I have a website (example.com) with a front page (example.com/index.html) which display information taken from database. To manage database there is a subdomain (example.com/back). I want to protect this subdomain with an athentification. I'm using node js with express for the server, for authentification I found a npm module named "http-auth".
To secure a path I simply wrote :
app.use('/back', auth.connect(base), express.static('back'));
Where base is the authentification module.
To manage my database I have made several pages, all of them are protected with the line above. All of them also use POST methods, I tried to protect post methods with the same way :
app.post('/postAct', auth.connect(base), function(req, res) { ... }
But when I am sending post method through password protected pages
(ie : example.com/back/xxx.html)
I have : [HTTP/1.1 401 Unauthorized]
So I'm asking, do I need to protect post methods ? If yes how do I do this ?
Thanks you !