smc-hub
Version:
CoCalc: Backend webserver component
65 lines • 2.2 kB
JavaScript
;
/*
* This file is part of CoCalc: Copyright © 2020 Sagemath, Inc.
* License: AGPLv3 s.t. "Commons Clause" – see LICENSE.md for details
*/
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.is_authenticated = void 0;
/*
Authentication.
*/
var immutable_1 = require("immutable");
var basic_auth_1 = __importDefault(require("basic-auth"));
var password_hash_1 = require("password-hash");
var misc_1 = require("smc-util/misc");
function is_authenticated(opts) {
if (opts.auth == null) {
return true; // no authentication needed
}
// strip any /'s from beginning of opts.path (auth path's are assumed relative)
while (opts.path[0] === "/") {
opts.path = opts.path.slice(1);
}
var auth_info = undefined;
opts.auth.forEach(function (info, path) {
if (misc_1.startswith(opts.path, path)) {
auth_info = info;
return false;
}
}); // break
if (auth_info == null) {
// don't need auth for this path
return true;
}
if (!immutable_1.List.isList(auth_info)) {
opts.res.statusCode = 401;
opts.res.end("auth is misconfigured -- invalid auth field in the public_paths database.");
return false;
}
var credentials = basic_auth_1.default(opts.req);
var fail = true;
if (credentials != null && credentials.name && credentials.pass) {
for (var i = 0; i < auth_info.size; i++) {
var x = auth_info.get(i);
if (x.get("name") === credentials.name) {
if (password_hash_1.verify(credentials.pass, x.get("pass"))) {
fail = false;
}
break;
}
}
}
if (fail) {
opts.res.statusCode = 401;
opts.res.setHeader("WWW-Authenticate", 'Basic realm="cocalc.com"');
opts.res.end("Access denied");
return false;
}
// access granted
return true;
}
exports.is_authenticated = is_authenticated;
//# sourceMappingURL=authenticate.js.map