mongorai
Version:
Light MongoDB client for the web. Minimalistic UI used React with minimum dependencies.
47 lines (46 loc) • 1.49 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.basicAuth = void 0;
const SETTED_PASS = process.env.MONGORAI_PASS ?? 'default-pass';
const basicAuth = (req, res, next) => {
const authEnabled = process.env.MONGORAI_ENABLE_AUTH === 'true';
if (!authEnabled) {
return next();
}
const authHeader = req.headers.authorization;
if (!authHeader) {
return sendUnauthorized(res, next);
}
const [authType, credentials] = authHeader.split(' ');
if (authType !== 'Basic' || !credentials) {
return sendUnauthorized(res, next);
}
try {
const decoded = Buffer.from(credentials, 'base64').toString('utf-8');
const [user, pass] = decoded.split(':');
if (!user || !pass) {
return sendUnauthorized(res, next);
}
if (user === 'mongorai' && pass === SETTED_PASS) {
return next();
}
return sendUnauthorized(res, next);
}
catch (error) {
const err = new Error('Invalid authentication format');
err.status = 400;
return next(err);
}
};
exports.basicAuth = basicAuth;
function sendUnauthorized(res, next) {
if (res.headersSent) {
const err = new Error('Authentication required');
err.status = 401;
return next(err);
}
res.setHeader('WWW-Authenticate', 'Basic');
const err = new Error('You are not authenticated');
err.status = 401;
return next(err);
}