UNPKG

passport-http

Version:

HTTP Basic and Digest authentication strategies for Passport.

github.com/jaredhanson/passport-http

jaredhanson/passport-http

115 lines (99 loc) 3.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
/** * Module dependencies. */ var passport = require('passport-strategy') , util = require('util'); /** * `BasicStrategy` constructor. * * The HTTP Basic authentication strategy authenticates requests based on * userid and password credentials contained in the `Authorization` header * field. * * Applications must supply a `verify` callback which accepts `userid` and * `password` credentials, and then calls the `done` callback supplying a * `user`, which should be set to `false` if the credentials are not valid. * If an exception occured, `err` should be set. * * Optionally, `options` can be used to change the authentication realm. * * Options: * - `realm` authentication realm, defaults to "Users" * * Examples: * * passport.use(new BasicStrategy( * function(userid, password, done) { * User.findOne({ username: userid, password: password }, function (err, user) { * done(err, user); * }); * } * )); * * For further details on HTTP Basic authentication, refer to [RFC 2617: HTTP Authentication: Basic and Digest Access Authentication](http://tools.ietf.org/html/rfc2617) * * @param {Object} options * @param {Function} verify * @api public */ function BasicStrategy(options, verify) { if (typeof options == 'function') { verify = options; options = {}; } if (!verify) throw new Error('HTTP Basic authentication strategy requires a verify function'); passport.Strategy.call(this); this.name = 'basic'; this._verify = verify; this._realm = options.realm || 'Users'; this._passReqToCallback = options.passReqToCallback; } /** * Inherit from `passport.Strategy`. */ util.inherits(BasicStrategy, passport.Strategy); /** * Authenticate request based on the contents of a HTTP Basic authorization * header. * * @param {Object} req * @api protected */ BasicStrategy.prototype.authenticate = function(req) { var authorization = req.headers['authorization']; if (!authorization) { return this.fail(this._challenge()); } var parts = authorization.split(' ') if (parts.length < 2) { return this.fail(400); } var scheme = parts[0] , credentials = new Buffer(parts[1], 'base64').toString().split(':'); if (!/Basic/i.test(scheme)) { return this.fail(this._challenge()); } if (credentials.length < 2) { return this.fail(400); } var userid = credentials[0]; var password = credentials[1]; if (!userid || !password) { return this.fail(this._challenge()); } var self = this; function verified(err, user) { if (err) { return self.error(err); } if (!user) { return self.fail(self._challenge()); } self.success(user); } if (self._passReqToCallback) { this._verify(req, userid, password, verified); } else { this._verify(userid, password, verified); } } /** * Authentication challenge. * * @api private */ BasicStrategy.prototype._challenge = function() { return 'Basic realm="' + this._realm + '"'; } /** * Expose `BasicStrategy`. */ module.exports = BasicStrategy;