Initial commit

Author: eelkevdbos

.github/workflows/publish.yml

@@ -0,0 +1,21 @@
+name: Publish package to npmjs
+on:
+  release:
+    types: [published]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          registry-url: https://registry.npmjs.org/
+      - uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: 1.0.0
+      - run: bun install
+      - run: npm run build
+      - run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/test.yml

@@ -0,0 +1,20 @@
+name: test
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+jobs:
+  test:
+    name: test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: oven-sh/setup-bun@v1
+        with:
+          bun-version: 1.0.0
+      - run: bun install
+      - run: bun test --coverage

.gitignore

@@ -0,0 +1,171 @@
+# Based on https://raw.githubusercontent.com/github/gitignore/main/Node.gitignore
+
+# Logs
+
+logs
+_.log
+npm-debug.log_
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+.pnpm-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+
+report.[0-9]_.[0-9]_.[0-9]_.[0-9]_.json
+
+# Runtime data
+
+pids
+_.pid
+_.seed
+\*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+
+lib-cov
+
+# Coverage directory used by tools like istanbul
+
+coverage
+\*.lcov
+
+# nyc test coverage
+
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+
+bower_components
+
+# node-waf configuration
+
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+
+build/Release
+
+# Dependency directories
+
+node_modules/
+jspm_packages/
+
+# Snowpack dependency directory (https://snowpack.dev/)
+
+web_modules/
+
+# TypeScript cache
+
+\*.tsbuildinfo
+
+# Optional npm cache directory
+
+.npm
+
+# Optional eslint cache
+
+.eslintcache
+
+# Optional stylelint cache
+
+.stylelintcache
+
+# Microbundle cache
+
+.rpt2_cache/
+.rts2_cache_cjs/
+.rts2_cache_es/
+.rts2_cache_umd/
+
+# Optional REPL history
+
+.node_repl_history
+
+# Output of 'npm pack'
+
+\*.tgz
+
+# Yarn Integrity file
+
+.yarn-integrity
+
+# dotenv environment variable files
+
+.env
+.env.development.local
+.env.test.local
+.env.production.local
+.env.local
+
+# parcel-bundler cache (https://parceljs.org/)
+
+.cache
+.parcel-cache
+
+# Next.js build output
+
+.next
+out
+
+# Nuxt.js build / generate output
+
+.nuxt
+dist
+
+# Gatsby files
+
+.cache/
+
+# Comment in the public line in if your project uses Gatsby and not Next.js
+
+# https://nextjs.org/blog/next-9-1#public-directory-support
+
+# public
+
+# vuepress build output
+
+.vuepress/dist
+
+# vuepress v2.x temp and cache directory
+
+.temp
+.cache
+
+# Docusaurus cache and generated files
+
+.docusaurus
+
+# Serverless directories
+
+.serverless/
+
+# FuseBox cache
+
+.fusebox/
+
+# DynamoDB Local files
+
+.dynamodb/
+
+# TernJS port file
+
+.tern-port
+
+# Stores VSCode versions used for testing VSCode extensions
+
+.vscode-test
+
+# yarn v2
+
+.yarn/cache
+.yarn/unplugged
+.yarn/build-state.yml
+.yarn/install-state.gz
+.pnp.\*
+
+.idea

.prettierrc

@@ -0,0 +1,11 @@
+{
+  "semi": false,
+  "arrowParens": "avoid",
+  "singleQuote": true,
+  "printWidth": 80,
+  "tabWidth": 2,
+  "useTabs": false,
+  "trailingComma": "es5",
+  "bracketSpacing": true,
+  "endOfLine": "lf"
+}

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Eelke van den Bos
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,91 @@
+Elysia Basic Auth
+===
+
+Basic auth for [Elysia.js](https://elysiajs.com/)
+
+Install
+---
+
+```
+bun add @eelkevdbos/elysia-basic-auth
+```
+
+Usage
+---
+
+Check out full sample at [`example`](example/index.ts) or check out the tests [`tests`](src/index.test.ts).
+
+```ts
+import { Elysia } from 'elysia'
+import { basicAuth } from '@eelkevdbos/elysia-basic-auth'
+
+const app = new Elysia()
+  .use(
+    basicAuth({
+      credentials: [{ username: 'admin', password: 'admin' }],
+      scope: "/private",
+      realm: "Private Area",
+    })
+  )
+  // out of scope path
+  .get('/public', () => 'public')
+  // pathname matches scope
+  .get('/private/123', () => 'private by pathname prefix')
+  // access to realm within a handler, returns 'Private Area'
+  .get('/private/realm-stored', ({ store }) => store.basicAuthRealm)
+  // cors preflights are public by default
+  .options('/private/123', () => 'public for CORS preflight requests')
+  .listen(3000)
+```
+
+Configuration
+---
+
+### credentials
+
+`{ username: string, password: string }[]`
+
+A list of credentials valid for authentication
+
+### header
+
+`string`
+
+Default: `Authorization`
+
+Header used for basic authentication.
+
+### realm
+
+`string`
+
+Default: `Secure Area`
+
+Realm used for basic authentication
+
+### unauthorizedMessage
+
+`string`
+
+Default: `Unauthorized`
+
+Response body for unauthorized requests
+
+### unauthorizedStatus
+
+`number`
+
+Default: `401`
+
+Response status for unauthorized requests
+
+### scope
+
+`string | (ctx: PreContext) => boolean`
+
+Default: `/`
+
+A string that will be compared with the current request path via `startsWith`.
+
+Alternatively, a function can be provided that returns `true` if the context (and thereby request) is in the scope of the current basic auth protection space.
+

bun.lockb

@@ -0,0 +1,21 @@
+import { Elysia } from 'elysia'
+
+import { basicAuth } from '@eelkevdbos/elysia-basic-auth'
+
+new Elysia()
+  .use(
+    basicAuth({
+      credentials: [{ username: 'admin', password: 'admin' }],
+      scope: '/private',
+      realm: 'Private Area',
+    })
+  )
+  // out of scope path
+  .get('/public', () => 'public')
+  // pathname matches scope
+  .get('/private/123', () => 'private by pathname prefix')
+  // access to realm within a handler, returns 'Private Area'
+  .get('/private/realm-stored', ({ store }) => store.basicAuthRealm)
+  // cors preflights are public by default
+  .options('/private/123', () => 'public for CORS preflight requests')
+  .listen(3000)