Skip to content

Commit

Permalink
feat: overridebasic fixes #243 included for #242
Browse files Browse the repository at this point in the history
  • Loading branch information
billchurch committed May 18, 2021
1 parent ad6b74c commit 5999375
Show file tree
Hide file tree
Showing 7 changed files with 23 additions and 4 deletions.
1 change: 1 addition & 0 deletions ChangeLog.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
- added prettier 2.3.0, typescript modules, socket.io-client 4.1.1, airbnb linting tools
### Added
- Lookup ip address for hostname in URL, fixes #199 thanks to @zwiy
- Ability to override `Authorization: Basic` header and replace with credentials specified in `config.json` fixes #243. New config.json option `user.overridebasic`
### CONTRIBUTING
In this release, we're trying our best to conform to the [Airbnb Javascript Style Guide](https://airbnb.io/projects/javascript/). I'm hoping this will make contributions easier and keep the code readable. I love shortcuts more than anyone but I've found when making changes to code I've not looked at in a while, it can take me a few momements to deconstruct what was being done due to readbility issues. While I don't agree with every decision in the style guide (semi-colons, yuk), it is a good base to keep the code consistent.

Expand Down
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,8 @@ docker run --name webssh2 -d -p 2222:2222 -v `pwd`/app/config.json:/usr/src/conf

* **user.password** - _string_ - Specify password to authenticate with. In normal cases this should be left to the default `null` setting.

* **user.overridebasic** - _boolean_ - When set to `true` ignores `Authorization: Basic` header sent from client and use credentials defined in `user.name` and `user.password` instead. Defaults to `false`. [issue 242](../../issues/242) for more information.

* **ssh.host** - _string_ - Specify host to connect to. May be either hostname or IP address. Defaults to `null`.

* **ssh.port** - _integer_ - Specify SSH port to connect to, defaults to `22`
Expand Down
1 change: 1 addition & 0 deletions app/config.json.sample
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"name": null,
"password": null,
"privatekey": null
"overridebasic": false
},
"ssh": {
"host": null,
Expand Down
2 changes: 1 addition & 1 deletion app/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 6 additions & 1 deletion app/server/app.js
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,12 @@ const appSocket = require('./socket');
const expressOptions = require('./expressOptions');
const myutil = require('./util');

myutil.setDefaultCredentials(config.user.name, config.user.password, config.user.privatekey);
myutil.setDefaultCredentials(
config.user.name,
config.user.password,
config.user.privatekey,
config.user.overridebasic
);

// safe shutdown
let shutdownMode = false;
Expand Down
1 change: 1 addition & 0 deletions app/server/config.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ let config = {
name: null,
password: null,
privatekey: null,
overridebasic: false,
},
ssh: {
host: null,
Expand Down
13 changes: 11 additions & 2 deletions app/server/util.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,24 @@ const Auth = require('basic-auth');

const defaultCredentials = { username: null, password: null, privatekey: null };

exports.setDefaultCredentials = function setDefaultCredentials(username, password, privatekey) {
exports.setDefaultCredentials = function setDefaultCredentials(
username,
password,
privatekey,
overridebasic
) {
defaultCredentials.username = username;
defaultCredentials.password = password;
defaultCredentials.privatekey = privatekey;
defaultCredentials.overridebasic = overridebasic;
};

exports.basicAuth = function basicAuth(req, res, next) {
const myAuth = Auth(req);
if (myAuth && myAuth.pass !== '') {
// If Authorize: Basic header exists and the password isn't blank
// AND config.user.overridebasic is false, extract basic credentials
// from client
if (myAuth && myAuth.pass !== '' && !defaultCredentials.overridebasic) {
req.session.username = myAuth.name;
req.session.userpassword = myAuth.pass;
debug(
Expand Down

0 comments on commit 5999375

Please sign in to comment.