Skip to content

feat: add header option (#47) #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mcollina merged 1 commit into from
Jul 13, 2021
Merged

feat: add header option (#47) #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,17 @@ fastify.register(require('fastify-basic-auth'), {
})
```

### `header` String (optional)

When supplied, the header option is the name of the header to get
credentials from for validation.

```js
fastify.register(require('fastify-basic-auth'), {
validate,
header: 'x-forwarded-authorization'
Copy link
Member

@Eomm Eomm Jul 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we mention that it must be lowercase or add a lowercase function?

Copy link
Member

@mcollina mcollina Jul 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why it must be lowercased?

Copy link
Member

@jsumners jsumners Jul 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Otherwise the lookup of the header will fail.

Copy link
Contributor Author

@mattyod mattyod Jul 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added the .toLowerCase() suggestion from @mcollina. Will update the test to reflect this.

Copy link
Contributor Author

@mattyod mattyod Jul 13, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated the test to demonstrate the to lowercasing. Not sure it needs a whole test of it's own but let me know if that's not enough.

})
```

## License

Expand Down
1 change: 1 addition & 0 deletions index.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ export interface FastifyBasicAuthOptions {
done: (err?: Error) => void
): void | Promise<void>;
authenticate?: boolean | { realm: string };
header?: string;
}

declare const fastifyBasicAuth: FastifyPlugin<FastifyBasicAuthOptions>
Expand Down
4 changes: 3 additions & 1 deletion index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,13 @@ async function basicPlugin (fastify, opts) {
throw new Error('Basic Auth: Missing validate function')
}
const authenticateHeader = getAuthenticateHeader(opts.authenticate)
const header = (opts.header && opts.header.toLowerCase()) || 'authorization'

const validate = opts.validate.bind(fastify)
fastify.decorate('basicAuth', basicAuth)

function basicAuth (req, reply, next) {
const credentials = auth(req)
const credentials = auth.parse(req.headers[header])
if (credentials == null) {
done(new Unauthorized('Missing or bad formatted authorization header'))
} else {
Expand Down
3 changes: 2 additions & 1 deletion index.test-d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ app.register(fastifyBasicAuth, {
expectType<string>(password)
expectType<FastifyRequest>(req)
expectType<FastifyReply>(reply)
}
},
header: 'x-forwarded-authorization'
})

app.register(fastifyBasicAuth, {
Expand Down
41 changes: 41 additions & 0 deletions test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,47 @@ test('WWW-Authenticate Realm (authenticate: {realm: "example"})', t => {
})
})

test('Header option specified', t => {
t.plan(2)

const fastify = Fastify()
fastify.register(basicAuth, {
validate,
header: 'X-Forwarded-Authorization'
})

function validate (username, password, req, res, done) {
if (username === 'user' && password === 'pwd') {
done()
} else {
done(new Error('Unauthorized'))
}
}

fastify.after(() => {
fastify.route({
method: 'GET',
url: '/',
preHandler: fastify.basicAuth,
handler: (req, reply) => {
reply.send({ hello: 'world' })
}
})
})

fastify.inject({
url: '/',
method: 'GET',
headers: {
authorization: basicAuthHeader('notuser', 'notpwd'),
'x-forwarded-authorization': basicAuthHeader('user', 'pwd')
}
}, (err, res) => {
t.error(err)
t.equal(res.statusCode, 200)
})
})

test('Missing validate function', t => {
t.plan(1)

Expand Down