New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add basic HTTP authentication #144

Closed
bikerd opened this Issue Jan 16, 2014 · 12 comments

Comments

Projects
None yet
3 participants
@bikerd

bikerd commented Jan 16, 2014

enhancement request

it would be nice if basic HTTP authentication was added so that a username and password could be included on the backend at the command line when codebox is started:

codebox run ./myProject -user -pass -p 1234

then when someone connects to the codebox instance listening at port 1234, they would be prompted for the related username & password

it would be nice if the backend display value of password (for $ps -ef command line output) would be set to something like xxxxxxx or alike.

thanks!

@bikerd

This comment has been minimized.

bikerd commented Jan 16, 2014

example with values:

codebox run ./myProject -user gumby -pass greendog -p 1234

@SamyPesse

This comment has been minimized.

Member

SamyPesse commented Jan 16, 2014

Sorry but It'll not be a good idea to add http auth to Codebox, here are the 2 solutions that already exists:

  • You want HTTP auth but only one collaborator: Add HTTP auth to a Nginx or an Apache middleware in your http stack: Browser -> nginx|Apache -> Codebox
  • You want to authenticate collaborators to your box: Run it with a Auth Hook, Codebox already supports to ask user their email and auth password before coding. This solution is the better one to authenticate user to your box, but you have to yet one day before using it, we need to fix some stuffs in the package.json
var Q = require("q");
var path = require('path')
var codebox = require('codebox');

var users = {
    'samypesse@gmail.com': "my_password",
    'johndoe@gmail.com': "helloworld"
};

var config = {
    'root': path.resolve("./test"),
    'public': false,
    'hooks': {
        'auth': function(data) {
            if (!data.email
            || !data.token) {
                return Q.reject(new Error("Need 'token' and 'email' for auth hook"));
            }

            var userId = data.email;

            if (!users[userId] || data.token != users[userId]) {
                return Q.reject(new Error("Invalid user !"));
            }

            return {
                'userId': userId,
                'name': userId,
                'token': data.token,
                'email': data.email,
                'settings': {} // user current settings
            };
        }
    }
}

codebox.start(config).then(function() {
    console.log("codebox is running");
}, function(err) {
    console.log("Error: ", err);
});
@bikerd

This comment has been minimized.

bikerd commented Jan 16, 2014

thanks Samy!

how will i know when the package.json are available, and how are these fixes added to an installed version of codebox?

@SamyPesse

This comment has been minimized.

Member

SamyPesse commented Jan 16, 2014

Done, you can install use using: npm install codebox@0.4.7

@SamyPesse SamyPesse closed this Jan 16, 2014

@bikerd

This comment has been minimized.

bikerd commented Jan 16, 2014

npm install codebox@0.4.7

npm http GET https://registry.npmjs.org/codebox/0.4.7
npm http 200 https://registry.npmjs.org/codebox/0.4.7
npm http GET https://registry.npmjs.org/codebox/-/codebox-0.4.7.tgz
npm http 404 https://registry.npmjs.org/codebox/-/codebox-0.4.7.tgz
npm ERR! fetch failed https://registry.npmjs.org/codebox/-/codebox-0.4.7.tgz
npm ERR! Error: 404 Not Found
npm ERR! at WriteStream. (/usr/local/lib/node_modules/npm/lib/utils/fetch.js:57:12)
npm ERR! at WriteStream.EventEmitter.emit (events.js:117:20)
npm ERR! at fs.js:1596:14
npm ERR! at /usr/local/lib/node_modules/npm/node_modules/graceful-fs/graceful-fs.js:103:5
npm ERR! at Object.oncomplete (fs.js:107:15)
npm ERR! If you need help, you may report this entire log,
npm ERR! including the npm and node versions, at:
npm ERR! http://github.com/isaacs/npm/issues

npm ERR! System Linux 2.6.32-042stab083.2
npm ERR! command "/usr/local/bin/node" "/usr/local/bin/npm" "install" "codebox@0.4.7"
npm ERR! cwd /usr/local/lib
npm ERR! node -v v0.10.24
npm ERR! npm -v 1.3.21
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /usr/local/lib/npm-debug.log
npm ERR! not ok code 0

@mtutty

This comment has been minimized.

mtutty commented Jan 16, 2014

Same as @bikerd , CentOS 6.5 VM with node and npm installed normally.

@bikerd

This comment has been minimized.

bikerd commented Jan 16, 2014

if it's needed, I'm running CentOS release 5.10 (Final)

@bikerd

This comment has been minimized.

bikerd commented Jan 18, 2014

@AaronO appreciate your update to issue #150 regarding adding http basic authentication to codebox

i'm going to continue work on resolving the nginx issue on my own because i have to have some sort of authentication in order to access codebox instance remotely.

in regards to incorporating http basic authentication within codebox, i think that it will help the adoption/usage rate for codebox since it eliminates setup overhead (nginx/apache reverse proxy).

just my $.02...

thanks as always

@bikerd

This comment has been minimized.

bikerd commented Jan 18, 2014

p.s. i guess another option would be to provide a step-by-step config doc for making nginx & apache reverse proxy work with codebox. sample/working config files would be extremely helpful.

@bikerd

This comment has been minimized.

bikerd commented Jan 20, 2014

hi,

has there been additional consideration about adding http basic authentication to codebox so that a username & password can be specified on the command line like this:

codebox run ./myProject -user gumby -pass greendog -p 1234

although i was able to get nginx reverse proxy with websockets working, anyone listed in the .htpasswd file can access any codebox instance as long as they know what TCP port numbers are in use for codebox instances.

(for http basic authentication, i don't really want to have a unique .htaccess file for every port number being forwarded to an instance of codebox...unless someone knows a way to tie a specific .htpasswd username to a specific TCP port?)

it would be nice if codebox could take a username/password combination at command line startup so that only the specified user can connect to that codebox instance/process.

thanks!

@bikerd

This comment has been minimized.

bikerd commented Jan 20, 2014

i'm also seeing performance issues (delays) when using terminal or running a file with websockets...has anyone seen this before? i'm also digging for a solution.

@bikerd

This comment has been minimized.

bikerd commented Jan 20, 2014

i'm only seeing the sluggishness on chrome, not firefox...don't know why

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment