Merge branch 'issue241' of git://github.com/alx/etherpad-lite into httpAuth
This commit is contained in:
Peter 'Pita' Martischka
commit
a4eef2780e
|
|
@ -92,6 +92,9 @@ async.waterfall([
|
||||||
var httpLogger = log4js.getLogger("http");
|
var httpLogger = log4js.getLogger("http");
|
||||||
app.configure(function()
|
app.configure(function()
|
||||||
{
|
{
|
||||||
|
// Activate http basic auth if it has been defined in settings.json
|
||||||
|
if(settings.httpAuth != null) app.use(basic_auth);
|
||||||
|
|
||||||
// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
|
// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
|
||||||
// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
|
// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
|
||||||
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
|
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
|
||||||
|
|
@ -151,6 +154,26 @@ async.waterfall([
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//checks for basic http auth
|
||||||
|
function basic_auth (req, res, next) {
|
||||||
|
if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
|
||||||
|
// fetch login and password
|
||||||
|
if (new Buffer(req.headers.authorization.split(' ')[1], 'base64').toString() == settings.httpAuth) {
|
||||||
|
next();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
|
||||||
|
if (req.headers.authorization) {
|
||||||
|
setTimeout(function () {
|
||||||
|
res.send('Authentication required', 401);
|
||||||
|
}, 5000);
|
||||||
|
} else {
|
||||||
|
res.send('Authentication required', 401);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
//serve read only pad
|
//serve read only pad
|
||||||
app.get('/ro/:id', function(req, res)
|
app.get('/ro/:id', function(req, res)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -68,6 +68,11 @@ exports.abiword = null;
|
||||||
*/
|
*/
|
||||||
exports.loglevel = "INFO";
|
exports.loglevel = "INFO";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Http basic auth, with "user:password" format
|
||||||
|
*/
|
||||||
|
exports.httpAuth = null;
|
||||||
|
|
||||||
//read the settings sync
|
//read the settings sync
|
||||||
var settingsStr = fs.readFileSync("../settings.json").toString();
|
var settingsStr = fs.readFileSync("../settings.json").toString();
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -43,6 +43,9 @@
|
||||||
Abiword is needed to enable the import/export of pads*/
|
Abiword is needed to enable the import/export of pads*/
|
||||||
"abiword" : null,
|
"abiword" : null,
|
||||||
|
|
||||||
|
/* This setting is used if you need http basic auth */
|
||||||
|
// "httpAuth" : "user:pass",
|
||||||
|
|
||||||
/* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
|
/* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
|
||||||
"loglevel": "INFO"
|
"loglevel": "INFO"
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue