UNPKG

@ajejoseph22/proxx

Version:

A lightweight HTTPS/HTTP proxy server with bandwidth tracking, basic auth and real-time analytics.

github.com/ajejoseph22/proxx

ajejoseph22/proxx

96 lines (81 loc) 2.62 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import bcrypt from "bcrypt"; import express from "express"; import http from "http"; import { IDatabaseService } from "../database-service"; export type AuthResponse = { isAuthenticated: boolean; code: number; message: string; }; export class AuthService { private readonly databaseService: IDatabaseService; private readonly statusCode = { UNAUTHORIZED: 401, PROXY_AUTH_REQUIRED: 407, FORBIDDEN: 403, OK: 200, }; constructor(dbService: IDatabaseService) { this.databaseService = dbService; } private async addUser(username: string, password: string): Promise<void> { const salt = await bcrypt.genSalt(10); const auth = this.databaseService.getData().auth; auth[username] = { passwordHash: await bcrypt.hash(password, salt), }; await this.databaseService.save({ auth }); } private async isAuthenticated(authHeader: string): Promise<boolean> { const [method, credentials] = authHeader.split(" "); if (method !== "Basic") return false; const [username, password] = Buffer.from(credentials, "base64") .toString() .split(":"); const user = this.databaseService.getData().auth?.[username]; if (!user) return false; return bcrypt.compare(password, user.passwordHash); } private async handleAuth( authHeader: string | undefined, isProxyAuth: boolean, ): Promise<AuthResponse> { if (!authHeader) { return { isAuthenticated: false, code: isProxyAuth ? this.statusCode.PROXY_AUTH_REQUIRED : this.statusCode.UNAUTHORIZED, message: "Authentication Required\r\n\r\n", }; } const isAuthenticated = await this.isAuthenticated(authHeader); return { isAuthenticated, code: isAuthenticated ? this.statusCode.OK : this.statusCode.FORBIDDEN, message: `${isAuthenticated ? "OK" : "Invalid credentials"}\r\n\r\n}`, }; } async initialize(): Promise<void> { if (process.env.ADMIN_USERNAME && process.env.ADMIN_PASSWORD) { await this.addUser( process.env.ADMIN_USERNAME, process.env.ADMIN_PASSWORD, ); } } async proxyAuth( req: express.Request | http.IncomingMessage, res?: express.Response, ): Promise<AuthResponse> { res?.setHeader("Proxy-Authenticate", "Basic"); return this.handleAuth(req.headers["proxy-authorization"], true); } async endpointAuth( req: express.Request, res: express.Response, ): Promise<AuthResponse> { res.setHeader("WWW-Authenticate", "Basic"); return this.handleAuth(req.headers["authorization"], false); } }