Authentication without a framework?

[JonJ678]

I've written a collection of html, css and javascript which behave approximately as intended. There is currently no "back end" and no front end framework. So far, so good.

I would now like to add a simple username/password authentication mechanism. At some point this would be backed by sqlite or mongo, but right now I'd be happy with a text file containing exactly one username/password hash combination.

However I cannot find any guidance on how to do this without first pulling in an enormous dependency. I believe wordpress or django would provide authentication. Express and node also appears to be a viable combination. All of these want to take over control of the entire site though, which seems excessive for a log in form.

How can I go about sending a username/password pair in exchange for a token, while only depending on whatever library handles the authentication itself?

 

[butcherster]

Token based authentication is usually more difficult and there isn't really a simple 'Authentication' framework out there.

I would recommend node and express with passport or searching for other node authentication modules as they're usually much more lightweight than other languages and frameworks.

Or you could try and roll your own in node or another language, take form posted values, compare with your local file and produce a token and cache that on the server and map it to the username that was originally sent.

Wouldn't be very secure though I imagine.

 

[JonJ678]

This seems to be the answer. I'll give express a go, thank you.

edit: This was rather less trivial than I had hoped. The tutorial that got be up and running was https://scotch.io/tutorials/an-introduction-to-mongodb