How to use the http-auth.connect function in http-auth

To help you get started, we’ve selected a few http-auth examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github twitterdev / account-activity-dashboard / helpers / auth.js View on Github external
// twitter info
auth.twitter_oauth = {
  consumer_key: process.env.TWITTER_CONSUMER_KEY,
  consumer_secret: process.env.TWITTER_CONSUMER_SECRET,
  token: process.env.TWITTER_ACCESS_TOKEN,
  token_secret: process.env.TWITTER_ACCESS_TOKEN_SECRET
}
auth.twitter_webhook_environment = process.env.TWITTER_WEBHOOK_ENV


// basic auth middleware for express

if (typeof process.env.BASIC_AUTH_USER !== 'undefined' &&
  typeof process.env.BASIC_AUTH_PASSWORD !== 'undefined') {
    auth.basic = httpAuth.connect(httpAuth.basic({
        realm: 'admin-dashboard'
    }, function(username, password, callback) {
        callback(username === process.env.BASIC_AUTH_USER && password === process.env.BASIC_AUTH_PASSWORD)
    }))
} else {
  console.warn([
    'Your admin dashboard is accessible by everybody.',
    'To restrict access, setup BASIC_AUTH_USER and BASIC_AUTH_PASSWORD',
    'as environment variables.',
    ].join(' '))
}


// csrf protection middleware for express
auth.csrf = require('csurf')()
github Sotera / Datawake-Legacy / ForensicDemoServer / server.js View on Github external
}
        }
    }
});


// Application setup.
var app = express();
if (bUseAuth) {
    console.log('Starting with basic authentication');
    var basic = auth.basic({
            realm: 'Datawake Forensic',
            file: './.htpassword'
        }
    );
    app.use(auth.connect(basic));
} else {
    console.log('Starting with no authentication');
}

// Setup route.
app.use('/',express.static('../server/forensic_v2'));
app.listen(port);
console.log('Listening on port ' + port);
github IBM-Cloud / openwhisk-darkvisionapp / web / app.js View on Github external
app.use(compression());

const upload = multer({
  dest: 'uploads/'
});

// Upload areas and reset/delete for videos and images can be protected by basic authentication
// by configuring ADMIN_USERNAME and ADMIN_PASSWORD environment variables.
const basic = auth.basic({
  realm: 'Adminstrative Area'
}, (username, password, callback) => { // Custom authentication method.
    // Authentication is configured through environment variables.
    // If there are not set, upload is open to all users.
  callback(username === process.env.ADMIN_USERNAME && password === process.env.ADMIN_PASSWORD);
});
const authenticator = auth.connect(basic);
const checkForAuthentication = (req, res, next) => {
  if (process.env.ADMIN_USERNAME) {
    console.log('Authenticating call...');
    authenticator(req, res, next);
  } else {
    console.log('No authentication configured');
    next();
  }
};

// initialize local VCAP configuration
let vcapLocal = null;
if (!fs.existsSync('../local.env')) {
  console.log('No local.env defined. VCAP_SERVICES will be used.');
} else {
  try {
github odota / core / yasp.js View on Github external
}, function(err, user) {
        done(err, user);
    });
});
passport.use(new SteamStrategy({
    returnURL: host + '/return',
    realm: host,
    apiKey: api_key
}, utility.initializeUser));
var basic = auth.basic({
    realm: "Kue"
}, function(username, password, callback) { // Custom authentication method.
    callback(username === (process.env.KUE_USER || "user") && password === (process.env.KUE_PASS || "pass"));
});
app.use(compression());
app.use("/kue", auth.connect(basic));
app.use("/kue", kue.app);
app.use("/public", express.static(path.join(__dirname, '/public')));
app.use(session({
    store: new RedisStore({
        client: redis
    }),
    secret: process.env.SESSION_SECRET,
    resave: false,
    saveUninitialized: false
}));
app.use(passport.initialize());
app.use(passport.session());
app.use(bodyParser.urlencoded({
    extended: false
}));
app.use(function(req, res, next) {
github davidmerfield / Blot / app / clients / git / authenticate.js View on Github external
var auth = require("http-auth");
var Blog = require("blog");
var User = require("user");
var database = require("./database");

module.exports = auth.connect(
  // Beware that req as fourth argument might not be reliable:
  // https://github.com/http-auth/http-auth/pull/67#issuecomment-244306701
  auth.basic({ realm: "Git" }, function(email, token, callback, req) {
    User.getByEmail(email, function(err, user) {
      // There is no user with this email address
      if (err || !user) {
        return callback(false);
      }

      database.checkToken(user.uid, token, function(err, valid) {
        // The token is bad
        if (err || !valid) return callback(false);

        // User is attempting to push or pull another user's repo
        Blog.get({ handle: req.params.gitHandle }, function(err, blog) {
          // There is no blog with this handle
github vincentbernat / dashkiosk / lib / express.js View on Github external
}

// Logging
logger.express.access(app);
logger.express.error(app);

// Authentication
if (config.get('auth:enabled')) {
  var basic = auth.basic({
    realm: config.get('auth:realm')
  }, function(username, password, callback) {
    // Custom authentication method.
    callback(username === config.get('auth:username') &&
             password === config.get('auth:password'));
  });
  app.use(auth.connect(basic));
}

// Asset handling
var assets = {};
try {
  assets = require('../assets.json');
} catch (e) {}


// Configure Mustache for templating
var mustacheLocals = {
  branding: config.get('branding'),
  version: version,
  unassigned: fs.readdirSync(path.join(config.get('path:static'), 'images', 'unassigned')),
  grade: 'medium',
  asset: function() {
github JCMais / node-libcurl / test / curl / optionHttpAuth.spec.ts View on Github external
it('should not authenticate using basic', done => {
    app.use(auth.connect(basic))
    app.get('/', (req, res) => {
      res.send(req.user)
    })

    curl.setOpt('HTTPAUTH', CurlAuth.AnySafe)
    curl.setOpt('USERNAME', username)
    curl.setOpt('PASSWORD', password)

    curl.on('end', status => {
      status.should.be.equal(401)

      done()
    })

    curl.on('error', done)
github liamcottam / place / routes / admin.js View on Github external
app.boardData[position] = data.charCodeAt(position);
          }
        }

        app.needWrite = true;
        app.websocket.emit('force-sync');
        res.sendStatus(200);
      }
    });
  });

  router.get('/backup/:filename', auth.connect(basic), (req, res) => {
    res.sendFile(path.join(__dirname, '../backups', req.params.filename));
  });

  router.post('/announce', auth.connect(basic), (req, res) => {
    app.websocket.emit('alert', req.body.message);
    res.sendStatus(200);
  });

  router.post('/delete', auth.connect(basic), (req, res) => {
    let obj = {
      start: {
        x: parseInt(req.body.startx),
        y: parseInt(req.body.starty)
      },
      end: {
        x: parseInt(req.body.endx),
        y: parseInt(req.body.endy)
      }
    }
github datosgobar / consulta-publica / lib / setup / index.js View on Github external
app.set('config', config)

  /**
   * Basic HTTP-Auth restriction middleware
   * for production access only.
   */

  if (config.auth.basic.username) {
    const basic = auth.basic({
      authRealm: 'Authentication required'
    }, (username, password, cb) => {
      cb(username === config.auth.basic.username &&
         password === config.auth.basic.password)
    })

    app.use(auth.connect(basic))
  }

  /**
   * Load endpoint for CertBot certificate validation
   */

  app.use(certbotEndpoint(config.certbot))

  /**
   * Set `public-assets` default path
   */

  app.use(express.static(path.resolve('public')))

  app.use(bodyParser.urlencoded({ extended: true }))
  app.use(bodyParser.json())
github simplyboo6 / Vimtur / server / src / utils / index.ts View on Github external
export function authConnector(
  req: Express.Request,
  res: Express.Response,
  next: Express.NextFunction,
): void {
  if (Config.get().username && Config.get().password) {
    const basicAuth = Auth.basic(
      { realm: 'Vimtur Media Manager' },
      (username: string, password: string, callback: (result: boolean) => void) => {
        callback(username === Config.get().username && password === Config.get().password);
      },
    );
    return Auth.connect(basicAuth)(req, res, next);
  }
  next();
}

http-auth

Node.js package for HTTP basic and digest access authentication.

MIT
Latest version published 2 years ago

Package Health Score

56 / 100
Full package analysis