From 9dfa8031c0d34012acbea588c63dbe49d04f48cb Mon Sep 17 00:00:00 2001 From: Bill Church Date: Thu, 19 May 2022 10:13:26 -0400 Subject: [PATCH] refactor: cleanup basic auth code --- app/server/app.js | 12 +++--------- app/server/util.js | 26 ++++++++++++-------------- 2 files changed, 15 insertions(+), 23 deletions(-) diff --git a/app/server/app.js b/app/server/app.js index 6de94aa..ad5ac48 100644 --- a/app/server/app.js +++ b/app/server/app.js @@ -1,6 +1,6 @@ /* jshint esversion: 6, asi: true, node: true */ /* eslint no-unused-expressions: ["error", { "allowShortCircuit": true, "allowTernary": true }], - no-console: ["error", { allow: ["warn", "error"] }] */ + no-console: ["error", { allow: ["warn", "error", "info"] }] */ // app.js // eslint-disable-next-line import/order @@ -21,12 +21,7 @@ const session = require('express-session')(config.express); const appSocket = require('./socket'); const myutil = require('./util'); -myutil.setDefaultCredentials( - config.user.name, - config.user.password, - config.user.privatekey, - config.user.overridebasic -); +myutil.setDefaultCredentials(config); // safe shutdown let shutdownMode = false; @@ -43,8 +38,7 @@ function safeShutdownGuard(req, res, next) { // clean stop function stopApp(reason) { shutdownMode = false; - // eslint-disable-next-line no-console - if (reason) console.log(`Stopping: ${reason}`); + if (reason) console.info(`Stopping: ${reason}`); if (shutdownInterval) clearInterval(shutdownInterval); io.close(); server.close(); diff --git a/app/server/util.js b/app/server/util.js index c8f73f1..60a27c8 100644 --- a/app/server/util.js +++ b/app/server/util.js @@ -5,33 +5,31 @@ const debug = require('debug')('WebSSH2'); const Auth = require('basic-auth'); -const defaultCredentials = { username: null, password: null, privatekey: null }; +let defaultCredentials = { username: null, password: null, privatekey: null }; -exports.setDefaultCredentials = function setDefaultCredentials( - username, +exports.setDefaultCredentials = function setDefaultCredentials({ + name: username, password, privatekey, - overridebasic -) { - defaultCredentials.username = username; - defaultCredentials.password = password; - defaultCredentials.privatekey = privatekey; - defaultCredentials.overridebasic = overridebasic; + overridebasic, +}) { + defaultCredentials = { username, password, privatekey, overridebasic }; }; exports.basicAuth = function basicAuth(req, res, next) { const myAuth = Auth(req); // If Authorize: Basic header exists and the password isn't blank // AND config.user.overridebasic is false, extract basic credentials - // from client - if (myAuth && myAuth.pass !== '' && !defaultCredentials.overridebasic) { + // from client] + const { username, password, privatekey, overridebasic } = defaultCredentials; + if (myAuth && myAuth.pass !== '' && !overridebasic) { req.session.username = myAuth.name; req.session.userpassword = myAuth.pass; debug(`myAuth.name: ${myAuth.name} and password ${myAuth.pass ? 'exists' : 'is blank'}`); } else { - req.session.username = defaultCredentials.username; - req.session.userpassword = defaultCredentials.password; - req.session.privatekey = defaultCredentials.privatekey; + req.session.username = username; + req.session.userpassword = password; + req.session.privatekey = privatekey; } if (!req.session.userpassword && !req.session.privatekey) { res.statusCode = 401;