Permalink
Browse files

Merge pull request #9 from mogsie/master

Provide the username of the authenticated user in the callback.
  • Loading branch information...
2 parents f4e4579 + 6b70285 commit e46d8fe708c617b46f1383fc78634c88ce08183e @gevorg gevorg committed Jan 28, 2012
Showing with 14 additions and 13 deletions.
  1. +3 −3 README.md
  2. +5 −4 lib/auth/basic.js
  3. +6 −6 lib/auth/digest.js
View
@@ -49,8 +49,8 @@ var basic = auth({
*/
http.createServer(function(req, res) {
// Apply authentication to server.
- basic.apply(req, res, function() {
- res.end("Welcome to private area!");
+ basic.apply(req, res, function(username) {
+ res.end("Welcome to private area, " + username + "!");
});
}).listen(1337);
```
@@ -141,4 +141,4 @@ Permission is hereby granted, free of charge, to any person obtaining a copy of
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED **AS IS**, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED **AS IS**, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
View
@@ -45,7 +45,7 @@ function Basic(authRealm, authUsers) {
if(!authenticated) {
self.ask(response);
} else {
- next();
+ next(authenticated);
}
}
};
@@ -55,9 +55,10 @@ function Basic(authRealm, authUsers) {
*
* @param {Request} request HTTP request object.
* @return {Boolean} true if is authenticated, else false.
+ * @return {String} the authenticated user ID, if authenticated, else undefined.
*/
Basic.prototype.isAuthenticated = function(request) {
- var authenticated = false;
+ var authenticated = undefined;
// If header exists.
if("authorization" in request.headers) {
@@ -79,7 +80,7 @@ Basic.prototype.isAuthenticated = function(request) {
// Ensure the username and password both match.
if(myUserName === clientUserName) {
if(htpasswd.validate(clientPasswordHash, myPasswordHash)) {
- authenticated = true;
+ authenticated = myUserName;
break;
}
}
@@ -101,4 +102,4 @@ Basic.prototype.ask = function(response) {
response.setHeader("WWW-Authenticate", header);
response.writeHead(401);
response.end(defaults.HTML_401);
-};
+};
View
@@ -51,7 +51,7 @@ function Digest(authRealm, authUsers, algorithm) {
if(!authenticated) {
self.ask(response);
} else {
- next();
+ next(authenticated);
}
};
};
@@ -60,10 +60,10 @@ function Digest(authRealm, authUsers, algorithm) {
* Checks authorization header in request.
*
* @param {Request} request HTTP request object.
- * @return {Boolean} true if is authenticated, else false.
+ * @return {String} the authenticated user ID, if authenticated, else undefined.
*/
Digest.prototype.isAuthenticated = function(request) {
- var authenticated = false;
+ var authenticated = undefined;
// If header exists.
if("authorization" in request.headers) {
@@ -99,12 +99,12 @@ Digest.prototype.isAuthenticated = function(request) {
var authRes = utils.md5(ha1 + ":" + co.nonce + ":" + co.nc + ":" +
co.cnonce + ":" + co.qop + ":" + ha2);
- authenticated = (authRes == co.response);
+ authenticated = (authRes == co.response) ? co.username : undefined;
}
} else {
// Evaluating final authentication response.
var authRes = utils.md5(ha1 + ":" + co.nonce + ":" + ha2);
- authenticated = (authRes == co.response);
+ authenticated = (authRes == co.response) ? co.userid : undefined;
}
}
}
@@ -175,4 +175,4 @@ Digest.prototype.parseAuthHeader = function(header) {
}
return headerOptions;
-};
+};

0 comments on commit e46d8fe

Please sign in to comment.