feat: HTTP Basic Authentication and auto-connection with /ssh/host/<hostIP>

app/connectionHandler.js

@@ -1,10 +1,13 @@
 // server
 // app/connectionHandler.js
+const createDebug = require("debug")
 var path = require("path")
 var fs = require("fs")
 var extend = require("util")._extend
+const debug = createDebug("webssh2:connectionHandler")
 
 function handleConnection(req, res, urlParams) {
+  debug("Handling connection")
   urlParams = urlParams || {}
 
   const clientPath = path.resolve(
@@ -31,7 +34,6 @@ function handleConnection(req, res, urlParams) {
       host: urlParams.host || sshCredentials.host || '',
       port: urlParams.port || sshCredentials.port || 22,
       username: sshCredentials.username || '',
-      password: sshCredentials.password || ''
     },
     autoConnect: !!req.session.sshCredentials
   }

app/routes.js

@@ -6,6 +6,7 @@ const express = require('express')
 const router = express.Router()
 const handleConnection = require('./connectionHandler')
 const basicAuth = require('basic-auth')
+const { sanitizeObject } = require('./utils')
 
 function auth(req, res, next) {
   debug('Authenticating user with HTTP Basic Auth')
@@ -31,6 +32,18 @@ router.get('/', function (req, res) {
 // Scenario 2: Auth required, uses HTTP Basic Auth
 router.get('/host/:host', auth, function (req, res) {
   debug(`Accessed /ssh/host/${req.params.host} route`)
+  const { host, port = 22 } = req.params;
+  req.session.sshCredentials.host = host
+  req.session.sshCredentials.port = port
+
+  // Sanitize the sshCredentials object before logging
+  const sanitizedCredentials = sanitizeObject(
+    JSON.parse(JSON.stringify(req.session.sshCredentials))
+  );
+
+  // Log the sanitized credentials
+  debug('/ssh//host/ Credentials: ', sanitizedCredentials);
+
   handleConnection(req, res, { host: req.params.host })
 })
 

app/socket.js

@@ -32,6 +32,16 @@ function handleConnection(socket, config) {
   removeExistingListeners(socket)
   setupInitialSocketListeners(socket, config)
 
+  if (socket.handshake.session.sshCredentials) {
+    const { username, password, host, port } =
+      socket.handshake.session.sshCredentials
+
+    if (username && password && host && port) {
+      handleAuthentication(socket, { username, password, host, port }, config)
+      return
+    }
+  }
+  
   // Emit an event to the client to request authentication
   if (!authenticated) {
     debug(
@@ -86,6 +96,13 @@ function handleConnection(socket, config) {
    * @param {Object} config - The configuration object
    */
   function handleAuthentication(socket, creds, config) {
+    if (!creds.username && !creds.password) {
+      creds.username = sshCredentials.username
+      creds.password = sshCredentials.password
+      creds.host = sshCredentials.host
+      creds.port = sshCredentials.port
+    }
+
     // If reauth, creds from this function should take precedence
     if (creds && isValidCredentials(creds)) {
       // Store new credentials in session, overriding any existing ones