Time machine server.js

web/package.json

@@ -3,6 +3,7 @@
   "version": "0.0.1",
   "description": "",
   "dependencies": {
+    "basic-auth": "^2.0.0",
     "compression": "^1.7.2",
     "currency-symbol-map": "^4.0.3",
     "d3-array": "^1.2.1",

web/server.js

@@ -16,6 +16,7 @@ const express = require('express');
 const fs = require('fs');
 const http = require('http');
 const i18n = require('i18n');
+const auth = require('basic-auth');
 
 // Custom module
 const translation = require(__dirname + '/src/helpers/translation');
@@ -158,9 +159,28 @@ app.get('/', (req, res) => {
     }
     const { locale } = res;
     const fullUrl = 'https://www.electricitymap.org' + req.originalUrl;
+
+    // basic auth and time machine cookie if we're in the back in time container
+    if (process.env['BASIC_AUTH_USERNAME;']){
+      let user = auth(req);
+      let authorized = false;
+      if (user){
+        let ix = process.env['BASIC_AUTH_USERNAMES'].split(';').indexOf(user.name);
+        if (ix !== -1 && user.pass === process.env['BASIC_AUTH_PASSWORDS'].split(';')[ix]){
+          authorized = true;
+        }
+      }
+      if (!authorized){
+        res.statusCode = 401;
+        res.setHeader('WWW-Authenticate', 'Basic realm="example"');
+        res.end('Access denied');
+        return;
+      }
+      res.cookie('electricitymap-token', process.env['ELECTRICITYMAP_TOKEN']);
+    }
     res.render('pages/index', {
       alternateUrls: locales.map(function(l) {
-        if (fullUrl.indexOf('lang') != -1) {
+        if (fullUrl.indexOf('lang') !== -1) {
           return fullUrl.replace('lang=' + req.query.lang, 'lang=' + l)
         } else {
           if (Object.keys(req.query).length) {