Merge 15f5e71ad5 into ff5f2e8dfb

4 years ago · 2ace1b1abf
2 changed files with 49 additions and 16 deletions
--- a/server/auth.js
+++ b/server/auth.js
@ -1,9 +1,11 @@
-const basicAuth = require("express-basic-auth")
+const basicAuth = require("express-basic-auth");
 const passwordHash = require("./password-hash");
 const { R } = require("redbean-node");
 const { setting } = require("./util-server");
 const { debug } = require("../src/util");
 const remoteUserHeader = process.env.REMOTE_USER_HEADER;
 /**
 *
 * @param username : string
@ -13,7 +15,7 @@ const { debug } = require("../src/util");
 exports.login = async function (username, password) {
    let user = await R.findOne("user", " username = ? AND active = 1 ", [
        username,
-    ])
+    ]);
    if (user && passwordHash.verify(password, user.password)) {
        // Upgrade the hash to bcrypt
@ -27,25 +29,38 @@ exports.login = async function (username, password) {
    }
    return null;
-}
+};
 function myAuthorizer(username, password, callback) {
 function basicAuthHandler(username, password, callback) {
    setting("disableAuth").then((result) => {
        if (result) {
-            callback(null, true)
+            callback(null, true);
        } else {
            exports.login(username, password).then((user) => {
-                callback(null, user != null)
+                callback(null, user != null);
-            })
+            });
        }
-    })
+    });
 }
-exports.basicAuth = basicAuth({
+async function authMiddleware(req, res, next) {
-    authorizer: myAuthorizer,
+    if (remoteUserHeader !== undefined) {
        const remoteUser = req.headers[remoteUserHeader.toLowerCase()];
        if (remoteUser !== undefined) {
            let user = await R.findOne("user", " username = ? AND active = 1 ", [
                remoteUser,
            ]);
            if (user) {
                next();
                return;
            }
        }
    }
    return basicAuth({
        authorizer: basicAuthHandler,
        authorizeAsync: true,
        challenge: true,
-});
+    })(req, res, next);
 }
 exports.basicAuth = authMiddleware;
--- a/server/server.js
+++ b/server/server.js
@ -80,12 +80,16 @@ const sslKey = process.env.UPTIME_KUMA_SSL_KEY || process.env.SSL_KEY || args["s
 const sslCert = process.env.UPTIME_KUMA_SSL_CERT || process.env.SSL_CERT || args["ssl-cert"] || undefined;
 const disableFrameSameOrigin = !!process.env.UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN || args["disable-frame-sameorigin"] || false;
 // Header AUTH
 const remoteUserHeader = process.env.REMOTE_USER_HEADER;
 // 2FA / notp verification defaults
 const twofa_verification_opts = {
    "window": 1,
    "time": 30
 };
 /**
 * Run unit test after the server is ready
 * @type {boolean}
@ -224,7 +228,6 @@ exports.entryPage = "dashboard";
    console.log("Adding socket handler");
    io.on("connection", async (socket) => {
        sendInfo(socket);
        totalClient++;
@ -1263,6 +1266,21 @@ exports.entryPage = "dashboard";
            console.log("Disabled Auth: auto login to admin");
            afterLogin(socket, await R.findOne("user"));
            socket.emit("autoLogin");
        } else if (remoteUserHeader !== undefined) {
            const remoteUser = socket.handshake.headers[remoteUserHeader.toLowerCase()];
            if (remoteUser !== undefined) {
                const user = await R.findOne("user", " username = ? AND active = 1 ", [
                    remoteUser,
                ]);
                if (user) {
                    afterLogin(socket, user);
                    socket.emit("autoLogin");
                } else {
                    debug(`Remote user ${remoteUser} doesn't exist`);
                }
            } else {
                debug("Remote user header set but not found in headers");
            }
        } else {
            debug("need auth");
        }