Basic auth for admin page
parent
434252a321
commit
e06bf0e991
|
@ -50,6 +50,9 @@
|
|||
/* This setting is used if you need http basic auth */
|
||||
// "httpAuth" : "user:pass",
|
||||
|
||||
/* This setting is used for http basic auth for admin pages */
|
||||
"adminHttpAuth" : "user:pass",
|
||||
|
||||
/* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
|
||||
"loglevel": "INFO",
|
||||
|
||||
|
|
|
@ -6,11 +6,19 @@ var settings = require('../../utils/Settings');
|
|||
|
||||
//checks for basic http auth
|
||||
exports.basicAuth = function (req, res, next) {
|
||||
var pass = settings.httpAuth;
|
||||
if (req.path.indexOf('/admin') == 0) {
|
||||
var pass = settings.adminHttpAuth;
|
||||
}
|
||||
// Just pass if not activated in Activate http basic auth if it has been defined in settings.json
|
||||
if (!pass) {
|
||||
return next();
|
||||
}
|
||||
|
||||
if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
|
||||
// fetch login and password
|
||||
if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() == settings.httpAuth) {
|
||||
next();
|
||||
return;
|
||||
if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() == pass) {
|
||||
return next();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -25,8 +33,7 @@ exports.basicAuth = function (req, res, next) {
|
|||
}
|
||||
|
||||
exports.expressConfigure = function (hook_name, args, cb) {
|
||||
// Activate http basic auth if it has been defined in settings.json
|
||||
if(settings.httpAuth != null) args.app.use(exports.basicAuth);
|
||||
args.app.use(exports.basicAuth);
|
||||
|
||||
// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
|
||||
// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
|
||||
|
|
|
@ -85,6 +85,11 @@ exports.loglevel = "INFO";
|
|||
*/
|
||||
exports.httpAuth = null;
|
||||
|
||||
/**
|
||||
* Http basic auth, with "user:password" format
|
||||
*/
|
||||
exports.adminHttpAuth = null;
|
||||
|
||||
//checks if abiword is avaiable
|
||||
exports.abiwordAvailable = function()
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue