You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
93 lines
2.3 KiB
93 lines
2.3 KiB
|
|
/*! |
|
* Connect - basicAuth |
|
* Copyright(c) 2010 Sencha Inc. |
|
* Copyright(c) 2011 TJ Holowaychuk |
|
* MIT Licensed |
|
*/ |
|
|
|
/** |
|
* Module dependencies. |
|
*/ |
|
|
|
var utils = require('../utils') |
|
, unauthorized = utils.unauthorized |
|
, badRequest = utils.badRequest; |
|
|
|
/** |
|
* Enfore basic authentication by providing a `callback(user, pass)`, |
|
* which must return `true` in order to gain access. Alternatively an async |
|
* method is provided as well, invoking `callback(user, pass, callback)`. Populates |
|
* `req.remoteUser`. The final alternative is simply passing username / password |
|
* strings. |
|
* |
|
* Examples: |
|
* |
|
* connect(connect.basicAuth('username', 'password')); |
|
* |
|
* connect( |
|
* connect.basicAuth(function(user, pass){ |
|
* return 'tj' == user & 'wahoo' == pass; |
|
* }) |
|
* ); |
|
* |
|
* connect( |
|
* connect.basicAuth(function(user, pass, fn){ |
|
* User.authenticate({ user: user, pass: pass }, fn); |
|
* }) |
|
* ); |
|
* |
|
* @param {Function|String} callback or username |
|
* @param {String} realm |
|
* @api public |
|
*/ |
|
|
|
module.exports = function basicAuth(callback, realm) { |
|
var username, password; |
|
|
|
// user / pass strings |
|
if ('string' == typeof callback) { |
|
username = callback; |
|
password = realm; |
|
if ('string' != typeof password) throw new Error('password argument required'); |
|
realm = arguments[2]; |
|
callback = function(user, pass){ |
|
return user == username && pass == password; |
|
} |
|
} |
|
|
|
realm = realm || 'Authorization Required'; |
|
|
|
return function(req, res, next) { |
|
var authorization = req.headers.authorization; |
|
|
|
if (req.remoteUser) return next(); |
|
if (!authorization) return unauthorized(res, realm); |
|
|
|
var parts = authorization.split(' ') |
|
, scheme = parts[0] |
|
, credentials = new Buffer(parts[1], 'base64').toString().split(':'); |
|
|
|
if ('Basic' != scheme) return badRequest(res); |
|
|
|
// async |
|
if (callback.length >= 3) { |
|
var pause = utils.pause(req); |
|
callback(credentials[0], credentials[1], function(err, user){ |
|
if (err || !user) return unauthorized(res, realm); |
|
req.remoteUser = user; |
|
next(); |
|
pause.resume(); |
|
}); |
|
// sync |
|
} else { |
|
if (callback(credentials[0], credentials[1])) { |
|
req.remoteUser = credentials[0]; |
|
next(); |
|
} else { |
|
unauthorized(res, realm); |
|
} |
|
} |
|
} |
|
}; |
|
|
|
|