express-basic-auth
Advanced tools
Comparing version 0.3.1 to 0.3.2
@@ -1,6 +0,6 @@ | ||
var express = require('express'); | ||
const express = require('express') | ||
var app = express(); | ||
var app = express() | ||
var basicAuth = require('./index.js'); | ||
const basicAuth = require('./index.js') | ||
@@ -28,3 +28,3 @@ /** | ||
challenge: false | ||
}); | ||
}) | ||
@@ -34,3 +34,3 @@ //Uses a custom (synchronous) authorizer function | ||
authorizer: myAuthorizer | ||
}); | ||
}) | ||
@@ -41,3 +41,3 @@ //Same, but sends a basic auth challenge header when authorization fails | ||
challenge: true | ||
}); | ||
}) | ||
@@ -48,3 +48,3 @@ //Uses a custom asynchronous authorizer function | ||
authorizeAsync: true | ||
}); | ||
}) | ||
@@ -55,3 +55,3 @@ //Uses a custom response body function | ||
unauthorizedResponse: getUnauthorizedResponse | ||
}); | ||
}) | ||
@@ -61,3 +61,3 @@ //Uses a static response body | ||
unauthorizedResponse: 'Haaaaaha' | ||
}); | ||
}) | ||
@@ -67,39 +67,39 @@ //Uses a JSON response body | ||
unauthorizedResponse: { foo: 'bar' } | ||
}); | ||
}) | ||
app.get('/static', staticUserAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.get('/custom', customAuthorizerAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.get('/challenge', challengeAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.get('/async', asyncAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.get('/custombody', customBodyAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.get('/staticbody', staticBodyAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.get('/jsonbody', jsonBodyAuth, function(req, res) { | ||
res.status(200).send('You passed'); | ||
}); | ||
res.status(200).send('You passed') | ||
}) | ||
app.listen(8080, function() { | ||
console.log("Listening!"); | ||
}); | ||
console.log("Listening!") | ||
}) | ||
//Custom authorizer checking if the username starts with 'A' and the password with 'secret' | ||
function myAuthorizer(username, password) { | ||
return username.startsWith('A') && password.startsWith('secret'); | ||
return username.startsWith('A') && password.startsWith('secret') | ||
} | ||
@@ -110,3 +110,3 @@ | ||
if(username.startsWith('A') && password.startsWith('secret')) | ||
return cb(null, true); | ||
return cb(null, true) | ||
else | ||
@@ -117,3 +117,3 @@ return cb(null, false) | ||
function getUnauthorizedResponse(req) { | ||
return req.auth ? ('Credentials ' + req.auth.user + ':' + req.auth.password + ' rejected') : 'No credentials provided'; | ||
return req.auth ? ('Credentials ' + req.auth.user + ':' + req.auth.password + ' rejected') : 'No credentials provided' | ||
} |
58
index.js
@@ -1,19 +0,19 @@ | ||
var auth = require('basic-auth'); | ||
var assert = require('assert'); | ||
const auth = require('basic-auth') | ||
const assert = require('assert') | ||
function buildMiddleware(options) { | ||
var challenge = options.challenge != undefined ? !!options.challenge : false; | ||
var users = options.users || {}; | ||
var authorizer = options.authorizer || staticUsersAuthorizer; | ||
var isAsync = options.authorizeAsync != undefined ? !!options.authorizeAsync : false; | ||
var getResponseBody = options.unauthorizedResponse; | ||
var challenge = options.challenge != undefined ? !!options.challenge : false | ||
var users = options.users || {} | ||
var authorizer = options.authorizer || staticUsersAuthorizer | ||
var isAsync = options.authorizeAsync != undefined ? !!options.authorizeAsync : false | ||
var getResponseBody = options.unauthorizedResponse | ||
if(!getResponseBody) | ||
getResponseBody = function() { return ''; }; | ||
getResponseBody = function() { return '' } | ||
else if(typeof getResponseBody != 'function') | ||
getResponseBody = function() { return options.unauthorizedResponse }; | ||
getResponseBody = function() { return options.unauthorizedResponse } | ||
assert(typeof getResponseBody == 'function', 'Expected a string or function for the unauthorizedResponse option'); | ||
assert(typeof users == 'object', 'Expected an object for the basic auth users, found ' + typeof users + ' instead'); | ||
assert(typeof authorizer == 'function', 'Expected a function for the basic auth authorizer, found ' + typeof authorizer + ' instead'); | ||
assert(typeof getResponseBody == 'function', 'Expected a string or function for the unauthorizedResponse option') | ||
assert(typeof users == 'object', 'Expected an object for the basic auth users, found ' + typeof users + ' instead') | ||
assert(typeof authorizer == 'function', 'Expected a function for the basic auth authorizer, found ' + typeof authorizer + ' instead') | ||
@@ -23,12 +23,12 @@ function staticUsersAuthorizer(username, password) { | ||
if(username == i && password == users[i]) | ||
return true; | ||
return true | ||
return false; | ||
return false | ||
} | ||
return function authMiddleware(req, res, next) { | ||
var authentication = auth(req); | ||
var authentication = auth(req) | ||
if(!authentication) | ||
return unauthorized(); | ||
return unauthorized() | ||
@@ -38,10 +38,10 @@ req.auth = { | ||
password: authentication.pass | ||
}; | ||
} | ||
if(isAsync) | ||
return authorizer(authentication.name, authentication.pass, authorizerCallback); | ||
return authorizer(authentication.name, authentication.pass, authorizerCallback) | ||
else if(!authorizer(authentication.name, authentication.pass)) | ||
return unauthorized(); | ||
return unauthorized() | ||
return next(); | ||
return next() | ||
@@ -51,24 +51,24 @@ function unauthorized() { | ||
if(challenge) | ||
res.set('WWW-Authenticate', 'Basic'); | ||
res.set('WWW-Authenticate', 'Basic') | ||
//TODO: Allow response body to be JSON (maybe autodetect?) | ||
const response = getResponseBody(req); | ||
const response = getResponseBody(req) | ||
if(typeof response == 'string') | ||
return res.status(401).send(response); | ||
return res.status(401).send(response) | ||
return res.status(401).json(response); | ||
return res.status(401).json(response) | ||
} | ||
function authorizerCallback(err, approved) { | ||
assert.ifError(err); | ||
assert.ifError(err) | ||
if(approved) | ||
return next(); | ||
return next() | ||
return unauthorized(); | ||
return unauthorized() | ||
} | ||
}; | ||
} | ||
} | ||
module.exports = buildMiddleware; | ||
module.exports = buildMiddleware |
{ | ||
"name": "express-basic-auth", | ||
"version": "0.3.1", | ||
"version": "0.3.2", | ||
"description": "Plug & play basic auth middleware for express", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -21,8 +21,8 @@ # express-basic-auth | ||
```js | ||
var app = require('express')(); | ||
var basicAuth = require('express-basic-auth'); | ||
var app = require('express')() | ||
var basicAuth = require('express-basic-auth') | ||
app.use(basicAuth({ | ||
users: { 'admin': 'supersecret' } | ||
})); | ||
})) | ||
``` | ||
@@ -54,3 +54,3 @@ | ||
} | ||
})); | ||
})) | ||
``` | ||
@@ -68,6 +68,6 @@ | ||
```js | ||
app.use(basicAuth( { authorizer: myAuthorizer } )); | ||
app.use(basicAuth( { authorizer: myAuthorizer } )) | ||
function myAuthorizer(username, password) { | ||
return username.startsWith('A') && password.startsWith('secret'); | ||
return username.startsWith('A') && password.startsWith('secret') | ||
} | ||
@@ -93,7 +93,7 @@ ``` | ||
authorizeAsync: true | ||
})); | ||
})) | ||
function myAsyncAuthorizer(username, password, cb) { | ||
if(username.startsWith('A') && password.startsWith('secret')) | ||
return cb(null, true); | ||
return cb(null, true) | ||
else | ||
@@ -116,8 +116,8 @@ return cb(null, false) | ||
unauthorizedResponse: getUnauthorizedResponse | ||
})); | ||
})) | ||
function getUnauthorizedResponse(req) { | ||
return req.auth | ||
? ('Credentials ' + req.auth.user + ':' + req.auth.password + ' rejected') | ||
: 'No credentials provided'; | ||
return req.auth ? | ||
('Credentials ' + req.auth.user + ':' + req.auth.password + ' rejected') : | ||
'No credentials provided' | ||
} | ||
@@ -137,3 +137,3 @@ ``` | ||
challenge: true | ||
})); | ||
})) | ||
``` | ||
@@ -140,0 +140,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
10448