dox-foundation-demo node_modules/express/node_modules/connect/lib/middleware/basicAuth.js

utils

declaration
utils

    Description

    Module dependencies.

    Source

    var utils = require('../utils')
      , unauthorized = utils.unauthorized;

    exports

    method
    module.exports()
    • @param: {Function,String}callbackor username
    • @param: {String}realm

    Description

    Basic Auth:

    Enfore basic authentication by providing a callback(user, pass),
    which must return true in order to gain access. Alternatively an async
    method is provided as well, invoking callback(user, pass, callback). Populates
    req.user. The final alternative is simply passing username / password
    strings.

    Simple username and password

    connect(connect.basicAuth('username', 'password'));
    

    Callback verification

    connect()
      .use(connect.basicAuth(function(user, pass){
        return 'tj' == user & 'wahoo' == pass;
      }))
    

    Async callback verification, accepting fn(err, user).

    connect()
      .use(connect.basicAuth(function(user, pass, fn){
        User.authenticate({ user: user, pass: pass }, fn);
      }))
    

    Source

    module.exports = function basicAuth(callback, realm) {
      var username, password;
    
      // user / pass strings
      if ('string' == typeof callback) {
        username = callback;
        password = realm;
        if ('string' != typeof password) throw new Error('password argument required');
        realm = arguments[2];
        callback = function(user, pass){
          return user == username && pass == password;
        }
      }
    
      realm = realm || 'Authorization Required';
    
      return function(req, res, next) {
        var authorization = req.headers.authorization;
    
        if (req.user) return next();
        if (!authorization) return unauthorized(res, realm);
    
        var parts = authorization.split(' ');
    
        if (parts.length !== 2) return next(utils.error(400));
    
        var scheme = parts[0]
          , credentials = new Buffer(parts[1], 'base64').toString()
          , index = credentials.indexOf(':');
    
        if ('Basic' != scheme || index < 0) return next(utils.error(400));
        
        var user = credentials.slice(0, index)
          , pass = credentials.slice(index + 1);
    
        // async
        if (callback.length >= 3) {
          var pause = utils.pause(req);
          callback(user, pass, function(err, user){
            if (err || !user)  return unauthorized(res, realm);
            req.user = req.remoteUser = user;
            next();
            pause.resume();
          });
        // sync
        } else {
          if (callback(user, pass)) {
            req.user = req.remoteUser = user;
            next();
          } else {
            unauthorized(res, realm);
          }
        }
      }
    };