From 3b16b2d58f876f6ab4abcdf8012efb2411504940 Mon Sep 17 00:00:00 2001 From: Sean Fridman Date: Mon, 13 Apr 2015 10:25:46 -0400 Subject: HTTP Digest authentication --- app/node_modules/okadminview/index.js | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'app/node_modules/okadminview/index.js') diff --git a/app/node_modules/okadminview/index.js b/app/node_modules/okadminview/index.js index 897c583..ac633e8 100644 --- a/app/node_modules/okadminview/index.js +++ b/app/node_modules/okadminview/index.js @@ -4,10 +4,22 @@ var bodyParser = require('body-parser'); var methodOverride = require('method-override'); var session = require('express-session'); var flash = require('connect-flash'); +var passport = require('passport'); +var DigestStrategy = require('passport-http').DigestStrategy; var Q = require('q'); var pluralize = require('pluralize'); var OKQuery = require('okquery'); +// Configure auth +passport.use(new DigestStrategy({qop: 'auth'}, + function authenticate(username, done) { + if (!process.env.OK_USER || !process.env.OK_PASS) { + return done(new Error('No user or pass configured on server')); + } else { + return done(null, process.env.OK_USER, process.env.OK_PASS); + } +})); + /** * OKAdminView! */ @@ -100,6 +112,13 @@ function OKAdminView(options) { } })); + var auth = passport.authenticate('digest', {session: false}); + + // This should really be mounted on the router, but can't be due to + // https://github.com/jaredhanson/passport-http/pull/16 + app.use('/_admin/', passport.initialize()); + app.all('/_admin/:path*', auth); + router.get('/', function readIndex(req, res, next) { fetchIndexTemplateData(meta, indexQueries).then(function(data) { view.renderIndex(req, res, assign(data, { -- cgit v1.2.3-70-g09d2