]> git.cworth.org Git - obsolete/notmuch-web/blobdiff - node_modules/express/node_modules/connect/lib/middleware/basicAuth.js
projects / obsolete / notmuch-web / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Install the "express" node module via npm
[obsolete/notmuch-web] / node_modules / express / node_modules / connect / lib / middleware / basicAuth.js
diff --git a/node_modules/express/node_modules/connect/lib/middleware/basicAuth.js b/node_modules/express/node_modules/connect/lib/middleware/basicAuth.js
new file mode 100644 (file)
index 0000000..3ff472b
--- /dev/null
+++ b/node_modules/express/node_modules/connect/lib/middleware/basicAuth.js
@@ -0,0 +1,93 @@
+
+/*!
+ * Connect - basicAuth
+ * Copyright(c) 2010 Sencha Inc.
+ * Copyright(c) 2011 TJ Holowaychuk
+ * MIT Licensed
+ */
+
+/**
+ * Module dependencies.
+ */
+
+var utils = require('../utils')
+  , unauthorized = utils.unauthorized
+  , badRequest = utils.badRequest;
+
+/**
+ * Enfore basic authentication by providing a `callback(user, pass)`,
+ * which must return `true` in order to gain access. Alternatively an async
+ * method is provided as well, invoking `callback(user, pass, callback)`. Populates
+ * `req.remoteUser`. The final alternative is simply passing username / password
+ * strings.
+ *
+ * Examples:
+ *
+ *     connect(connect.basicAuth('username', 'password'));
+ *
+ *     connect(
+ *       connect.basicAuth(function(user, pass){
+ *         return 'tj' == user & 'wahoo' == pass;
+ *       })
+ *     );
+ *
+ *     connect(
+ *       connect.basicAuth(function(user, pass, fn){
+ *         User.authenticate({ user: user, pass: pass }, fn);
+ *       })
+ *     );
+ *
+ * @param {Function|String} callback or username
+ * @param {String} realm
+ * @api public
+ */
+
+module.exports = function basicAuth(callback, realm) {
+  var username, password;
+
+  // user / pass strings
+  if ('string' == typeof callback) {
+    username = callback;
+    password = realm;
+    if ('string' != typeof password) throw new Error('password argument required');
+    realm = arguments[2];
+    callback = function(user, pass){
+      return user == username && pass == password;
+    }
+  }
+
+  realm = realm || 'Authorization Required';
+
+  return function(req, res, next) {
+    var authorization = req.headers.authorization;
+
+    if (req.remoteUser) return next();
+    if (!authorization) return unauthorized(res, realm);
+
+    var parts = authorization.split(' ')
+      , scheme = parts[0]
+      , credentials = new Buffer(parts[1], 'base64').toString().split(':');
+
+    if ('Basic' != scheme) return badRequest(res);
+
+    // async
+    if (callback.length >= 3) {
+      var pause = utils.pause(req);
+      callback(credentials[0], credentials[1], function(err, user){
+        if (err || !user)  return unauthorized(res, realm);
+        req.remoteUser = user;
+        next();
+        pause.resume();
+      });
+    // sync
+    } else {
+      if (callback(credentials[0], credentials[1])) {
+        req.remoteUser = credentials[0];
+        next();
+      } else {
+        unauthorized(res, realm);
+      }
+    }
+  }
+};
+
Unnamed repository; edit this file 'description' to name the repository.