@@ -5,7 +5,6 @@ import bodyParser from 'body-parser';
55import request from 'request' ;
66import webpack from 'webpack' ;
77import webpackConfig from './webpack.config.js' ;
8- import basicAuth from 'basic-auth' ;
98
109import db , { Controller , pg , User , Tag } from './db' ;
1110import Commands from './src/commands' ;
@@ -43,36 +42,8 @@ if (config.env === 'development') {
4342 app . use ( require ( 'webpack-hot-middleware' ) ( compiler ) ) ;
4443}
4544
46- function auth ( req , res , next ) {
47- function unauthorized ( res , user ) {
48- console . log ( 'WARNING, unauthorized attempt by user:' , user , 'to access route:' , req . originalUrl ) ;
49- res . set ( 'WWW-Authenticate' , 'Basic' ) ;
50- return res . sendStatus ( 401 ) ;
51- }
52-
53- var user = basicAuth ( req ) ;
54-
55- if ( ! user || ! user . name || ! user . pass ) {
56- return unauthorized ( res , user ) ;
57- }
58-
59- if ( user . name === config . auth . user && user . pass === config . auth . password ) {
60- return next ( ) ;
61- } else {
62- return unauthorized ( res , user ) ;
63- }
64- } ;
65-
66- const adminPage = express . static ( path . join ( __dirname , 'client' ) ) ;
67-
68- // serve up the admin interface behind auth in production
69- if ( config . env === 'development' ) {
70- console . log ( 'WARNING: NO AUTH FOR ADMIN PAGE 🔓' ) ;
71- app . use ( '/admin' , adminPage ) ;
72- } else {
73- console . log ( '🔒 Auth is enabled for admin page access' )
74- app . use ( '/admin' , [ auth , adminPage ] ) ;
75- }
45+ // serve up the admin page
46+ app . use ( '/admin' , express . static ( path . join ( __dirname , 'client' ) ) ) ;
7647
7748// body parsing
7849app . use ( bodyParser . json ( ) ) ;
@@ -296,7 +267,6 @@ app.post('/hook/', function (req, res) {
296267 res . sendStatus ( status ) ;
297268} ) ;
298269
299- config . env != 'development' && app . use ( '/messages/' , auth ) ;
300270app . post ( '/messages/' , function ( req , res ) {
301271 if ( ! req . body . message ) {
302272 return res . sendStatus ( 400 ) ;
@@ -322,7 +292,6 @@ app.post('/messages/', function (req, res) {
322292 } ) ;
323293} ) ;
324294
325- config . env != 'development' && app . use ( '/send/' , auth ) ;
326295app . post ( '/send/' , function ( req , res ) {
327296 if ( ! req . body . messageId ) {
328297 return res . status ( 400 ) . json ( { message : '`messageId` must be specified in request' } ) ;
@@ -351,7 +320,6 @@ app.post('/send/', function (req, res) {
351320 } ) ;
352321} ) ;
353322
354- config . env != 'development' && app . use ( '/triggers/' , auth ) ;
355323app . post ( '/triggers/' , function ( req , res ) {
356324
357325 const triggerTagId = req . body . triggerTagId ,
@@ -397,17 +365,6 @@ app.post('/triggers/', function (req, res) {
397365const server = require ( 'http' ) . Server ( app ) ;
398366const io = require ( 'socket.io' ) ( server ) ;
399367
400- // auth for websockets
401- if ( config . env != 'development' ) {
402- io . use ( ( socket , next ) => {
403- var user = basicAuth ( socket . request ) ;
404- if ( ! user || user . name !== config . auth . user || user . pass !== config . auth . password ) {
405- return console . log ( 'WARNING, unauthorized websocket connection attempt:' , user ) ;
406- }
407- next && next ( ) ;
408- } ) ;
409- }
410-
411368io . on ( 'connection' , function ( socket ) {
412369 socket . on ( 'get-responses' , ( options ) => {
413370 Controller . getResponses ( {
0 commit comments