Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-04-10 01:16:39 +02:00
Code Issues Projects Releases Wiki Activity

fix: add support for basic auth with simple-auth (#659)

Browse Source
This commit is contained in:
Ivar Conradi Østhus 2020-12-03 21:29:01 +01:00 committed by GitHub
parent e3bfe2c6d0
commit 3bf01b803a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/api/admin/events-api.md
View File

@ -3,6 +3,8 @@ id: events
title: /api/admin/events title: /api/admin/events
--- ---
> In order to access the admin api endpoints you need to identify yourself. If you are using the `unsecure` authententication method, you may use [basic authenticaion](https://en.wikipedia.org/wiki/Basic_access_authentication) to ientify yourself.
# Events API # Events API
`GET: http://unleash.host.com/api/admin/events` `GET: http://unleash.host.com/api/admin/events`

2
docs/api/admin/feature-toggles-api.md
View File

@ -3,6 +3,8 @@ id: features
title: /api/admin/features title: /api/admin/features
--- ---
> In order to access the admin api endpoints you need to identify yourself. If you are using the `unsecure` authententication method, you may use [basic authenticaion](https://en.wikipedia.org/wiki/Basic_access_authentication) to ientify yourself.
### Fetching Feature Toggles ### Fetching Feature Toggles
`GET: http://unleash.host.com/api/admin/features` `GET: http://unleash.host.com/api/admin/features`

2
docs/api/admin/feature-types-api.md
View File

@ -3,6 +3,8 @@ id: feature-types
title: /api/admin/feature-types title: /api/admin/feature-types
--- ---
> In order to access the admin api endpoints you need to identify yourself. If you are using the `unsecure` authententication method, you may use [basic authenticaion](https://en.wikipedia.org/wiki/Basic_access_authentication) to ientify yourself.
# Feature Types API # Feature Types API
`GET: http://unleash.host.com/api/admin/feature-types` `GET: http://unleash.host.com/api/admin/feature-types`

2
docs/api/admin/metrics-api.md
View File

@ -3,6 +3,8 @@ id: metrics
title: /api/admin/metrics title: /api/admin/metrics
--- ---
> In order to access the admin api endpoints you need to identify yourself. If you are using the `unsecure` authententication method, you may use [basic authenticaion](https://en.wikipedia.org/wiki/Basic_access_authentication) to ientify yourself.
# This document describes the metrics endpoint for admin ui # This document describes the metrics endpoint for admin ui
### Seen-toggles ### Seen-toggles

2
docs/api/admin/state-api.md
View File

@ -3,6 +3,8 @@ id: state
title: /api/admin/state title: /api/admin/state
--- ---
> In order to access the admin api endpoints you need to identify yourself. If you are using the `unsecure` authententication method, you may use [basic authenticaion](https://en.wikipedia.org/wiki/Basic_access_authentication) to ientify yourself.
### Export Feature Toggles & Strategies ### Export Feature Toggles & Strategies
`GET: http://unleash.host.com/api/admin/state/export` `GET: http://unleash.host.com/api/admin/state/export`

2
docs/api/admin/strategies-api.md
View File

@ -3,6 +3,8 @@ id: strategies
title: /api/admin/strategies title: /api/admin/strategies
--- ---
> In order to access the admin api endpoints you need to identify yourself. If you are using the `unsecure` authententication method, you may use [basic authenticaion](https://en.wikipedia.org/wiki/Basic_access_authentication) to ientify yourself.
### Fetch Strategies ### Fetch Strategies
`GET: http://unleash.host.com/api/admin/strategies` `GET: http://unleash.host.com/api/admin/strategies`

8
lib/middleware/simple-authentication.js
View File

@ -1,5 +1,4 @@
'use strict'; const auth = require('basic-auth');
const User = require('../user'); const User = require('../user');
const AuthenticationRequired = require('../authentication-required'); const AuthenticationRequired = require('../authentication-required');
@ -15,6 +14,11 @@ function unsecureAuthentication(basePath = '', app) {
app.use(`${basePath}/api/admin/`, (req, res, next) => { app.use(`${basePath}/api/admin/`, (req, res, next) => {
if (req.session.user && req.session.user.email) { if (req.session.user && req.session.user.email) {
req.user = req.session.user; req.user = req.session.user;
} else if (req.header('authorization')) {
const user = auth(req);
if (user && user.name) {
req.user = new User({ username: user.name });
}
} }
next(); next();
}); });

1
package.json
View File

@ -63,6 +63,7 @@
}, },
"dependencies": { "dependencies": {
"async": "^3.1.0", "async": "^3.1.0",
"basic-auth": "^2.0.1",
"compression": "^1.7.3", "compression": "^1.7.3",
"cookie-parser": "^1.4.4", "cookie-parser": "^1.4.4",
"cookie-session": "^2.0.0-rc.1", "cookie-session": "^2.0.0-rc.1",

7
yarn.lock
View File

@ -693,6 +693,13 @@ base@^0.11.1:
mixin-deep "^1.2.0" mixin-deep "^1.2.0"
pascalcase "^0.1.1" pascalcase "^0.1.1"
basic-auth@^2.0.1:
version "2.0.1"
resolved "https://registry.yarnpkg.com/basic-auth/-/basic-auth-2.0.1.tgz#b998279bf47ce38344b4f3cf916d4679bbf51e3a"
integrity sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==
dependencies:
safe-buffer "5.1.2"
bcrypt-pbkdf@^1.0.0: bcrypt-pbkdf@^1.0.0:
version "1.0.2" version "1.0.2"
resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz#a4301d389b6a43f9b67ff3ca11a3f6637e360e9e" resolved "https://registry.yarnpkg.com/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz#a4301d389b6a43f9b67ff3ca11a3f6637e360e9e"