pax_global_header00006660000000000000000000000064133506051570014517gustar00rootroot0000000000000052 comment=bde0bac8ba99f5d461a339cb6b8a598a0586d699 basic-auth-2.0.1/000077500000000000000000000000001335060515700135375ustar00rootroot00000000000000basic-auth-2.0.1/.eslintignore000066400000000000000000000000261335060515700162400ustar00rootroot00000000000000coverage node_modules basic-auth-2.0.1/.eslintrc.yml000066400000000000000000000000351335060515700161610ustar00rootroot00000000000000root: true extends: standard basic-auth-2.0.1/.gitignore000066400000000000000000000000661335060515700155310ustar00rootroot00000000000000coverage node_modules npm-debug.log package-lock.json basic-auth-2.0.1/.travis.yml000066400000000000000000000036071335060515700156560ustar00rootroot00000000000000language: node_js node_js: - "0.8" - "0.10" - "0.12" - "1.8" - "2.5" - "3.3" - "4.9" - "5.12" - "6.14" - "7.10" - "8.12" - "9.11" - "10.10" sudo: false cache: directories: - node_modules before_install: # Configure npm - | # Skip updating shrinkwrap / lock npm config set shrinkwrap false # Setup Node.js version-specific dependencies - | # eslint for linting # - remove on Node.js < 6 if [[ "$(cut -d. -f1 <<< "$TRAVIS_NODE_VERSION")" -lt 6 ]]; then node -pe 'Object.keys(require("./package").devDependencies).join("\n")' | \ grep -E '^eslint(-|$)' | \ xargs npm rm --save-dev fi - | # istanbul for coverage # - remove on Node.js < 0.10 if [[ "$(cut -d. -f1 <<< "$TRAVIS_NODE_VERSION")" -eq 0 && "$(cut -d. -f2 <<< "$TRAVIS_NODE_VERSION")" -lt 10 ]]; then npm rm --save-dev istanbul fi - | # mocha for testing # - use 2.x for Node.js < 0.10 # - use 3.x for Node.js < 6 if [[ "$(cut -d. -f1 <<< "$TRAVIS_NODE_VERSION")" -eq 0 && "$(cut -d. -f2 <<< "$TRAVIS_NODE_VERSION")" -lt 10 ]]; then npm install --save-dev mocha@2.5.3 elif [[ "$(cut -d. -f1 <<< "$TRAVIS_NODE_VERSION")" -lt 6 ]]; then npm install --save-dev mocha@3.5.3 fi # Update Node.js modules - | # Prune & rebuild node_modules if [[ -d node_modules ]]; then npm prune npm rebuild fi script: - | # Run test script, depending on istanbul install if [[ -n "$(npm -ps ls istanbul)" ]]; then npm run-script test-travis else npm test fi - | # Run linting, depending on eslint install if [[ -n "$(npm -ps ls eslint)" ]]; then npm run-script lint fi after_script: - | # Upload coverage to coveralls, if exists if [[ -f ./coverage/lcov.info ]]; then npm install --save-dev coveralls@2 coveralls < ./coverage/lcov.info fi basic-auth-2.0.1/HISTORY.md000066400000000000000000000020341335060515700152210ustar00rootroot000000000000002.0.1 / 2018-09-19 ================== * deps: safe-buffer@5.1.2 2.0.0 / 2017-09-12 ================== * Drop support for Node.js below 0.8 * Remove `auth(ctx)` signature -- pass in header or `auth(ctx.req)` * Use `safe-buffer` for improved Buffer API 1.1.0 / 2016-11-18 ================== * Add `auth.parse` for low-level string parsing 1.0.4 / 2016-05-10 ================== * Improve error message when `req` argument is not an object * Improve error message when `req` missing `headers` property 1.0.3 / 2015-07-01 ================== * Fix regression accepting a Koa context 1.0.2 / 2015-06-12 ================== * Improve error message when `req` argument missing * perf: enable strict mode * perf: hoist regular expression * perf: parse with regular expressions * perf: remove argument reassignment 1.0.1 / 2015-05-04 ================== * Update readme 1.0.0 / 2014-07-01 ================== * Support empty password * Support empty username 0.0.1 / 2013-11-30 ================== * Initial release basic-auth-2.0.1/LICENSE000066400000000000000000000022661335060515700145520ustar00rootroot00000000000000(The MIT License) Copyright (c) 2013 TJ Holowaychuk Copyright (c) 2014 Jonathan Ong Copyright (c) 2015-2016 Douglas Christopher Wilson Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. basic-auth-2.0.1/README.md000066400000000000000000000061701335060515700150220ustar00rootroot00000000000000# basic-auth [![NPM Version][npm-image]][npm-url] [![NPM Downloads][downloads-image]][downloads-url] [![Node.js Version][node-version-image]][node-version-url] [![Build Status][travis-image]][travis-url] [![Test Coverage][coveralls-image]][coveralls-url] Generic basic auth Authorization header field parser for whatever. ## Installation This is a [Node.js](https://nodejs.org/en/) module available through the [npm registry](https://www.npmjs.com/). Installation is done using the [`npm install` command](https://docs.npmjs.com/getting-started/installing-npm-packages-locally): ``` $ npm install basic-auth ``` ## API ```js var auth = require('basic-auth') ``` ### auth(req) Get the basic auth credentials from the given request. The `Authorization` header is parsed and if the header is invalid, `undefined` is returned, otherwise an object with `name` and `pass` properties. ### auth.parse(string) Parse a basic auth authorization header string. This will return an object with `name` and `pass` properties, or `undefined` if the string is invalid. ## Example Pass a Node.js request object to the module export. If parsing fails `undefined` is returned, otherwise an object with `.name` and `.pass`. ```js var auth = require('basic-auth') var user = auth(req) // => { name: 'something', pass: 'whatever' } ``` A header string from any other location can also be parsed with `auth.parse`, for example a `Proxy-Authorization` header: ```js var auth = require('basic-auth') var user = auth.parse(req.getHeader('Proxy-Authorization')) ``` ### With vanilla node.js http server ```js var http = require('http') var auth = require('basic-auth') var compare = require('tsscmp') // Create server var server = http.createServer(function (req, res) { var credentials = auth(req) // Check credentials // The "check" function will typically be against your user store if (!credentials || !check(credentials.name, credentials.pass)) { res.statusCode = 401 res.setHeader('WWW-Authenticate', 'Basic realm="example"') res.end('Access denied') } else { res.end('Access granted') } }) // Basic function to validate credentials for example function check (name, pass) { var valid = true // Simple method to prevent short-circut and use timing-safe compare valid = compare(name, 'john') && valid valid = compare(pass, 'secret') && valid return valid } // Listen server.listen(3000) ``` # License [MIT](LICENSE) [coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/basic-auth/master [coveralls-url]: https://coveralls.io/r/jshttp/basic-auth?branch=master [downloads-image]: https://badgen.net/npm/dm/basic-auth [downloads-url]: https://npmjs.org/package/basic-auth [node-version-image]: https://badgen.net/npm/node/basic-auth [node-version-url]: https://nodejs.org/en/download [npm-image]: https://badgen.net/npm/v/basic-auth [npm-url]: https://npmjs.org/package/basic-auth [travis-image]: https://badgen.net/travis/jshttp/basic-auth/master [travis-url]: https://travis-ci.org/jshttp/basic-auth basic-auth-2.0.1/index.js000066400000000000000000000044711335060515700152120ustar00rootroot00000000000000/*! * basic-auth * Copyright(c) 2013 TJ Holowaychuk * Copyright(c) 2014 Jonathan Ong * Copyright(c) 2015-2016 Douglas Christopher Wilson * MIT Licensed */ 'use strict' /** * Module dependencies. * @private */ var Buffer = require('safe-buffer').Buffer /** * Module exports. * @public */ module.exports = auth module.exports.parse = parse /** * RegExp for basic auth credentials * * credentials = auth-scheme 1*SP token68 * auth-scheme = "Basic" ; case insensitive * token68 = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" ) *"=" * @private */ var CREDENTIALS_REGEXP = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9._~+/-]+=*) *$/ /** * RegExp for basic auth user/pass * * user-pass = userid ":" password * userid = * * password = *TEXT * @private */ var USER_PASS_REGEXP = /^([^:]*):(.*)$/ /** * Parse the Authorization header field of a request. * * @param {object} req * @return {object} with .name and .pass * @public */ function auth (req) { if (!req) { throw new TypeError('argument req is required') } if (typeof req !== 'object') { throw new TypeError('argument req is required to be an object') } // get header var header = getAuthorization(req) // parse header return parse(header) } /** * Decode base64 string. * @private */ function decodeBase64 (str) { return Buffer.from(str, 'base64').toString() } /** * Get the Authorization header from request object. * @private */ function getAuthorization (req) { if (!req.headers || typeof req.headers !== 'object') { throw new TypeError('argument req is required to have headers property') } return req.headers.authorization } /** * Parse basic auth to object. * * @param {string} string * @return {object} * @public */ function parse (string) { if (typeof string !== 'string') { return undefined } // parse header var match = CREDENTIALS_REGEXP.exec(string) if (!match) { return undefined } // decode user pass var userPass = USER_PASS_REGEXP.exec(decodeBase64(match[1])) if (!userPass) { return undefined } // return credentials object return new Credentials(userPass[1], userPass[2]) } /** * Object to represent user credentials. * @private */ function Credentials (name, pass) { this.name = name this.pass = pass } basic-auth-2.0.1/package.json000066400000000000000000000020741335060515700160300ustar00rootroot00000000000000{ "name": "basic-auth", "description": "node.js basic auth parser", "version": "2.0.1", "license": "MIT", "keywords": [ "basic", "auth", "authorization", "basicauth" ], "repository": "jshttp/basic-auth", "dependencies": { "safe-buffer": "5.1.2" }, "devDependencies": { "eslint": "5.6.0", "eslint-config-standard": "12.0.0", "eslint-plugin-import": "2.14.0", "eslint-plugin-markdown": "1.0.0-beta.6", "eslint-plugin-node": "7.0.1", "eslint-plugin-promise": "4.0.1", "eslint-plugin-standard": "4.0.0", "istanbul": "0.4.5", "mocha": "5.2.0" }, "files": [ "HISTORY.md", "LICENSE", "index.js" ], "engines": { "node": ">= 0.8" }, "scripts": { "lint": "eslint --plugin markdown --ext js,md .", "test": "mocha --check-leaks --reporter spec --bail", "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot --check-leaks test/", "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter spec --check-leaks test/" } } basic-auth-2.0.1/test/000077500000000000000000000000001335060515700145165ustar00rootroot00000000000000basic-auth-2.0.1/test/.eslintrc.yml000066400000000000000000000000231335060515700171350ustar00rootroot00000000000000env: mocha: true basic-auth-2.0.1/test/basic-auth.js000066400000000000000000000121721335060515700170770ustar00rootroot00000000000000var assert = require('assert') var auth = require('..') function request (authorization) { return { headers: { authorization: authorization } } } describe('auth(req)', function () { describe('arguments', function () { describe('req', function () { it('should be required', function () { assert.throws(auth, /argument req is required/) }) it('should accept a request', function () { var req = request('basic Zm9vOmJhcg==') var creds = auth(req) assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, 'bar') }) it('should reject null', function () { assert.throws(auth.bind(null, null), /argument req is required/) }) it('should reject a number', function () { assert.throws(auth.bind(null, 42), /argument req is required/) }) it('should reject an object without headers', function () { assert.throws(auth.bind(null, {}), /argument req is required/) }) }) }) describe('with no Authorization field', function () { it('should return undefined', function () { var req = request() assert.strictEqual(auth(req), undefined) }) }) describe('with malformed Authorization field', function () { it('should return undefined', function () { var req = request('Something') assert.strictEqual(auth(req), undefined) }) }) describe('with malformed Authorization scheme', function () { it('should return undefined', function () { var req = request('basic_Zm9vOmJhcg==') assert.strictEqual(auth(req), undefined) }) }) describe('with malformed credentials', function () { it('should return undefined', function () { var req = request('basic Zm9vcgo=') assert.strictEqual(auth(req), undefined) }) }) describe('with valid credentials', function () { it('should return .name and .pass', function () { var req = request('basic Zm9vOmJhcg==') var creds = auth(req) assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, 'bar') }) }) describe('with empty password', function () { it('should return .name and .pass', function () { var req = request('basic Zm9vOg==') var creds = auth(req) assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, '') }) }) describe('with empty userid', function () { it('should return .name and .pass', function () { var req = request('basic OnBhc3M=') var creds = auth(req) assert.strictEqual(creds.name, '') assert.strictEqual(creds.pass, 'pass') }) }) describe('with empty userid and pass', function () { it('should return .name and .pass', function () { var req = request('basic Og==') var creds = auth(req) assert.strictEqual(creds.name, '') assert.strictEqual(creds.pass, '') }) }) describe('with colon in pass', function () { it('should return .name and .pass', function () { var req = request('basic Zm9vOnBhc3M6d29yZA==') var creds = auth(req) assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, 'pass:word') }) }) }) describe('auth.parse(string)', function () { describe('with undefined string', function () { it('should return undefined', function () { assert.strictEqual(auth.parse(), undefined) }) }) describe('with malformed string', function () { it('should return undefined', function () { assert.strictEqual(auth.parse('Something'), undefined) }) }) describe('with malformed scheme', function () { it('should return undefined', function () { assert.strictEqual(auth.parse('basic_Zm9vOmJhcg=='), undefined) }) }) describe('with malformed credentials', function () { it('should return undefined', function () { assert.strictEqual(auth.parse('basic Zm9vcgo='), undefined) }) }) describe('with valid credentials', function () { it('should return .name and .pass', function () { var creds = auth.parse('basic Zm9vOmJhcg==') assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, 'bar') }) }) describe('with empty password', function () { it('should return .name and .pass', function () { var creds = auth.parse('basic Zm9vOg==') assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, '') }) }) describe('with empty userid', function () { it('should return .name and .pass', function () { var creds = auth.parse('basic OnBhc3M=') assert.strictEqual(creds.name, '') assert.strictEqual(creds.pass, 'pass') }) }) describe('with empty userid and pass', function () { it('should return .name and .pass', function () { var creds = auth.parse('basic Og==') assert.strictEqual(creds.name, '') assert.strictEqual(creds.pass, '') }) }) describe('with colon in pass', function () { it('should return .name and .pass', function () { var creds = auth.parse('basic Zm9vOnBhc3M6d29yZA==') assert.strictEqual(creds.name, 'foo') assert.strictEqual(creds.pass, 'pass:word') }) }) })