:Bytes::Random::Secure].