mirror of
https://github.com/ether/etherpad-lite.git
synced 2025-04-21 16:06:16 -04:00
webaccess: Whitespace fixes
This commit is contained in:
Richard Hansen
John McLear
parent
f0b7dc7c53
commit
e82a3055e6
1 changed files with 20 additions and 20 deletions
|
|
@ -8,15 +8,15 @@ var stats = require('ep_etherpad-lite/node/stats');
|
||||||
var sessionModule = require('express-session');
|
var sessionModule = require('express-session');
|
||||||
var cookieParser = require('cookie-parser');
|
var cookieParser = require('cookie-parser');
|
||||||
|
|
||||||
//checks for basic http auth
|
// checks for basic http auth
|
||||||
exports.basicAuth = function (req, res, next) {
|
exports.basicAuth = function(req, res, next) {
|
||||||
var hookResultMangle = function (cb) {
|
var hookResultMangle = function(cb) {
|
||||||
return function (err, data) {
|
return function(err, data) {
|
||||||
return cb(!err && data.length && data[0]);
|
return cb(!err && data.length && data[0]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
var authorize = function (cb) {
|
var authorize = function(cb) {
|
||||||
// Do not require auth for static paths and the API...this could be a bit brittle
|
// Do not require auth for static paths and the API...this could be a bit brittle
|
||||||
if (req.path.match(/^\/(static|javascripts|pluginfw|api)/)) return cb(true);
|
if (req.path.match(/^\/(static|javascripts|pluginfw|api)/)) return cb(true);
|
||||||
|
|
||||||
|
|
@ -27,10 +27,10 @@ exports.basicAuth = function (req, res, next) {
|
||||||
|
|
||||||
if (req.session && req.session.user && req.session.user.is_admin) return cb(true);
|
if (req.session && req.session.user && req.session.user.is_admin) return cb(true);
|
||||||
|
|
||||||
hooks.aCallFirst("authorize", {req: req, res:res, next:next, resource: req.path}, hookResultMangle(cb));
|
hooks.aCallFirst("authorize", {req: req, res: res, next: next, resource: req.path}, hookResultMangle(cb));
|
||||||
}
|
}
|
||||||
|
|
||||||
var authenticate = function (cb) {
|
var authenticate = function(cb) {
|
||||||
// If auth headers are present use them to authenticate...
|
// If auth headers are present use them to authenticate...
|
||||||
if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
|
if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
|
||||||
var userpass = Buffer.from(req.headers.authorization.split(' ')[1], 'base64').toString().split(":")
|
var userpass = Buffer.from(req.headers.authorization.split(' ')[1], 'base64').toString().split(":")
|
||||||
|
|
@ -51,22 +51,22 @@ exports.basicAuth = function (req, res, next) {
|
||||||
req.session.user = settings.users[username];
|
req.session.user = settings.users[username];
|
||||||
return cb(true);
|
return cb(true);
|
||||||
};
|
};
|
||||||
return hooks.aCallFirst("authenticate", {req: req, res:res, next:next, username: username, password: password}, hookResultMangle(fallback));
|
return hooks.aCallFirst("authenticate", {req: req, res: res, next: next, username: username, password: password}, hookResultMangle(fallback));
|
||||||
}
|
}
|
||||||
hooks.aCallFirst("authenticate", {req: req, res:res, next:next}, hookResultMangle(cb));
|
hooks.aCallFirst("authenticate", {req: req, res: res, next: next}, hookResultMangle(cb));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Authentication OR authorization failed. */
|
/* Authentication OR authorization failed. */
|
||||||
var failure = function () {
|
var failure = function() {
|
||||||
return hooks.aCallFirst("authFailure", {req: req, res:res, next:next}, hookResultMangle(function (ok) {
|
return hooks.aCallFirst("authFailure", {req: req, res: res, next: next}, hookResultMangle(function(ok) {
|
||||||
if (ok) return;
|
if (ok) return;
|
||||||
/* No plugin handler for invalid auth. Return Auth required
|
/* No plugin handler for invalid auth. Return Auth required
|
||||||
* Headers, delayed for 1 second, if authentication failed
|
* Headers, delayed for 1 second, if authentication failed
|
||||||
* before. */
|
* before. */
|
||||||
res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
|
res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
|
||||||
if (req.headers.authorization) {
|
if (req.headers.authorization) {
|
||||||
setTimeout(function () {
|
setTimeout(function() {
|
||||||
res.status(401).send('Authentication required');
|
res.status(401).send('Authentication required');
|
||||||
}, 1000);
|
}, 1000);
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -87,11 +87,11 @@ exports.basicAuth = function (req, res, next) {
|
||||||
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
authorize(function (ok) {
|
authorize(function(ok) {
|
||||||
if (ok) return next();
|
if (ok) return next();
|
||||||
authenticate(function (ok) {
|
authenticate(function(ok) {
|
||||||
if (!ok) return failure();
|
if (!ok) return failure();
|
||||||
authorize(function (ok) {
|
authorize(function(ok) {
|
||||||
if (ok) return next();
|
if (ok) return next();
|
||||||
failure();
|
failure();
|
||||||
});
|
});
|
||||||
|
|
@ -101,7 +101,7 @@ exports.basicAuth = function (req, res, next) {
|
||||||
|
|
||||||
exports.secret = null;
|
exports.secret = null;
|
||||||
|
|
||||||
exports.expressConfigure = function (hook_name, args, cb) {
|
exports.expressConfigure = function(hook_name, args, cb) {
|
||||||
// Measure response time
|
// Measure response time
|
||||||
args.app.use(function(req, res, next) {
|
args.app.use(function(req, res, next) {
|
||||||
var stopWatch = stats.timer('httpRequests').start();
|
var stopWatch = stats.timer('httpRequests').start();
|
||||||
|
|
@ -116,7 +116,7 @@ exports.expressConfigure = function (hook_name, args, cb) {
|
||||||
// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
|
// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
|
||||||
// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
|
// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
|
||||||
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
|
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
|
||||||
args.app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.DEBUG, format: ':status, :method :url'}));
|
args.app.use(log4js.connectLogger(httpLogger, {level: log4js.levels.DEBUG, format: ':status, :method :url'}));
|
||||||
|
|
||||||
/* Do not let express create the session, so that we can retain a
|
/* Do not let express create the session, so that we can retain a
|
||||||
* reference to it for socket.io to use. Also, set the key (cookie
|
* reference to it for socket.io to use. Also, set the key (cookie
|
||||||
|
|
@ -128,9 +128,9 @@ exports.expressConfigure = function (hook_name, args, cb) {
|
||||||
exports.secret = settings.sessionKey;
|
exports.secret = settings.sessionKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(settings.ssl){
|
if (settings.ssl) {
|
||||||
var sameSite = "Strict";
|
var sameSite = "Strict";
|
||||||
}else{
|
} else {
|
||||||
var sameSite = "Lax";
|
var sameSite = "Lax";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue