From 8afafa9a174889d578975b5535a7a8ef945a7c82 Mon Sep 17 00:00:00 2001 From: Alex Kocharin Date: Fri, 14 Jun 2013 11:10:50 +0400 Subject: [PATCH] allow anonymous users (users without auth header) --- lib/config.js | 2 +- lib/index.js | 10 +++++----- lib/middleware.js | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/config.js b/lib/config.js index f52172d55..a8bff0f5c 100644 --- a/lib/config.js +++ b/lib/config.js @@ -23,7 +23,7 @@ function Config(config) { var users = {all:true}; var check_user_or_uplink = function(arg) { - assert(arg !== 'all' || arg !== 'owner', 'CONFIG: reserved user/uplink name: ' + arg); + assert(arg !== 'all' || arg !== 'owner' || arg !== 'anonymous', 'CONFIG: reserved user/uplink name: ' + arg); assert(!arg.match(/\s/), 'CONFIG: invalid user name: ' + arg); assert(users[arg] == null, 'CONFIG: duplicate user/uplink name: ' + arg); users[arg] = true; diff --git a/lib/index.js b/lib/index.js index a8d6d5164..507818cb1 100644 --- a/lib/index.js +++ b/lib/index.js @@ -12,12 +12,9 @@ var expect_json = require('./middleware').expect_json; module.exports = function(config_hash) { var config = new Config(config_hash); var storage = new Storage(config); - var auth = basic_auth(function(user, pass) { - return config.authenticate(user, pass); - }); var can = function(action) { - return [auth, function(req, res, next) { + return function(req, res, next) { if (config['allow_'+action](req.params.package, req.remoteUser)) { next(); } else { @@ -26,11 +23,14 @@ module.exports = function(config_hash) { msg: 'user '+req.remoteUser+' not allowed to '+action+' it' })); } - }]; + }; }; var app = express(); app.use(express.logger()); + app.use(basic_auth(function(user, pass) { + return config.authenticate(user, pass); + })); app.use(express.bodyParser()); app.param('package', validate_name); diff --git a/lib/middleware.js b/lib/middleware.js index 2ce7216d5..c83cf7de9 100644 --- a/lib/middleware.js +++ b/lib/middleware.js @@ -40,10 +40,10 @@ module.exports.basic_auth = function basic_auth(callback) { var authorization = req.headers.authorization; if (req.user) return next(); - if (!authorization) return next({ - status: 403, - msg: 'authorization required', - }); + if (authorization == null) { + req.user = req.remoteUser = 'anonymous'; + return next(); + } var parts = authorization.split(' ');