unleash.unleash/src/lib/middleware/oss-authentication.js

const AuthenticationRequired = require('../authentication-required');

function ossAuthHook(app, config) {
    const { baseUriPath } = config.server;

    const generateAuthResponse = async () =>
        new AuthenticationRequired({
            type: 'password',
            path: `${baseUriPath}/auth/simple/login`,
            message: 'You must sign in order to use Unleash',
        });

    app.use(`${baseUriPath}/api`, async (req, res, next) => {
        if (req.session && req.session.user) {
            req.user = req.session.user;
            return next();
        }
        if (req.user) {
            return next();
        }
        if (req.header('authorization')) {
            // API clients should get 401 without body
            return res.sendStatus(401);
        }
        // Admin UI users should get auth-response
        const authRequired = await generateAuthResponse();
        return res.status(401).json(authRequired);
    });
}

module.exports = ossAuthHook;
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`const AuthenticationRequired = require('../authentication-required');`

			`function ossAuthHook(app, config) {`
Feat/options need types (#794) feat: options are now typed - This makes it easier to know what to send to unleash.start / unleash.create - Using a Partial to instantiate the config, then melding it with defaults to get a config object with all fields set either to their defaults or to whatever is passed in. Co-authored-by: Fredrik Strand Oseberg <fredrik.no@gmail.com> Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> 2021-04-22 10:07:10 +02:00			`const { baseUriPath } = config.server;`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00
Reset token (#786) feat: Add Reset token functionality This allows admin users to create a reset token for other users. Thus allowing resetting their password. Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> fixes: #778 2021-04-16 15:29:23 +02:00			`const generateAuthResponse = async () =>`
			`new AuthenticationRequired({`
feat: Add username/password authentication (#777) 2021-04-09 13:46:53 +02:00			`type: 'password',`
			path: `${baseUriPath}/auth/simple/login`,
			`message: 'You must sign in order to use Unleash',`
			`});`

			app.use(`${baseUriPath}/api`, async (req, res, next) => {
			`if (req.session && req.session.user) {`
			`req.user = req.session.user;`
			`return next();`
			`}`
			`if (req.user) {`
			`return next();`
			`}`
			`if (req.header('authorization')) {`
			`// API clients should get 401 without body`
			`return res.sendStatus(401);`
			`}`
			`// Admin UI users should get auth-response`
			`const authRequired = await generateAuthResponse();`
			`return res.status(401).json(authRequired);`
			`});`
			`}`

			`module.exports = ossAuthHook;`