Improve authentication

Support option “redirect”

Author: SamyPesse

lib/configs/default.js

@@ -30,10 +30,13 @@ module.exports = function(options) {
 
         // Authentication settings
         'auth': {
-            'basic': true
+            // Redirect user to this url for auth
+            'redirect': undefined,
         },
 
         // Hooks
+        // If value is string: POST to the url
+        // If function: executed
         'hooks': {
             'users.auth': function(data) {
                 if (!data.email || !data.token) throw "Need 'token' and 'email' for auth hook";
@@ -59,8 +62,13 @@ module.exports = function(options) {
 
         // Packages
         'packages': {
+            // Path to store all packages for the user
             'root': undefined,
+
+            // Path to default packages
             'defaults': path.resolve(__dirname, "../../packages"),
+
+            // Packages to install when booting
             'install': {}
         }
     }, _.defaults);

lib/index.js

@@ -7,7 +7,7 @@ var fs = require('fs');
 var http = require('http');
 var express = require('express');
 var bodyParser = require('body-parser');
-var basicAuth = require('basic-auth-connect');
+var basicAuth = require('basic-auth');
 var cookieParser = require('cookie-parser');
 var session = require('express-session');
 var Busboy = require('busboy');
@@ -115,6 +115,8 @@ var start = function(config) {
         resave: false,
         saveUninitialized: true
     }));
+
+    // Auth by query strings
     app.use("/", function(req, res, next) {
         var args = _.extend({}, req.query, req.body);
         if (args.email && args.token) {
@@ -128,21 +130,30 @@ var start = function(config) {
         }
     });
 
-    // Static files
-    app.use('/', express.static(path.resolve(__dirname, '../build')));
-
     // Auth
     app.use(function(req, res, next) {
-        var doAuth = basicAuth(function(user, pass, fn){
-            users.auth(user, pass)
+        if (req.session.userId) return next();
+
+        var auth = basicAuth(req);
+
+        // Do basic auth
+        if (auth && auth.name && auth.pass) {
+            users.auth(auth.name, auth.pass, req)
             .then(function(user) {
-                fn(null, user)
+                req.user = user;
+                next();
             })
-            .fail(fn);
-        });
-
-        if (req.session.userId || !config.auth.basic) return next();
-        doAuth(req, res, next);
+            .fail(next);
+        } else {
+            if (config.auth.redirect) {
+                console.log('no auth, redirect to', config.auth.redirect);
+                res.redirect(config.auth.redirect);
+            } else {
+                res.header('WWW-Authenticate', 'Basic realm="codebox"');
+                res.status(401);
+                res.end();
+            }
+        }
     });
     app.use(function(req, res, next) {
         if (req.user) {
@@ -166,6 +177,10 @@ var start = function(config) {
         }
     });
 
+    // Static files
+    app.use('/', express.static(path.resolve(__dirname, '../build')));
+
+
     // Download packages
     app.use('/packages', _middleware(function() {
         return express.static(config.packages.root);

package.json

@@ -42,7 +42,7 @@
         "commander": "2.8.0",
         "open": "0.0.5",
         "ini": "1.2.1",
-        "basic-auth-connect": "1.0.0",
+        "basic-auth": "1.0.0",
         "mime": "1.3.4",
         "busboy": "0.2.9",
         "uuid": "2.0.1",