uptime-kuma/server/auth.js

72 lines
1.8 KiB
JavaScript
Raw Normal View History

2021-10-23 08:35:13 +00:00
const basicAuth = require("express-basic-auth");
2021-07-27 17:47:13 +00:00
const passwordHash = require("./password-hash");
const { R } = require("redbean-node");
const { setting } = require("./util-server");
const { debug } = require("../src/util");
2021-10-23 08:35:13 +00:00
const { loginRateLimiter } = require("./rate-limiter");
2021-07-27 16:52:31 +00:00
/**
*
* @param username : string
* @param password : string
* @returns {Promise<Bean|null>}
*/
exports.login = async function (username, password) {
let user = await R.findOne("user", " username = ? AND active = 1 ", [
2021-07-27 17:47:13 +00:00
username,
2021-10-23 08:35:13 +00:00
]);
2021-07-27 16:52:31 +00:00
if (user && passwordHash.verify(password, user.password)) {
// Upgrade the hash to bcrypt
if (passwordHash.needRehash(user.password)) {
await R.exec("UPDATE `user` SET password = ? WHERE id = ? ", [
passwordHash.generate(password),
2021-07-27 17:47:13 +00:00
user.id,
2021-07-27 16:52:31 +00:00
]);
}
return user;
}
2021-07-27 17:47:13 +00:00
return null;
2021-10-23 08:35:13 +00:00
};
2021-07-27 16:52:31 +00:00
function myAuthorizer(username, password, callback) {
// Login Rate Limit
loginRateLimiter.pass(null, 0).then((pass) => {
if (pass) {
exports.login(username, password).then((user) => {
callback(null, user != null);
if (user == null) {
loginRateLimiter.removeTokens(1);
2021-10-23 08:35:13 +00:00
}
});
} else {
callback(null, false);
2021-10-23 08:35:13 +00:00
}
});
2021-07-27 16:52:31 +00:00
}
/**
* If disabled auth, it does not call `next`.
*/
exports.checkBasicAuth = async (req, res, next) => {
};
exports.basicAuth = async function (req, res, next) {
const middleware = basicAuth({
authorizer: myAuthorizer,
authorizeAsync: true,
challenge: true,
});
const disabledAuth = await setting("disableAuth");
if (!disabledAuth) {
middleware(req, res, next);
} else {
next();
}
};