diff options
| author |   Lucas, John (jl1315) <jflucas@research.att.com> | 2017-08-23 18:58:33 +0000 |
|---|---|---|
| committer | J. F. Lucas <jflucas@research.att.com> | 2017-08-23 19:05:41 +0000 |
| commit | 3c1527544df835a831898edbd74a473f027bb855 (patch) | |
| tree | 2e2cf0c7060b39aec4829dc866fcb2468fa16b77 /lib/auth.js | |
| parent | bacbd4c6349f9de9c597d309a6c23eced2058a15 (diff) | |
deployment handler initial seed code
Change-Id: I0bfc86d17edead0114ea0012fb469014e978cd15
Issue-Id: DCAEGEN2-43
Signed-off-by: J. F. Lucas <jflucas@research.att.com>
Diffstat (limited to 'lib/auth.js')
| -rw-r--r-- | lib/auth.js | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/lib/auth.js b/lib/auth.js new file mode 100644 index 0000000..9ddd7b3 --- /dev/null +++ b/lib/auth.js @@ -0,0 +1,65 @@ +/* +Copyright(c) 2017 AT&T Intellectual Property. All rights reserved. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. + +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR +CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and limitations under the License. +*/ + +/* HTTP Basic Authentication */ + +"use strict"; + +/* Extract user name and password from the 'Authorization' header */ +const parseAuthHeader = function(authHeader){ + + var parsedHeader = {}; + + const authItems = authHeader.split(/\s+/); // Split on the white space between Basic and the base64 encoded user:password + + if (authItems[0].toLowerCase() === 'basic') { + if (authItems[1]) { + const authString = (new Buffer(authItems[1], 'base64')).toString(); + const userpass = authString.split(':'); + if (userpass.length > 1) { + parsedHeader = {user: userpass[0], password: userpass[1]}; + } + } + } + return parsedHeader; +}; + +/* Middleware function to check authentication */ +exports.checkAuth = function(req, res, next) { + const auth = process.mainModule.exports.config.auth; + if (auth) { + /* Authentication is configured */ + if (req.headers.authorization) { + const creds = parseAuthHeader(req.headers.authorization); + if (creds.user && creds.password && (creds.user in auth) && (auth[creds.user] === creds.password)) { + next(); + } + else { + var err = new Error('Authentication required'); + err.status = 403; + next(err); + } + } + else { + var errx = new Error ('Authentication required'); + errx.status = 403; + next(errx); + } + } + else { + next(); // Nothing to do, no authentication required + } +};
\ No newline at end of file |