Skip to content

Commit

Permalink
[drone] check X-Auth-Token for all reqs
Browse files Browse the repository at this point in the history 
By default, this check is turned off. To turn it on setup
`haibu.config.set('authToken', 'your-auth-token')`.
  • Loading branch information
@indutny
indutny committed Feb 12, 2012
1 parent cf75b5f commit 45f930c
Show file tree
Hide file tree
Showing 3 changed files with 103 additions and 2 deletions.
18 changes: 17 additions & 1 deletion lib/haibu/drone/service.js
View file
Expand Up @@ -18,7 +18,23 @@ exports.createRouter = function (drone) {
// TODO (indexzero): Setup token-based auth for Drone API servers
//
haibu.router.strict = false;


var authToken;
if (authToken = haibu.config.get('authToken')) {
//
// Check if X-Auth-Token header matches with one in options
//
haibu.router.every.before = function (next) {
if (this.req.headers['x-auth-token'] === authToken) {
next();
return true;
}

haibu.sendResponse(this.res, 403, { message: 'Wrong auth token' });
return false;
};
}

//
// ### Default Root
// `GET /` responds with default JSON message
Expand Down
66 changes: 66 additions & 0 deletions test/drone/auth-token-test.js
View file
@@ -0,0 +1,66 @@
/*
* drone-api-test.js: Tests for the `drone` module's RESTful API.
*
* (C) 2010, Nodejitsu Inc.
*
*/

var assert = require('assert'),
exec = require('child_process').exec,
fs = require('fs'),
path = require('path'),
eyes = require('eyes'),
request = require('request'),
vows = require('vows'),
helpers = require('../helpers'),
data = require('../fixtures/apps'),
haibu = require('../../lib/haibu');

var ipAddress = '127.0.0.1',
port = 9000,
app = data.apps[0],
server;

app.user = 'marak';

haibu.config.set('authToken', 'haibu');
var auth = {
'X-Auth-Token': 'haibu'
},
noAuth = {
'X-Auth-Token': 'not-haibu'
};

vows.describe('haibu/drone/api').addBatch(
helpers.requireStart(port, function (_server) {
server = _server;
})
).addBatch({
"When using the drone server": {
"with incorrect auth token": {
"a request against /": helpers.requireResponse('/', noAuth, 403),
"a request against /version": helpers.requireResponse(
'/version',
noAuth,
403
)
},
"with correct auth token": {
"a request against /": helpers.requireResponse('/', auth, 400),
"a request against /version": helpers.requireResponse(
'/version',
auth,
200
)
}
}
}).addBatch({
"when the tests are over": {
topic: function () {
return false;
},
"the server should clean up": function () {
server.close();
}
}
}).export(module);
21 changes: 20 additions & 1 deletion test/helpers.js
View file
Expand Up @@ -129,4 +129,23 @@ helpers.assertTestApp = function () {
return helpers.assertApp("should respond with 'hello, i know nodejitsu.'", function (err, res, body) {
assert.equal(body, 'hello, i know nodejitsu.');
});
};
};

helpers.requireResponse = function(url, headers, code) {
var vow = {
topic: function () {
var options = {
uri: 'http://localhost:9000' + url,
headers: headers,
};

request(options, this.callback);
}
};

vow['should respond with ' + code] = function (error, response, body) {
assert.equal(response.statusCode, code);
};

return vow;
};

0 comments on commit 45f930c

Please sign in to comment.