-
Notifications
You must be signed in to change notification settings - Fork 68
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
96 additions
and
54 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,31 @@ | ||
'use strict' | ||
|
||
const user = require('../user') | ||
const config = require('../config') | ||
|
||
function * doAuth (ctx, next) { | ||
if (ctx.headers.authorization) { | ||
let token = ctx.headers.authorization.split(' ')[1] | ||
ctx.username = yield user.findByToken(token) | ||
async function doAuth (req, res, next) { | ||
if (req.headers.authorization) { | ||
let token = req.headers.authorization.split(' ')[1] | ||
req.username = await user.findByToken(token) | ||
} | ||
if (!ctx.username) ctx.throw(401) | ||
yield next | ||
if (!req.username) return res.status(401).end() | ||
next() | ||
} | ||
|
||
module.exports = { | ||
read: function * (next) { | ||
yield (config.auth.read ? doAuth(this, next) : next) | ||
read: function (req, res, next) { | ||
if (config.auth.read) { | ||
doAuth(req, res, next) | ||
} else { | ||
next() | ||
} | ||
}, | ||
write: function * (next) { | ||
yield (config.auth.write ? doAuth(this, next) : next) | ||
write: function (req, res, next) { | ||
if (config.auth.write) { | ||
doAuth(req, res, next) | ||
} else { | ||
next() | ||
} | ||
}, | ||
always: function * (next) { | ||
yield doAuth(this, next) | ||
always: function (req, res, next) { | ||
doAuth(req, res, next) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,22 @@ | ||
'use strict' | ||
|
||
const r = require('koa-router')() | ||
const r = module.exports = require('express').Router() | ||
const aw = require('./asyncawait.js') | ||
const user = require('../user') | ||
const parse = require('co-body') | ||
const bodyParser = require('body-parser') | ||
const middleware = require('../middleware') | ||
|
||
r.use(bodyParser.json()) | ||
|
||
// login | ||
r.put('/-/user/:user', function * () { | ||
let auth = yield user.authenticate(yield parse(this)) | ||
r.put('/-/user/:user', aw(async function (req, res) { | ||
let auth = await user.authenticate(req.body) | ||
if (auth) { | ||
this.status = 201 | ||
this.body = {token: auth} | ||
res.status(201).json({token: auth}) | ||
} else { | ||
this.status = 401 | ||
this.body = {error: 'invalid credentials'} | ||
res.status(401).json({error: 'invalid credentials'}) | ||
} | ||
}) | ||
})) | ||
|
||
// whoami | ||
r.get('/-/whoami', middleware.auth.always, function * () { | ||
this.body = {username: this.username} | ||
r.get('/-/whoami', middleware.auth.always, (req, res) => { | ||
res.status(200).json({username: req.username}) | ||
}) | ||
|
||
module.exports = r |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,37 +1,36 @@ | ||
'use strict' | ||
|
||
const htpasswd = require('htpasswd-auth') | ||
const uuid = require('node-uuid') | ||
const config = require('./config') | ||
|
||
function * getCreds () { | ||
return yield JSON.parse((yield config.storage.get('auth_tokens')) || '{}') | ||
async function getCreds () { | ||
console.dir((await config.storage.getJSON('auth_tokens')) || {}) | ||
return (await config.storage.getJSON('auth_tokens')) || {} | ||
} | ||
|
||
function * createAuthToken (username) { | ||
let creds = yield getCreds() | ||
async function createAuthToken (username) { | ||
let creds = await getCreds() | ||
let token = uuid.v4() | ||
creds[token] = { | ||
username, | ||
timestamp: new Date() | ||
} | ||
yield config.storage.put('auth_tokens', creds, { | ||
await config.storage.put('auth_tokens', creds, { | ||
'Content-Type': 'application/json' | ||
}) | ||
return token | ||
} | ||
|
||
function * authenticate (user) { | ||
let creds = (yield config.storage.get('htpasswd')) || '' | ||
let auth = yield htpasswd.authenticate(user.name, user.password, creds.toString()) | ||
if (!auth) return false | ||
return yield createAuthToken(user.name) | ||
} | ||
class Auth { | ||
static async authenticate (user) { | ||
let creds = (await config.storage.get('htpasswd')) || '' | ||
let auth = await htpasswd.authenticate(user.name, user.password, creds.toString()) | ||
if (!auth) return false | ||
return createAuthToken(user.name) | ||
} | ||
|
||
function * findByToken (token) { | ||
let creds = yield getCreds() | ||
if (creds[token]) return creds[token].username | ||
static async findByToken (token) { | ||
let creds = await getCreds() | ||
if (creds[token]) return creds[token].username | ||
} | ||
} | ||
|
||
exports.authenticate = authenticate | ||
exports.findByToken = findByToken | ||
module.exports = Auth |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters