From 2aaa2601dd134cd0dd7d336ff55685edf5577d43 Mon Sep 17 00:00:00 2001 From: Kohei Watanabe Date: Tue, 24 Mar 2020 18:21:28 +0900 Subject: [PATCH] feat: add /basic-auth endpoint --- .gitignore | 1 + index.js | 19 +++++++++++++++++++ package.json | 7 +++++-- yarn.lock | 30 ++++++++++++++++++++++++++++++ 4 files changed, 55 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 2ccbe46..66ee735 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /node_modules/ +/.env diff --git a/index.js b/index.js index 8324486..59454e4 100644 --- a/index.js +++ b/index.js @@ -1,10 +1,29 @@ const express = require("express"); +const passport = require("passport"); +const { BasicStrategy } = require("passport-http"); +const { timingSafeEqual } = require("crypto"); +const { HTTP_USERNAME, HTTP_PASSWORD } = process.env; + +passport.use( + new BasicStrategy(function(username, password, done) { + return done( + null, + HTTP_USERNAME != null && + username.length === HTTP_USERNAME.length && + timingSafeEqual(Buffer.from(username), Buffer.from(HTTP_USERNAME)) && + password.length === HTTP_PASSWORD.length && + timingSafeEqual(Buffer.from(password), Buffer.from(HTTP_PASSWORD)) + ); + }) +); + const app = express(); app.use(express.json()); app.use(express.urlencoded({ extended: false })); app.use(express.raw({ type: "*/*" })); app.set("json spaces", 2); +app.all("/basic-auth", passport.authenticate("basic", { session: false })); app.all("/*", function(req, res) { res.json({ headers: req.headers, diff --git a/package.json b/package.json index 6097d1e..6e9a0b4 100644 --- a/package.json +++ b/package.json @@ -5,12 +5,15 @@ "main": "index.js", "license": "MIT", "scripts": { - "start": "node index.js" + "start": "node -r dotenv/config index.js" }, "dependencies": { - "express": "latest" + "express": "latest", + "passport-http": "latest", + "passport": "latest" }, "devDependencies": { + "dotenv": "latest", "sync-glitch-cli": "latest" }, "engines": { diff --git a/yarn.lock b/yarn.lock index 3afe9b8..7d75a4f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -125,6 +125,11 @@ dotenv@^6.2.0: resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-6.2.0.tgz#941c0410535d942c8becf28d3f357dbd9d476064" integrity sha512-HygQCKUBSFl8wKQZBSemMywRWcEDNidvNbjGVyZu3nbZ8qq9ubiPoGLMdRDpfSrpkkm9BXYFkpKxxFX38o/76w== +dotenv@latest: + version "8.2.0" + resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-8.2.0.tgz#97e619259ada750eea3e4ea3e26bceea5424b16a" + integrity sha512-8sJ78ElpbDJBHNeBzUbUVLsqKdccaa/BXF1uPTw3GrvQTBgrQrtObr2mUrE38vzYd8cEv+m/JBfDLioYcfXoaw== + ee-first@1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" @@ -347,11 +352,36 @@ parseurl@~1.3.3: resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.3.tgz#9da19e7bee8d12dff0513ed5b76957793bc2e8d4" integrity sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ== +passport-http@latest: + version "0.3.0" + resolved "https://registry.yarnpkg.com/passport-http/-/passport-http-0.3.0.tgz#8ee53d4380be9c60df2151925029826f77115603" + integrity sha1-juU9Q4C+nGDfIVGSUCmCb3cRVgM= + dependencies: + passport-strategy "1.x.x" + +passport-strategy@1.x.x: + version "1.0.0" + resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" + integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ= + +passport@latest: + version "0.4.1" + resolved "https://registry.yarnpkg.com/passport/-/passport-0.4.1.tgz#941446a21cb92fc688d97a0861c38ce9f738f270" + integrity sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg== + dependencies: + passport-strategy "1.x.x" + pause "0.0.1" + path-to-regexp@0.1.7: version "0.1.7" resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c" integrity sha1-32BBeABfUi8V60SQ5yR6G/qmf4w= +pause@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" + integrity sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10= + proxy-addr@~2.0.5: version "2.0.6" resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-2.0.6.tgz#fdc2336505447d3f2f2c638ed272caf614bbb2bf"