haste-server/node_modules/connect/lib/middleware/basicAuth.js


/*!
 * Connect - basicAuth
 * Copyright(c) 2010 Sencha Inc.
 * Copyright(c) 2011 TJ Holowaychuk
 * MIT Licensed
 */

/**
 * Module dependencies.
 */

var utils = require('../utils')
  , unauthorized = utils.unauthorized
  , badRequest = utils.badRequest;

/**
 * Enfore basic authentication by providing a `callback(user, pass)`,
 * which must return `true` in order to gain access. Alternatively an async
 * method is provided as well, invoking `callback(user, pass, callback)`. Populates
 * `req.remoteUser`. The final alternative is simply passing username / password
 * strings.
 *
 * Examples:
 *
 *     connect(connect.basicAuth('username', 'password'));
 *
 *     connect(
 *       connect.basicAuth(function(user, pass){
 *         return 'tj' == user & 'wahoo' == pass;
 *       })
 *     );
 *
 *     connect(
 *       connect.basicAuth(function(user, pass, fn){
 *         User.authenticate({ user: user, pass: pass }, fn);
 *       })
 *     );
 *
 * @param {Function|String} callback or username
 * @param {String} realm
 * @api public
 */

module.exports = function basicAuth(callback, realm) {
  var username, password;

  // user / pass strings
  if ('string' == typeof callback) {
    username = callback;
    password = realm;
    if ('string' != typeof password) throw new Error('password argument required');
    realm = arguments[2];
    callback = function(user, pass){
      return user == username && pass == password;
    }
  }

  realm = realm || 'Authorization Required';

  return function(req, res, next) {
    var authorization = req.headers.authorization;

    if (req.remoteUser) return next();
    if (!authorization) return unauthorized(res, realm);

    var parts = authorization.split(' ')
      , scheme = parts[0]
      , credentials = new Buffer(parts[1], 'base64').toString().split(':');

    if ('Basic' != scheme) return badRequest(res);

    // async
    if (callback.length >= 3) {
      var pause = utils.pause(req);
      callback(credentials[0], credentials[1], function(err, user){
        if (err || !user)  return unauthorized(res, realm);
        req.remoteUser = user;
        next();
        pause.resume();
      });
    // sync
    } else {
      if (callback(credentials[0], credentials[1])) {
        req.remoteUser = credentials[0];
        next();
      } else {
        unauthorized(res, realm);
      }
    }
  }
};
Added node modules 2012-02-06 19:09:01 +00:00
			`/*!`
			`* Connect - basicAuth`
			`* Copyright(c) 2010 Sencha Inc.`
			`* Copyright(c) 2011 TJ Holowaychuk`
			`* MIT Licensed`
			`*/`

			`/**`
			`* Module dependencies.`
			`*/`

			`var utils = require('../utils')`
			`, unauthorized = utils.unauthorized`
			`, badRequest = utils.badRequest;`

			`/**`
			* Enfore basic authentication by providing a `callback(user, pass)`,
			* which must return `true` in order to gain access. Alternatively an async
			* method is provided as well, invoking `callback(user, pass, callback)`. Populates
			* `req.remoteUser`. The final alternative is simply passing username / password
			`* strings.`
			`*`
			`* Examples:`
			`*`
			`* connect(connect.basicAuth('username', 'password'));`
			`*`
			`* connect(`
			`* connect.basicAuth(function(user, pass){`
			`* return 'tj' == user & 'wahoo' == pass;`
			`* })`
			`* );`
			`*`
			`* connect(`
			`* connect.basicAuth(function(user, pass, fn){`
			`* User.authenticate({ user: user, pass: pass }, fn);`
			`* })`
			`* );`
			`*`
			`* @param {Function\|String} callback or username`
			`* @param {String} realm`
			`* @api public`
			`*/`

			`module.exports = function basicAuth(callback, realm) {`
			`var username, password;`

			`// user / pass strings`
			`if ('string' == typeof callback) {`
			`username = callback;`
			`password = realm;`
			`if ('string' != typeof password) throw new Error('password argument required');`
			`realm = arguments[2];`
			`callback = function(user, pass){`
			`return user == username && pass == password;`
			`}`
			`}`

			`realm = realm \|\| 'Authorization Required';`

			`return function(req, res, next) {`
			`var authorization = req.headers.authorization;`

			`if (req.remoteUser) return next();`
			`if (!authorization) return unauthorized(res, realm);`

			`var parts = authorization.split(' ')`
			`, scheme = parts[0]`
			`, credentials = new Buffer(parts[1], 'base64').toString().split(':');`

			`if ('Basic' != scheme) return badRequest(res);`

			`// async`
			`if (callback.length >= 3) {`
			`var pause = utils.pause(req);`
			`callback(credentials[0], credentials[1], function(err, user){`
			`if (err \|\| !user) return unauthorized(res, realm);`
			`req.remoteUser = user;`
			`next();`
			`pause.resume();`
			`});`
			`// sync`
			`} else {`
			`if (callback(credentials[0], credentials[1])) {`
			`req.remoteUser = credentials[0];`
			`next();`
			`} else {`
			`unauthorized(res, realm);`
			`}`
			`}`
			`}`
			`};`