p3x-redis-ui-server/dist/lib/http-auth.mjs

🏍️ P3X Redis UI server — Socket.IO backend for the dual Angular + React frontend with AI queries, 54 languages, and auto data decompression

import t from"fs";import r from"crypto";import e from"bcryptjs";const n=t=>{if("boolean"==typeof t)return t;if("string"!=typeof t)return;const r=t.trim().toLowerCase();return!!["1","true","yes","on"].includes(r)||!["0","false","no","off"].includes(r)&&void 0},s=()=>{const t=p3xrs&&p3xrs.cfg&&"object"==typeof p3xrs.cfg?p3xrs.cfg:{},r=t.server&&"object"==typeof t.server.httpAuth?t.server.httpAuth:{},e=t.httpAuth&&"object"==typeof t.httpAuth?t.httpAuth:{},s=Object.assign({},r,e),o="string"==typeof s.username&&s.username.length>0?s.username:"admin",u="string"==typeof s.password?s.password:"",f="string"==typeof s.passwordHash?s.passwordHash.trim():"",a=n(s.enabled),i=u.length>0||f.length>0;return{enabled:void 0===a?i:a,username:o,password:u,passwordHash:f}},o=(t,e)=>{const n=Buffer.from("string"==typeof t?t:"","utf8"),s=Buffer.from("string"==typeof e?e:"","utf8");return n.length===s.length&&r.timingSafeEqual(n,s)},u=({username:t,password:r})=>{const n=s();if(!n.enabled)return!0;if(!o(t,n.username))return!1;if(n.passwordHash.length>0)try{return e.compareSync(r,n.passwordHash)}catch(t){return!1}return n.password.length>0&&o(r,n.password)},f=t=>{if(!s().enabled)return!0;const r=(t=>{if("string"!=typeof t||0===t.length)return null;const r=t.split(" ");if(2!==r.length||"basic"!==r[0].toLowerCase())return null;const e=Buffer.from(r[1],"base64").toString("utf8"),n=e.indexOf(":");return-1===n?null:{username:e.slice(0,n),password:e.slice(n+1)}})(t);return!!r&&u(r)},a=r=>{if("string"!=typeof r||""===r.trim())return"";const e=r.trim();if(!t.existsSync(e))return"";try{return t.readFileSync(e,"utf8").trim()}catch(t){return""}};let i=null;const l=()=>{if(i)return i;const t=s(),e=t.passwordHash||t.password||r.randomBytes(32).toString("hex");return i=r.createHash("sha256").update("p3xrs-jwt-"+e).digest(),i},p=t=>{const e=l(),n={sub:t,iat:Math.floor(Date.now()/1e3),exp:Math.floor(Date.now()/1e3)+86400},s=Buffer.from(JSON.stringify({alg:"HS256",typ:"JWT"})).toString("base64url"),o=Buffer.from(JSON.stringify(n)).toString("base64url");return`${s}.${o}.${r.createHmac("sha256",e).update(`${s}.${o}`).digest("base64url")}`},c=t=>{if("string"!=typeof t||0===t.length)return null;try{const e=l(),n=t.split(".");if(3!==n.length)return null;const[s,o,u]=n,f=r.createHmac("sha256",e).update(`${s}.${o}`).digest("base64url"),a=Buffer.from(u,"utf8"),i=Buffer.from(f,"utf8");if(a.length!==i.length||!r.timingSafeEqual(a,i))return null;const p=JSON.parse(Buffer.from(o,"base64url").toString("utf8"));return p.exp&&p.exp<Math.floor(Date.now()/1e3)?null:p}catch(t){return null}},h=()=>{i=null};export{n as parseBoolean,s as resolveConfiguredHttpAuth,u as verifyCredentials,f as verifyAuthorizationHeader,a as readPasswordHashFromFile,p as createAuthToken,c as verifyAuthToken,h as resetJwtSecret};