-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauthCheck.js
More file actions
107 lines (92 loc) · 3.4 KB
/
authCheck.js
File metadata and controls
107 lines (92 loc) · 3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
var httpdigestauth = require('http-digest-auth'),
Cookies = require('cookies'),
crypto = require('crypto'),
realm = 'Parasoup',
url = require('url'),
fs = require('fs');
function isExpired(time) {
return time.getTime() < new Date().getTime();
}
module.exports = function(options) {
var loginStore = {},
sessionLength = options.sessionLength || 31557600; // 1 year in seconds
function storeWriter() {
var data = JSON.stringify(loginStore);
fs.writeFileSync(options.loginTokenFile, data);
setTimeout(storeWriter, 10000);
};
if (options.loginTokenFile) {
if (fs.existsSync(options.loginTokenFile)) {
try {
loginStore = JSON.parse(fs.readFileSync(options.loginTokenFile));
for (var key in loginStore) {
var token = loginStore[key];
if (token.expires) {
token.expires = new Date(token.expires);
}
}
} catch (e) { }
}
storeWriter();
}
return {
checkAuth: function(request, response) {
if (request.connection.remoteAddress == '188.40.102.160') {
return true
}
var cookies = new Cookies(request, response);
var token = cookies.get('token');
if (loginStore.hasOwnProperty(token)) {
var login = loginStore[token];
if (!isExpired(login.expires)) {
return true;
} else {
this.deleteToken(token);
}
}
var mainUrlRegex = new RegExp('^' + options.domain + '$');
if (!request.headers.host || !request.headers.host.match(mainUrlRegex)) {
var source = 'http://' + request.headers.host + request.url;
response.writeHead(302, {
'Location': 'http://parasoup.de?comeFrom=' + encodeURIComponent(source)
});
response.end();
return false;
}
var username = httpdigestauth.login(request, response, realm, options.auth.users);
if (username === false) {
return false;
}
token = crypto.createHash('sha256').
update('' + Math.floor(Math.random() * (new Date()).getTime())).digest('hex');
var expires = new Date(new Date().getTime() + 1000 * sessionLength);
cookies.set('token', '' + token, { domain: '.' + options.domainPrefix, expires: expires });
loginStore[token] = { expires: expires };
var query = url.parse(request.url, true).query;
if (query.hasOwnProperty('comeFrom')) {
response.writeHead(302, {
'Location': query.comeFrom
});
response.end();
return false;
}
return true;
},
getActiveLoginCount: function() {
var c = 0;
for (var i in loginStore) {
if (!isExpired(loginStore[i].expires)) {
c++;
} else {
this.deleteToken(i);
}
}
return c;
},
deleteToken: function(token) {
if (loginStore.hasOwnProperty(token)) {
delete loginStore[token];
}
}
};
}