@coderaiser coderaiser released this Oct 2, 2017 · 486 commits to master since this release

Assets 7

Authorization

In Cloud Commander v8.0.0 the way middleware handles password field was changed.
In previous versions it's waiting for plain text what is drastically different from the way password field handled from ~/.cloudcmd.json configuration file which contains encrypted password.
Starting from current version password should be encrypted before passing to Cloud Commander Middleware.

For passwords crypt criton can be used.
Here is simplest example.

Install all dependencies:

npm init -y
npm i cloudcmd socket.io express criton
const http = require('http');
const cloudcmd = require('cloudcmd');
const io = require('socket.io');
const app = require('express')();
const criton = require('criton');

const port = 1337;
const prefix = '/cloudcmd';

const server = http.createServer(app);
const socket = io.listen(server, {
    path: `${prefix}/socket.io`
});

const algo = 'sha512WithRSAEncryption'; // default

// you can generate hash dynamically
const password = criton('root', algo);

// or use pregenerated hash
'2b64f2e..ca5d9a9';

const auth = true;
const username = 'root';

const config = {
    algo, // optional
    auth,
    username,
    pasword,
};

app.use(cloudcmd({
    socket,
    config,
}));

server.listen(port);

Consumers of Cloud Commander Middleware affected only.

feature

  • (cloudcmd) middleware: password: plain -> encrypted (#136)
  • (package) coveralls v3.0.0