Permalink
Browse files

Add basic authentication plugin

Closes #111, #22.
  • Loading branch information...
1 parent 3af4e74 commit 00896dfe1dbf5558fe344a45711621b4eba8b22e @fzaninotto committed Jul 17, 2013
Showing with 51 additions and 0 deletions.
  1. +1 −0 CHANGELOG.md
  2. +3 −0 README.md
  3. +4 −0 config/default.yaml
  4. +43 −0 plugins/basicAuth/index.js
View
@@ -4,6 +4,7 @@ Uptime Changelog
To be released
--------------
+* Add basicAuth plugin to restrict access to the API and dashboard apps using Basic Authentication
* Upgrade moment.js to version 2.1
* Add httpOptions plugin to allow setting custom headers or HTTP options to a check
* Update the README about the plugin system
View
@@ -143,6 +143,7 @@ Plugins can add more notification types, more poller types, new routes to the we
* [`email`](https://github.com/fzaninotto/uptime/blob/master/plugins/email/index.js): notify events (up, down pause) by email
* [`patternMatcher`](https://github.com/fzaninotto/uptime/blob/master/plugins/patternMatcher/index.js): allow HTTP & HTTPS pollers to test the response body against a pattern
* [`httpOptions`](https://github.com/fzaninotto/uptime/blob/master/plugins/httpOptions/index.js): add custom HTTP options and headers to HTTP and HTTPS checks (e.g. to allow self-signed certificate on HTTPS, custom headers, custom HTTP methods, ...)
+ * [`basicAuth`](https://github.com/fzaninotto/uptime/blob/master/plugins/basicAuth/index.js): add HTTP Basic Access Authentication to the dashboard and API applications
To enable plugins, just add a line to the `plugins:` section of the configuration file.
Three of the bundled plugins are already enabled by default:
@@ -154,6 +155,7 @@ plugins:
- ./plugins/patternMatcher
- ./plugins/httpOptions
# - ./plugins/email
+ # - ./plugins/basicAuth
```
You can override these settings in your environment configuration, for instance:
@@ -166,6 +168,7 @@ plugins:
- ./plugins/patternMatcher
- ./plugins/httpOptions
- ./plugins/email
+ # - ./plugins/basicAuth
```
Third-party plugins:
View
@@ -27,6 +27,7 @@ plugins:
- ./plugins/patternMatcher
- ./plugins/httpOptions
# - ./plugins/email
+ # - ./plugins/basicAuth
email:
method: SMTP # possible methods are SMTP, SES, or Sendmail
@@ -45,4 +46,7 @@ email:
to: # The message recipient, e.g. 'bar@blurdybloop.com, baz@blurdybloop.com'
dashboardUrl: 'http://localhost:8082'
+basicAuth:
+ username: admin
+ password: password
verbose: true # only used in dev
View
@@ -0,0 +1,43 @@
+/**
+ * Basic Authentication plugin
+ *
+ * Add HTTP Basic Access Authentication to the dashboard and API applications
+ *
+ * Installation
+ * ------------
+ * This plugin is disabled by default. To enable it, add its entry
+ * to the `plugins` key of the configuration:
+ *
+ * // in config/production.yaml
+ * plugins:
+ * - ./plugins/basicAuth
+ *
+ * Usage
+ * -----
+ * Restart the application, and both the API and the Dashboard applications
+ * become protected. The monitor correctly authenticates its own calls to the API.
+ *
+ * Default credentials are admin:password.
+ *
+ * Configuration
+ * -------------
+ * Set the username and password in the configuration file, under the
+ * basicAuth key:
+ *
+ * // in config/production.yaml
+ * basicAuth:
+ * username: JohnDoe
+ * password: S3cR3t
+ */
+var express = require('express');
+var config = require('config').basicAuth;
+
+exports.initWebApp = function(options) {
+ options.app.on('beforeFirstRoute', function(app, dashboardApp) {
+ app.use(express.basicAuth(config.username, config.password));
+ });
+};
+
+exports.initMonitor = function(options) {
+ options.monitor.addApiHttpOption('auth', config.username + ':' + config.password);
+};

0 comments on commit 00896df

Please sign in to comment.