Merge pull request #254 from openstf/optional-basic-auth-in-auth-mock

Add optional basic authentication in auth-mock
2025-10-04 10:19:30 +02:00 · 2016-02-03 15:59:06 +09:00 · 2016-02-03 15:59:06 +09:00 · a6e783ed1d
commit a6e783ed1d
parent 97269b3aa8 0fa080d5cb
3 changed files with 45 additions and 0 deletions
--- a/lib/cli.js
+++ b/lib/cli.js
@ -557,6 +557,16 @@ program
  .option('-a, --app-url <url>'
    , 'URL to app'
    , String)
+  .option('--use-basic-auth'
+    , 'Whether to use basic authentication for login or not')
+  .option('--basic-auth-username <username>'
+    , 'Basic Auth Username (or $BASIC_AUTH_USERNAME)'
+    , String
+    , process.env.BASIC_AUTH_USERNAME || 'username')
+  .option('--basic-auth-password <password>'
+    , 'Basic Auth Password (or $BASIC_AUTH_PASSWORD)'
+    , String
+    , process.env.BASIC_AUTH_PASSWORD || 'password')
  .action(function(options) {
    if (!options.secret) {
      this.missingArgument('--secret')
@ -570,6 +580,13 @@ program
    , secret: options.secret
    , ssid: options.ssid
    , appUrl: options.appUrl
+    , mock: {
+        useBasicAuth: options.useBasicAuth
+      , basicAuth: {
+          username: options.basicAuthUsername
+        , password: options.basicAuthPassword
+        }
+      }
    })
  })

--- a/lib/units/auth/mock.js
+++ b/lib/units/auth/mock.js
@ -7,6 +7,7 @@ var bodyParser = require('body-parser')
 var serveStatic = require('serve-static')
 var csrf = require('csurf')
 var Promise = require('bluebird')
+var basicAuth = require('basic-auth')

 var logger = require('../../util/logger')
 var requtil = require('../../util/requtil')
@ -28,6 +29,28 @@ module.exports = function(options) {
      })
  })

+  // BasicAuth Middleware
+  var basicAuthMiddleware = function(req, res, next) {
+    function unauthorized(res) {
+      res.set('WWW-Authenticate', 'Basic realm=Authorization Required')
+      return res.send(401)
+    }
+
+    var user = basicAuth(req)
+
+    if (!user || !user.name || !user.pass) {
+      return unauthorized(res)
+    }
+
+    if (user.name === options.mock.basicAuth.username &&
+        user.pass === options.mock.basicAuth.password) {
+      return next()
+    }
+    else {
+      return unauthorized(res)
+    }
+  }
+
  app.set('view engine', 'jade')
  app.set('views', pathutil.resource('auth/mock/views'))
  app.set('strict routing', true)
@ -49,6 +72,10 @@ module.exports = function(options) {
    next()
  })

+  if (options.mock.useBasicAuth) {
+    app.use(basicAuthMiddleware)
+  }
+
  app.get('/', function(req, res) {
    res.redirect('/auth/mock/')
  })
--- a/package.json
+++ b/package.json
@ -34,6 +34,7 @@
    "adbkit-apkreader": "^1.0.0",
    "adbkit-monkey": "^1.0.1",
    "aws-sdk": "^2.2.3",
+    "basic-auth": "^1.0.3",
    "bluebird": "^2.9.34",
    "body-parser": "^1.13.3",
    "bufferutil": "^1.2.1",