1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-14 19:37:59 -05:00
denoland-deno/cli/bench/testdata/npm/hono/dist/middleware/basic-auth/index.js

49 lines
1.8 KiB
JavaScript
Raw Normal View History

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.basicAuth = void 0;
const buffer_1 = require("../../utils/buffer");
const encode_1 = require("../../utils/encode");
const CREDENTIALS_REGEXP = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9._~+/-]+=*) *$/;
const USER_PASS_REGEXP = /^([^:]*):(.*)$/;
const auth = (req) => {
const match = CREDENTIALS_REGEXP.exec(req.headers.get('Authorization') || '');
if (!match) {
return undefined;
}
const userPass = USER_PASS_REGEXP.exec((0, encode_1.decodeBase64)(match[1]));
if (!userPass) {
return undefined;
}
return { username: userPass[1], password: userPass[2] };
};
const basicAuth = (options, ...users) => {
if (!options) {
throw new Error('basic auth middleware requires options for "username and password"');
}
if (!options.realm) {
options.realm = 'Secure Area';
}
users.unshift({ username: options.username, password: options.password });
return async (ctx, next) => {
const requestUser = auth(ctx.req);
if (requestUser) {
for (const user of users) {
const usernameEqual = await (0, buffer_1.timingSafeEqual)(user.username, requestUser.username, options.hashFunction);
const passwordEqual = await (0, buffer_1.timingSafeEqual)(user.password, requestUser.password, options.hashFunction);
if (usernameEqual && passwordEqual) {
// Authorized OK
await next();
return;
}
}
}
ctx.res = new Response('Unauthorized', {
status: 401,
headers: {
'WWW-Authenticate': 'Basic realm="' + options.realm?.replace(/"/g, '\\"') + '"',
},
});
};
};
exports.basicAuth = basicAuth;