Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Provide the username of the authenticated user in the callback. #9

Merged
merged 1 commit into from

2 participants

@mogsie

This change makes it possible for the callback to provide
the username that was authenticated, avoiding the need to
parse the Authorization header again. How else would you
know who has logged in, so you can provide different levels
of access to different users.

Note, I have only used the digest code (since that's what I use)...

@mogsie mogsie Made it possible for the authenticated callback to provide
the username that was authenticated, avoiding the need to
parse the Authorization header again. How else would you
know who has logged in, so you can provide different levels
of access to different users.
6b70285
@gevorg gevorg merged commit e46d8fe into gevorg:master
@gevorg
Owner

Thanks a lot!

I will add some unit tests and release it with next version.

Gevorg.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jan 27, 2012
  1. @mogsie

    Made it possible for the authenticated callback to provide

    mogsie authored
    the username that was authenticated, avoiding the need to
    parse the Authorization header again. How else would you
    know who has logged in, so you can provide different levels
    of access to different users.
This page is out of date. Refresh to see the latest.
Showing with 14 additions and 13 deletions.
  1. +3 −3 README.md
  2. +5 −4 lib/auth/basic.js
  3. +6 −6 lib/auth/digest.js
View
6 README.md
@@ -49,8 +49,8 @@ var basic = auth({
*/
http.createServer(function(req, res) {
// Apply authentication to server.
- basic.apply(req, res, function() {
- res.end("Welcome to private area!");
+ basic.apply(req, res, function(username) {
+ res.end("Welcome to private area, " + username + "!");
});
}).listen(1337);
```
@@ -141,4 +141,4 @@ Permission is hereby granted, free of charge, to any person obtaining a copy of
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED **AS IS**, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED **AS IS**, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
View
9 lib/auth/basic.js
@@ -45,7 +45,7 @@ function Basic(authRealm, authUsers) {
if(!authenticated) {
self.ask(response);
} else {
- next();
+ next(authenticated);
}
}
};
@@ -55,9 +55,10 @@ function Basic(authRealm, authUsers) {
*
* @param {Request} request HTTP request object.
* @return {Boolean} true if is authenticated, else false.
+ * @return {String} the authenticated user ID, if authenticated, else undefined.
*/
Basic.prototype.isAuthenticated = function(request) {
- var authenticated = false;
+ var authenticated = undefined;
// If header exists.
if("authorization" in request.headers) {
@@ -79,7 +80,7 @@ Basic.prototype.isAuthenticated = function(request) {
// Ensure the username and password both match.
if(myUserName === clientUserName) {
if(htpasswd.validate(clientPasswordHash, myPasswordHash)) {
- authenticated = true;
+ authenticated = myUserName;
break;
}
}
@@ -101,4 +102,4 @@ Basic.prototype.ask = function(response) {
response.setHeader("WWW-Authenticate", header);
response.writeHead(401);
response.end(defaults.HTML_401);
-};
+};
View
12 lib/auth/digest.js
@@ -51,7 +51,7 @@ function Digest(authRealm, authUsers, algorithm) {
if(!authenticated) {
self.ask(response);
} else {
- next();
+ next(authenticated);
}
};
};
@@ -60,10 +60,10 @@ function Digest(authRealm, authUsers, algorithm) {
* Checks authorization header in request.
*
* @param {Request} request HTTP request object.
- * @return {Boolean} true if is authenticated, else false.
+ * @return {String} the authenticated user ID, if authenticated, else undefined.
*/
Digest.prototype.isAuthenticated = function(request) {
- var authenticated = false;
+ var authenticated = undefined;
// If header exists.
if("authorization" in request.headers) {
@@ -99,12 +99,12 @@ Digest.prototype.isAuthenticated = function(request) {
var authRes = utils.md5(ha1 + ":" + co.nonce + ":" + co.nc + ":" +
co.cnonce + ":" + co.qop + ":" + ha2);
- authenticated = (authRes == co.response);
+ authenticated = (authRes == co.response) ? co.username : undefined;
}
} else {
// Evaluating final authentication response.
var authRes = utils.md5(ha1 + ":" + co.nonce + ":" + ha2);
- authenticated = (authRes == co.response);
+ authenticated = (authRes == co.response) ? co.userid : undefined;
}
}
}
@@ -175,4 +175,4 @@ Digest.prototype.parseAuthHeader = function(header) {
}
return headerOptions;
-};
+};
Something went wrong with that request. Please try again.