Implement local file auth

author: Johannes <johannes@cloudron.io> 2016-11-17 12:51:06 +0100
committer: Johannes <johannes@cloudron.io> 2016-11-17 12:51:06 +0100
commit: dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0 (patch)
tree: 5b01bd2e9218bf4a1733ddf57f4d08490c4fe85c /src
parent: 5a2423695663b6b55b8430204c3ad666f417b20f (diff)
download: Surfer-dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0.tar.gz
Surfer-dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0.tar.zst
Surfer-dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0.zip
1 files changed, 15 insertions, 6 deletions
diff --git a/src/auth.js b/src/auth.js
index 39c01a1..6ddb125 100644
--- a/src/auth.js
+++ b/src/auth.js
@@ -1,8 +1,13 @@
 'use strict';
 var passport = require('passport'),
+    path = require('path'),
+    safe = require('safetydance'),
+    bcrypt = require('bcryptjs'),
    LdapStrategy = require('passport-ldapjs').Strategy;
+var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json');
 passport.serializeUser(function (user, done) {
    console.log('serializeUser', user);
    done(null, user.uid);
@@ -21,13 +26,17 @@ if (LDAP_URL && LDAP_USERS_BASE_DN) {
    exports.ldap = passport.authenticate('ldap');
 } else {
-    exports.ldap = function (req, res, next) {
+    console.log('Use local user file:', LOCAL_AUTH_FILE);
-        console.log('Disable ldap auth, use developer credentials!');
-        if (req.query.username !== 'test') return res.send(401);
+    exports.ldap = function (req, res, next) {
-        if (req.query.password !== 'test') return res.send(401);
+        var users = safe.JSON.parse(safe.fs.readFileSync(LOCAL_AUTH_FILE));
+        if (!users) return res.send(401);
-        next();
+        if (!users[req.query.username]) return res.send(401);
+        bcrypt.compare(req.query.password, users[req.query.username].passwordHash, function (error, valid) {
+            if (error || !valid) return res.send(401);
+            next();
+        });
    };
 }
author	Johannes <johannes@cloudron.io>	2016-11-17 12:51:06 +0100
committer	Johannes <johannes@cloudron.io>	2016-11-17 12:51:06 +0100
commit	dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0 (patch)
tree	5b01bd2e9218bf4a1733ddf57f4d08490c4fe85c /src
parent	5a2423695663b6b55b8430204c3ad666f417b20f (diff)
download	Surfer-dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0.tar.gz Surfer-dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0.tar.zst Surfer-dcb2086608d38a8c5c17fcdbd7ec97155aeb9cc0.zip

diff --git a/src/auth.js b/src/auth.js index 39c01a1..6ddb125 100644 --- a/src/auth.js +++ b/src/auth.js
@@ -1,8 +1,13 @@
1	'use strict';	1	'use strict';
2		2
3	var passport = require('passport'),	3	var passport = require('passport'),
		4	path = require('path'),
		5	safe = require('safetydance'),
		6	bcrypt = require('bcryptjs'),
4	LdapStrategy = require('passport-ldapjs').Strategy;	7	LdapStrategy = require('passport-ldapjs').Strategy;
5		8
		9	var LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE \|\| './.users.json');
		10
6	passport.serializeUser(function (user, done) {	11	passport.serializeUser(function (user, done) {
7	console.log('serializeUser', user);	12	console.log('serializeUser', user);
8	done(null, user.uid);	13	done(null, user.uid);
@@ -21,13 +26,17 @@ if (LDAP_URL && LDAP_USERS_BASE_DN) {
21		26
22	exports.ldap = passport.authenticate('ldap');	27	exports.ldap = passport.authenticate('ldap');
23	} else {	28	} else {
24	exports.ldap = function (req, res, next) {	29	console.log('Use local user file:', LOCAL_AUTH_FILE);
25	console.log('Disable ldap auth, use developer credentials!');
26		30
27	if (req.query.username !== 'test') return res.send(401);	31	exports.ldap = function (req, res, next) {
28	if (req.query.password !== 'test') return res.send(401);	32	var users = safe.JSON.parse(safe.fs.readFileSync(LOCAL_AUTH_FILE));
29		33	if (!users) return res.send(401);
30	next();	34	if (!users[req.query.username]) return res.send(401);
		35
		36	bcrypt.compare(req.query.password, users[req.query.username].passwordHash, function (error, valid) {
		37	if (error \|\| !valid) return res.send(401);
		38	next();
		39	});
31	};	40	};
32	}	41	}
33		42