UNPKG

hono

Version:

Web framework built on Web Standards

hono.dev

honojs/hono

93 lines (92 loc) 3.34 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); var basic_auth_exports = {}; __export(basic_auth_exports, { basicAuth: () => basicAuth }); module.exports = __toCommonJS(basic_auth_exports); var import_http_exception = require("../../http-exception"); var import_buffer = require("../../utils/buffer"); var import_encode = require("../../utils/encode"); const CREDENTIALS_REGEXP = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9._~+/-]+=*) *$/; const USER_PASS_REGEXP = /^([^:]*):(.*)$/; const utf8Decoder = new TextDecoder(); const auth = (req) => { const match = CREDENTIALS_REGEXP.exec(req.header("Authorization") || ""); if (!match) { return void 0; } let userPass = void 0; try { userPass = USER_PASS_REGEXP.exec(utf8Decoder.decode((0, import_encode.decodeBase64)(match[1]))); } catch { } if (!userPass) { return void 0; } return { username: userPass[1], password: userPass[2] }; }; const basicAuth = (options, ...users) => { const usernamePasswordInOptions = "username" in options && "password" in options; const verifyUserInOptions = "verifyUser" in options; if (!(usernamePasswordInOptions || verifyUserInOptions)) { throw new Error( 'basic auth middleware requires options for "username and password" or "verifyUser"' ); } if (!options.realm) { options.realm = "Secure Area"; } if (usernamePasswordInOptions) { users.unshift({ username: options.username, password: options.password }); } return async function basicAuth2(ctx, next) { const requestUser = auth(ctx.req); if (requestUser) { if (verifyUserInOptions) { if (await options.verifyUser(requestUser.username, requestUser.password, ctx)) { await next(); return; } } else { for (const user of users) { const [usernameEqual, passwordEqual] = await Promise.all([ (0, import_buffer.timingSafeEqual)(user.username, requestUser.username, options.hashFunction), (0, import_buffer.timingSafeEqual)(user.password, requestUser.password, options.hashFunction) ]); if (usernameEqual && passwordEqual) { await next(); return; } } } } const res = new Response("Unauthorized", { status: 401, headers: { "WWW-Authenticate": 'Basic realm="' + options.realm?.replace(/"/g, '\\"') + '"' } }); throw new import_http_exception.HTTPException(401, { res }); }; }; // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { basicAuth });