login is possible
This commit is contained in:
Marc Wäckerlin
@@ -1,69 +1,49 @@
|
||||
module.exports = function(config) {
|
||||
|
||||
const crypto = require('crypto');
|
||||
const password = crypto.randomBytes(256);
|
||||
var cookie = require('cookie-encryption');
|
||||
// const cipher = crypto.createCipher('aes256', password);
|
||||
// const decipher = crypto.createDecipher('aes256', password);
|
||||
// var encrypted = cipher.update(JSON.stringify(user), 'utf8', 'base64')
|
||||
// + cipher.final('base64');
|
||||
// console.log("encrypted", encrypted);
|
||||
// var decrypted = decipher.update(encrypted, 'base64', 'utf8') + decipher.final('utf8');
|
||||
// console.log("decrypted", decrypted);
|
||||
|
||||
var authentication = function (req, res, next) {
|
||||
return next();
|
||||
}
|
||||
|
||||
if (config) {
|
||||
|
||||
var cipher = config.cookies && config.cookies.cipher ? config.cookies.cipher : "aes256";
|
||||
authentication = function (username, password, success, fail) {
|
||||
|
||||
authentication = function (req, res, next) {
|
||||
|
||||
function unauthorized(res) {
|
||||
res.setHeader('WWW-Authenticate', 'Basic realm=Authorization Required');
|
||||
res.status(401).send('Not logged in. <a href="/">Login</a>');
|
||||
};
|
||||
|
||||
var user = require('basic-auth')(req);
|
||||
var vault = cookie('credentials');
|
||||
|
||||
if (!user || !user.name || !user.pass) {
|
||||
return unauthorized(res);
|
||||
};
|
||||
|
||||
if (config.passwords && config.passwords[user.name]) {
|
||||
if (crypto.getHashes().indexOf(config.passwords[user.name][0])>=0) {
|
||||
if (crypto.createHash(config.passwords[user.name][0])
|
||||
.update(user.pass, 'utf8').digest('hex') === config.passwords[user.name][1]) {
|
||||
return next();
|
||||
if (config) {
|
||||
const crypto = require('crypto');
|
||||
if (config.passwords && config.passwords[username]) {
|
||||
if (crypto.getHashes().indexOf(config.passwords[username][0])>=0) {
|
||||
if (crypto.createHash(config.passwords[username][0]).update(password, 'utf8').digest('hex') === config.passwords[username][1]) {
|
||||
success();
|
||||
return;
|
||||
} else {
|
||||
fail();
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
console.log("**** HASH NOT FOUND ****");
|
||||
console.log(config.passwords[user.name][0]);
|
||||
console.log(config.passwords[username][0]);
|
||||
console.log(crypto.getHashes());
|
||||
fail();
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (config.ldap) try {
|
||||
var LdapAuth = require('ldapauth');
|
||||
var auth = new LdapAuth(config.ldap);
|
||||
auth.authenticate(user.name, user.pass, function(err, usr) {
|
||||
auth.authenticate(username, password, function(err, usr) {
|
||||
auth.close(function(err) {})
|
||||
if (err) {
|
||||
console.log("**** ERROR: LDAP Authentication failed:", err);
|
||||
return unauthorized(res);
|
||||
fail();
|
||||
return;
|
||||
}
|
||||
console.log("**** SUCCESS: LDAP Authentication:");
|
||||
return next();
|
||||
success();
|
||||
return;
|
||||
});
|
||||
return; // need to block here!
|
||||
} catch (e) {
|
||||
console.log("**** Error: LDAP failed: ", e, e.stack);
|
||||
fail();
|
||||
return;
|
||||
}
|
||||
return unauthorized(res);
|
||||
};
|
||||
|
||||
}
|
||||
fail();
|
||||
return;
|
||||
}
|
||||
|
||||
return authentication;
|
||||
|
||||
Reference in New Issue
Block a user