diff --git a/config.sample.js b/config.sample.js
index 7393e7c..c5629bd 100644
--- a/config.sample.js
+++ b/config.sample.js
@@ -1,9 +1,12 @@
 config = {
   mongodb_server_url: 'mongodb://127.0.0.1:27017/ptpush',
-  server_port: 3000,
   /* enable_https: true,
   private_key_path: './cert/private.pem',
-  certificate_path: './cert/file.crt' */
+  certificate_path: './cert/file.crt', */
+  /* auth: {
+    "file": ""
+  }, */
+  server_port: 3000
 }
 
 module.exports = config;
diff --git a/package.json b/package.json
index 31d7c9c..049d7f7 100644
--- a/package.json
+++ b/package.json
@@ -12,6 +12,7 @@
     "mongoose": "^4.11.7",
     "node-schedule": "^1.2.4",
     "request": "^2.81.0",
-    "request-promise-native": "^1.0.4"
+    "request-promise-native": "^1.0.4",
+    "http-auth": "^3.2.3"
   }
 }
diff --git a/server.js b/server.js
index 9c9aa9f..b8748ab 100644
--- a/server.js
+++ b/server.js
@@ -1,6 +1,7 @@
 const express = require('express');
 const Http = require('http');
 const Https = require('https');
+var auth = require('http-auth');
 const fs = require('fs');
 const mongoose = require('mongoose');
 const subscribeapi = require('./subscribeapi');
@@ -34,7 +35,14 @@ mongoose.connect(DB_URL, { useMongoClient: true }).then(
           let certificate = fs.readFileSync(Config.certificate_path, 'utf8');
           let credentials = {key: privateKey, cert: certificate};
 
-          let httpsServer = Https.createServer(credentials, app);
+          if (!Config.auth) {
+            let basicAuth = auth.basic(Config.auth);
+            let httpsServer = Https.createServer(basicAuth, credentials, app);
+            console.log("Http authorization is enabled.");
+          } else {
+            let httpsServer = Https.createServer(credentials, app);
+          }
+
           httpsServer.listen(Config.server_port, () => {
             let host = httpsServer.address().address;
             let port = httpsServer.address().port;
@@ -42,7 +50,14 @@ mongoose.connect(DB_URL, { useMongoClient: true }).then(
             console.log("Https Server running at https://%s:%s", host, port);
           });
         } else {
-          let httpServer = Http.createServer(app);
+          if (!Config.auth) {
+            let basicAuth = auth.basic(Config.auth);
+            let httpServer = Http.createServer(basicAuth, app);
+            console.log("Http authorization is enabled.");
+          } else {
+            let httpServer = Http.createServer(app);
+          }
+
           httpServer.listen(Config.server_port, () => {
               let host = httpServer.address().address;
               let port = httpServer.address().port;