2017-05-20 10:47:43 +02:00
|
|
|
/* eslint require-jsdoc: off */
|
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
'use strict';
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
let fs = require('fs');
|
|
|
|
let Path = require('path');
|
|
|
|
let utils = require('./utils');
|
|
|
|
|
|
|
|
module.exports = HTPasswd;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
function HTPasswd(config, stuff) {
|
2017-04-23 20:02:26 +02:00
|
|
|
let self = Object.create(HTPasswd.prototype);
|
|
|
|
self._users = {};
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
// config for this module
|
2017-04-23 20:02:26 +02:00
|
|
|
self._config = config;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2016-11-07 12:15:38 -05:00
|
|
|
// verdaccio logger
|
2017-04-23 20:02:26 +02:00
|
|
|
self._logger = stuff.logger;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2016-11-07 12:15:38 -05:00
|
|
|
// verdaccio main config object
|
2017-04-23 20:02:26 +02:00
|
|
|
self._verdaccio_config = stuff.config;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2016-11-07 12:15:38 -05:00
|
|
|
// all this "verdaccio_config" stuff is for b/w compatibility only
|
2017-04-23 20:02:26 +02:00
|
|
|
self._maxusers = self._config.max_users;
|
|
|
|
if (!self._maxusers) self._maxusers = self._verdaccio_config.max_users;
|
2016-05-01 10:02:01 +01:00
|
|
|
// set maxusers to Infinity if not specified
|
2017-04-23 20:02:26 +02:00
|
|
|
if (!self._maxusers) self._maxusers = Infinity;
|
|
|
|
|
|
|
|
self._last_time = null;
|
|
|
|
let file = self._config.file;
|
|
|
|
if (!file) file = self._verdaccio_config.users_file;
|
|
|
|
if (!file) throw new Error('should specify "file" in config');
|
|
|
|
self._path = Path.resolve(Path.dirname(self._verdaccio_config.self_path), file);
|
|
|
|
return self;
|
2016-05-01 10:02:01 +01:00
|
|
|
}
|
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
HTPasswd.prototype.authenticate = function(user, password, cb) {
|
|
|
|
let self = this;
|
|
|
|
self._reload(function(err) {
|
|
|
|
if (err) return cb(err.code === 'ENOENT' ? null : err);
|
|
|
|
if (!self._users[user]) return cb(null, false);
|
|
|
|
if (!utils.verify_password(user, password, self._users[user])) return cb(null, false);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
// authentication succeeded!
|
|
|
|
// return all usergroups this user has access to;
|
|
|
|
// (this particular package has no concept of usergroups, so just return user herself)
|
2017-04-23 20:02:26 +02:00
|
|
|
return cb(null, [user]);
|
|
|
|
});
|
|
|
|
};
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
// hopefully race-condition-free way to add users:
|
|
|
|
// 1. lock file for writing (other processes can still read)
|
|
|
|
// 2. reload .htpasswd
|
|
|
|
// 3. write new data into .htpasswd.tmp
|
|
|
|
// 4. move .htpasswd.tmp to .htpasswd
|
|
|
|
// 5. reload .htpasswd
|
|
|
|
// 6. unlock file
|
2017-04-23 20:02:26 +02:00
|
|
|
HTPasswd.prototype.adduser = function(user, password, real_cb) {
|
|
|
|
let self = this;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
function sanity_check() {
|
2017-04-23 20:02:26 +02:00
|
|
|
let err = null;
|
2016-05-01 10:02:01 +01:00
|
|
|
if (self._users[user]) {
|
2017-04-23 20:02:26 +02:00
|
|
|
err = Error('this user already exists');
|
2016-05-01 10:02:01 +01:00
|
|
|
} else if (Object.keys(self._users).length >= self._maxusers) {
|
2017-04-23 20:02:26 +02:00
|
|
|
err = Error('maximum amount of users reached');
|
2016-05-01 10:02:01 +01:00
|
|
|
}
|
2017-04-23 20:02:26 +02:00
|
|
|
if (err) err.status = 403;
|
|
|
|
return err;
|
2016-05-01 10:02:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// preliminary checks, just to ensure that file won't be reloaded if it's not needed
|
2017-04-23 20:02:26 +02:00
|
|
|
let s_err = sanity_check();
|
|
|
|
if (s_err) return real_cb(s_err, false);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
utils.lock_and_read(self._path, function(err, res) {
|
|
|
|
let locked = false;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
// callback that cleans up lock first
|
|
|
|
function cb(err) {
|
|
|
|
if (locked) {
|
2017-04-23 20:02:26 +02:00
|
|
|
utils.unlock_file(self._path, function() {
|
2016-05-01 10:02:01 +01:00
|
|
|
// ignore any error from the unlock
|
2017-04-23 20:02:26 +02:00
|
|
|
real_cb(err, !err);
|
|
|
|
});
|
2016-05-01 10:02:01 +01:00
|
|
|
} else {
|
2017-04-23 20:02:26 +02:00
|
|
|
real_cb(err, !err);
|
2016-05-01 10:02:01 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!err) {
|
2017-04-23 20:02:26 +02:00
|
|
|
locked = true;
|
2016-05-01 10:02:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// ignore ENOENT errors, we'll just create .htpasswd in that case
|
2017-04-23 20:02:26 +02:00
|
|
|
if (err && err.code !== 'ENOENT') return cb(err);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
let body = (res || '').toString('utf8');
|
|
|
|
self._users = utils.parse_htpasswd(body);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
// real checks, to prevent race conditions
|
2017-04-23 20:02:26 +02:00
|
|
|
let s_err = sanity_check();
|
|
|
|
if (s_err) return cb(s_err);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
|
|
|
try {
|
2017-04-23 20:02:26 +02:00
|
|
|
body = utils.add_user_to_htpasswd(body, user, password);
|
2016-05-01 10:02:01 +01:00
|
|
|
} catch (err) {
|
2017-04-23 20:02:26 +02:00
|
|
|
return cb(err);
|
2016-05-01 10:02:01 +01:00
|
|
|
}
|
2017-04-23 20:02:26 +02:00
|
|
|
fs.writeFile(self._path, body, function(err) {
|
|
|
|
if (err) return cb(err);
|
|
|
|
self._reload(function() {
|
|
|
|
cb(null, true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
};
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
HTPasswd.prototype._reload = function(_callback) {
|
|
|
|
let self = this;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
fs.stat(self._path, function(err, stats) {
|
|
|
|
if (err) return _callback(err);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
if (self._last_time === stats.mtime) return _callback();
|
|
|
|
self._last_time = stats.mtime;
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
fs.readFile(self._path, 'utf8', function(err, buffer) {
|
|
|
|
if (err) return _callback(err);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
self._users = utils.parse_htpasswd(buffer);
|
2016-05-01 10:02:01 +01:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
_callback();
|
2016-05-01 10:02:01 +01:00
|
|
|
});
|
|
|
|
});
|
2017-04-23 20:02:26 +02:00
|
|
|
};
|