forked from mirrors/Scribe.js
Moving to basicAuth
This commit is contained in:
Mathew Kurian
commit
03b20aa903
3 changed files with 53 additions and 68 deletions
57
dist/routers/viewer.js
vendored
57
dist/routers/viewer.js
vendored
|
|
@ -41,6 +41,10 @@ var _expressSession = require('express-session');
|
||||||
|
|
||||||
var _expressSession2 = _interopRequireDefault(_expressSession);
|
var _expressSession2 = _interopRequireDefault(_expressSession);
|
||||||
|
|
||||||
|
var _basicAuth = require('basic-auth');
|
||||||
|
|
||||||
|
var _basicAuth2 = _interopRequireDefault(_basicAuth);
|
||||||
|
|
||||||
var _bodyParser = require('body-parser');
|
var _bodyParser = require('body-parser');
|
||||||
|
|
||||||
var _bodyParser2 = _interopRequireDefault(_bodyParser);
|
var _bodyParser2 = _interopRequireDefault(_bodyParser);
|
||||||
|
|
@ -71,8 +75,6 @@ function create() {
|
||||||
var debug = arguments.length <= 3 || arguments[3] === undefined ? false : arguments[3];
|
var debug = arguments.length <= 3 || arguments[3] === undefined ? false : arguments[3];
|
||||||
|
|
||||||
routerConfig = (0, _assign2.default)({
|
routerConfig = (0, _assign2.default)({
|
||||||
sessionSecret: 'scribe-session',
|
|
||||||
useSession: true,
|
|
||||||
useBodyParser: true,
|
useBodyParser: true,
|
||||||
username: 'build',
|
username: 'build',
|
||||||
password: 'build'
|
password: 'build'
|
||||||
|
|
@ -89,48 +91,41 @@ function create() {
|
||||||
|
|
||||||
var router = new _express.Router();
|
var router = new _express.Router();
|
||||||
|
|
||||||
router.use(_express2.default.static(__dirname + '/../../public'));
|
var authenticate = function authenticate(req, res, next) {
|
||||||
|
function unauthorized(res) {
|
||||||
|
res.set('WWW-Authenticate', 'Basic realm=Authorization Required');
|
||||||
|
return res.sendStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
function isAuthenticated(req, res, next) {
|
if (!routerConfig.authorization || !routerConfig.username && !routerConfig.password) {
|
||||||
if (!routerConfig.authentication || req.session.authenticated) {
|
|
||||||
return next();
|
return next();
|
||||||
}
|
}
|
||||||
|
|
||||||
res.redirect(req.baseUrl);
|
var user = (0, _basicAuth2.default)(req);
|
||||||
|
|
||||||
|
if (!user || !user.name || !user.pass) {
|
||||||
|
return unauthorized(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (routerConfig.useSession) {
|
if (user.name === routerConfig.username && user.pass === routerConfig.password) {
|
||||||
router.use((0, _expressSession2.default)({ secret: routerConfig.sessionSecret, saveUninitialized: true, resave: true }));
|
return next();
|
||||||
|
} else {
|
||||||
|
return unauthorized(res);
|
||||||
}
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
router.use(authenticate);
|
||||||
|
router.use(_express2.default.static(__dirname + '/../../public'));
|
||||||
|
|
||||||
if (routerConfig.useBodyParser) {
|
if (routerConfig.useBodyParser) {
|
||||||
router.use(_bodyParser2.default.json());
|
router.use(_bodyParser2.default.json());
|
||||||
}
|
}
|
||||||
|
|
||||||
router.post('/', function (req, res) {
|
router.get('/viewer', function (req, res) {
|
||||||
req.session.authenticated |= !routerConfig.authentication || req.body.username === routerConfig.username && req.body.password === routerConfig.password;
|
return res.send(viewer({ config: (0, _stringify2.default)(clientConfig) }));
|
||||||
if (req.session.authenticated) {
|
|
||||||
return res.json({ data: 'viewer' });
|
|
||||||
}
|
|
||||||
|
|
||||||
res.json({ status: 1, message: 'Invalid username/password' });
|
|
||||||
});
|
});
|
||||||
|
|
||||||
router.get('/', function (req, res) {
|
router.get('/rest/:collection', function (req, res) {
|
||||||
if (!routerConfig.authentication || req.session.authenticated) {
|
|
||||||
return res.redirect('viewer');
|
|
||||||
}
|
|
||||||
|
|
||||||
res.send(login());
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/viewer', isAuthenticated, function (req, res) {
|
|
||||||
return res.send(viewer({
|
|
||||||
config: (0, _stringify2.default)(clientConfig)
|
|
||||||
}));
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/rest/:collection', isAuthenticated, function (req, res) {
|
|
||||||
if (!mongoUri) {
|
if (!mongoUri) {
|
||||||
return res.json({ err: 0, docs: [] });
|
return res.json({ err: 0, docs: [] });
|
||||||
}
|
}
|
||||||
|
|
@ -153,7 +148,7 @@ function create() {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
router.delete('/rest/:collection', isAuthenticated, function (req, res) {
|
router.delete('/rest/:collection', function (req, res) {
|
||||||
if (!mongoUri) {
|
if (!mongoUri) {
|
||||||
res.status(410);
|
res.status(410);
|
||||||
return res.send();
|
return res.send();
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ import mongoose from 'mongoose'
|
||||||
import EntrySchema from '../schemas/entry'
|
import EntrySchema from '../schemas/entry'
|
||||||
import jade from 'jade'
|
import jade from 'jade'
|
||||||
import session from 'express-session'
|
import session from 'express-session'
|
||||||
|
import basicAuth from 'basic-auth';
|
||||||
import bodyParser from 'body-parser'
|
import bodyParser from 'body-parser'
|
||||||
|
|
||||||
function getObject(d, def) {
|
function getObject(d, def) {
|
||||||
|
|
@ -24,8 +25,6 @@ const login = jade.compileFile(`${__dirname}/../../views/login.jade`);
|
||||||
|
|
||||||
export function create(mongoUri = 'mongodb://localhost/scribe', routerConfig = {}, clientConfig = {}, debug = false) {
|
export function create(mongoUri = 'mongodb://localhost/scribe', routerConfig = {}, clientConfig = {}, debug = false) {
|
||||||
routerConfig = Object.assign({
|
routerConfig = Object.assign({
|
||||||
sessionSecret: 'scribe-session',
|
|
||||||
useSession: true,
|
|
||||||
useBodyParser: true,
|
useBodyParser: true,
|
||||||
username: 'build',
|
username: 'build',
|
||||||
password: 'build'
|
password: 'build'
|
||||||
|
|
@ -41,48 +40,39 @@ export function create(mongoUri = 'mongodb://localhost/scribe', routerConfig = {
|
||||||
|
|
||||||
const router = new Router();
|
const router = new Router();
|
||||||
|
|
||||||
router.use(express.static(`${__dirname}/../../public`));
|
var authenticate = function (req, res, next) {
|
||||||
|
function unauthorized(res) {
|
||||||
|
res.set('WWW-Authenticate', 'Basic realm=Authorization Required');
|
||||||
|
return res.sendStatus(401);
|
||||||
|
}
|
||||||
|
|
||||||
function isAuthenticated(req, res, next) {
|
if (!routerConfig.authorization || (!routerConfig.username && !routerConfig.password)) {
|
||||||
if (!routerConfig.authentication || req.session.authenticated) {
|
|
||||||
return next();
|
return next();
|
||||||
}
|
}
|
||||||
|
|
||||||
res.redirect(req.baseUrl);
|
var user = basicAuth(req);
|
||||||
|
|
||||||
|
if (!user || !user.name || !user.pass) {
|
||||||
|
return unauthorized(res);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (routerConfig.useSession) {
|
if (user.name === routerConfig.username && user.pass === routerConfig.password) {
|
||||||
router.use(session({secret: routerConfig.sessionSecret, saveUninitialized: true, resave: true}));
|
return next();
|
||||||
|
} else {
|
||||||
|
return unauthorized(res);
|
||||||
}
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
router.use(authenticate);
|
||||||
|
router.use(express.static(`${__dirname}/../../public`));
|
||||||
|
|
||||||
if (routerConfig.useBodyParser) {
|
if (routerConfig.useBodyParser) {
|
||||||
router.use(bodyParser.json());
|
router.use(bodyParser.json());
|
||||||
}
|
}
|
||||||
|
|
||||||
router.post('/', (req, res)=> {
|
router.get('/viewer', (req, res)=> res.send(viewer({config: JSON.stringify(clientConfig)})));
|
||||||
req.session.authenticated |=
|
|
||||||
!routerConfig.authentication ||
|
|
||||||
(req.body.username === routerConfig.username && req.body.password === routerConfig.password);
|
|
||||||
if (req.session.authenticated) {
|
|
||||||
return res.json({data: 'viewer'});
|
|
||||||
}
|
|
||||||
|
|
||||||
res.json({status: 1, message: 'Invalid username/password'});
|
router.get('/rest/:collection', (req, res)=> {
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/', (req, res)=> {
|
|
||||||
if (!routerConfig.authentication || req.session.authenticated) {
|
|
||||||
return res.redirect('viewer');
|
|
||||||
}
|
|
||||||
|
|
||||||
res.send(login());
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/viewer', isAuthenticated, (req, res)=> res.send(viewer({
|
|
||||||
config: JSON.stringify(clientConfig)
|
|
||||||
})));
|
|
||||||
|
|
||||||
router.get('/rest/:collection', isAuthenticated, (req, res)=> {
|
|
||||||
if (!mongoUri) {
|
if (!mongoUri) {
|
||||||
return res.json({err: 0, docs: []});
|
return res.json({err: 0, docs: []});
|
||||||
}
|
}
|
||||||
|
|
@ -106,7 +96,7 @@ export function create(mongoUri = 'mongodb://localhost/scribe', routerConfig = {
|
||||||
.exec((err = 0, docs = []) => res.json({err, docs}));
|
.exec((err = 0, docs = []) => res.json({err, docs}));
|
||||||
});
|
});
|
||||||
|
|
||||||
router.delete('/rest/:collection', isAuthenticated, (req, res)=> {
|
router.delete('/rest/:collection', (req, res)=> {
|
||||||
if (!mongoUri) {
|
if (!mongoUri) {
|
||||||
res.status(410);
|
res.status(410);
|
||||||
return res.send();
|
return res.send();
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue