mirror of
https://github.com/denoland/deno.git
synced 2024-12-01 16:51:13 -05:00
48 lines
1.8 KiB
JavaScript
48 lines
1.8 KiB
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.basicAuth = void 0;
|
|
const buffer_1 = require("../../utils/buffer");
|
|
const encode_1 = require("../../utils/encode");
|
|
const CREDENTIALS_REGEXP = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9._~+/-]+=*) *$/;
|
|
const USER_PASS_REGEXP = /^([^:]*):(.*)$/;
|
|
const auth = (req) => {
|
|
const match = CREDENTIALS_REGEXP.exec(req.headers.get('Authorization') || '');
|
|
if (!match) {
|
|
return undefined;
|
|
}
|
|
const userPass = USER_PASS_REGEXP.exec((0, encode_1.decodeBase64)(match[1]));
|
|
if (!userPass) {
|
|
return undefined;
|
|
}
|
|
return { username: userPass[1], password: userPass[2] };
|
|
};
|
|
const basicAuth = (options, ...users) => {
|
|
if (!options) {
|
|
throw new Error('basic auth middleware requires options for "username and password"');
|
|
}
|
|
if (!options.realm) {
|
|
options.realm = 'Secure Area';
|
|
}
|
|
users.unshift({ username: options.username, password: options.password });
|
|
return async (ctx, next) => {
|
|
const requestUser = auth(ctx.req);
|
|
if (requestUser) {
|
|
for (const user of users) {
|
|
const usernameEqual = await (0, buffer_1.timingSafeEqual)(user.username, requestUser.username, options.hashFunction);
|
|
const passwordEqual = await (0, buffer_1.timingSafeEqual)(user.password, requestUser.password, options.hashFunction);
|
|
if (usernameEqual && passwordEqual) {
|
|
// Authorized OK
|
|
await next();
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
ctx.res = new Response('Unauthorized', {
|
|
status: 401,
|
|
headers: {
|
|
'WWW-Authenticate': 'Basic realm="' + options.realm?.replace(/"/g, '\\"') + '"',
|
|
},
|
|
});
|
|
};
|
|
};
|
|
exports.basicAuth = basicAuth;
|