Browse Source

Add enviourment variable for remote user authentication

Mikhail5555/feature/remote-header-auth
Mikhail Epifanov 3 years ago
parent
commit
54cec2754d
  1. 45
      server/auth.js
  2. 22
      server/server.js

45
server/auth.js

@ -1,9 +1,11 @@
const basicAuth = require("express-basic-auth") const basicAuth = require("express-basic-auth");
const passwordHash = require("./password-hash"); const passwordHash = require("./password-hash");
const { R } = require("redbean-node"); const { R } = require("redbean-node");
const { setting } = require("./util-server"); const { setting } = require("./util-server");
const { debug } = require("../src/util"); const { debug } = require("../src/util");
const remoteUserHeader = process.env.REMOTE_USER_HEADER;
/** /**
* *
* @param username : string * @param username : string
@ -13,7 +15,7 @@ const { debug } = require("../src/util");
exports.login = async function (username, password) { exports.login = async function (username, password) {
let user = await R.findOne("user", " username = ? AND active = 1 ", [ let user = await R.findOne("user", " username = ? AND active = 1 ", [
username, username,
]) ]);
if (user && passwordHash.verify(password, user.password)) { if (user && passwordHash.verify(password, user.password)) {
// Upgrade the hash to bcrypt // Upgrade the hash to bcrypt
@ -27,25 +29,38 @@ exports.login = async function (username, password) {
} }
return null; return null;
} };
function myAuthorizer(username, password, callback) {
function basicAuthHandler(username, password, callback) {
setting("disableAuth").then((result) => { setting("disableAuth").then((result) => {
if (result) { if (result) {
callback(null, true) callback(null, true);
} else { } else {
exports.login(username, password).then((user) => { exports.login(username, password).then((user) => {
callback(null, user != null) callback(null, user != null);
}) });
} }
}) });
}
async function authMiddleware(req, res, next) {
if (remoteUserHeader !== undefined) {
const remoteUser = req.headers[remoteUserHeader.toLowerCase()];
if (remoteUser !== undefined) {
let user = await R.findOne("user", " username = ? AND active = 1 ", [
remoteUser,
]);
if (user) {
next();
return;
}
}
}
return basicAuth({
authorizer: basicAuthHandler,
authorizeAsync: true,
challenge: true,
})(req, res, next);
} }
exports.basicAuth = basicAuth({ exports.basicAuth = authMiddleware;
authorizer: myAuthorizer,
authorizeAsync: true,
challenge: true,
});

22
server/server.js

@ -64,6 +64,9 @@ const port = parseInt(process.env.PORT || args.port || 3001);
const sslKey = process.env.SSL_KEY || args["ssl-key"] || undefined; const sslKey = process.env.SSL_KEY || args["ssl-key"] || undefined;
const sslCert = process.env.SSL_CERT || args["ssl-cert"] || undefined; const sslCert = process.env.SSL_CERT || args["ssl-cert"] || undefined;
// Header AUTH
const remoteUserHeader = process.env.REMOTE_USER_HEADER;
// Demo Mode? // Demo Mode?
const demoMode = args["demo"] || false; const demoMode = args["demo"] || false;
@ -180,7 +183,6 @@ exports.entryPage = "dashboard";
console.log("Adding socket handler"); console.log("Adding socket handler");
io.on("connection", async (socket) => { io.on("connection", async (socket) => {
socket.emit("info", { socket.emit("info", {
version: checkVersion.version, version: checkVersion.version,
latestVersion: checkVersion.latestVersion, latestVersion: checkVersion.latestVersion,
@ -1189,10 +1191,26 @@ exports.entryPage = "dashboard";
// *************************** // ***************************
debug("check auto login"); debug("check auto login");
console.log(socket.handshake.headers);
if (await setting("disableAuth")) { if (await setting("disableAuth")) {
console.log("Disabled Auth: auto login to admin"); console.log("Disabled Auth: auto login to admin");
afterLogin(socket, await R.findOne("user")); afterLogin(socket, await R.findOne("user"));
socket.emit("autoLogin"); socket.emit("autoLogin");
} else if (remoteUserHeader !== undefined) {
const remoteUser = socket.handshake.headers[remoteUserHeader.toLowerCase()];
if (remoteUser !== undefined) {
const user = await R.findOne("user", " username = ? AND active = 1 ", [
remoteUser,
]);
if (user) {
afterLogin(socket, user);
socket.emit("autoLogin");
} else {
debug(`remote user ${remoteUser} doesnt exist`);
}
} else {
debug("remote user header set but not found in headers");
}
} else { } else {
debug("need auth"); debug("need auth");
} }
@ -1398,7 +1416,7 @@ function finalFunction() {
gracefulShutdown(server, { gracefulShutdown(server, {
signals: "SIGINT SIGTERM", signals: "SIGINT SIGTERM",
timeout: 30000, // timeout: 30 secs timeout: 30000, // timeout: 30 secs
development: false, // not in dev mode development: true, // not in dev mode
forceExit: true, // triggers process.exit() at the end of shutdown process forceExit: true, // triggers process.exit() at the end of shutdown process
onShutdown: shutdownFunction, // shutdown function (async) - e.g. for cleanup DB, ... onShutdown: shutdownFunction, // shutdown function (async) - e.g. for cleanup DB, ...
finally: finalFunction, // finally function (sync) - e.g. for logging finally: finalFunction, // finally function (sync) - e.g. for logging

Loading…
Cancel
Save