node-red/red/api/auth/users.js

/**
* Copyright 2015 IBM Corp.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/

var when = require("when");
var util = require("util");
var bcrypt;
try { bcrypt = require('bcrypt'); }
catch(e) { bcrypt = require('bcryptjs'); }
var users = {};
var passwords = {};
var defaultUser = null;

function authenticate(username,password) {
    var user = users[username];
    if (user) {
        return when.promise(function(resolve,reject) {
            bcrypt.compare(password, passwords[username], function(err, res) {
                resolve(res?user:null);
            });
        });
    }
    return when.resolve(null);
}
function get(username) {
    return when.resolve(users[username]);
}
function getDefaultUser() {
    return when.resolve(null);
}

var api = {
    get: get,
    authenticate: authenticate,
    default: getDefaultUser
}

function init(config) {
    users = {};
    passwords = {};
    defaultUser = null;
    if (config.type == "credentials") {
        if (config.users) {
            if (typeof config.users === "function") {
                api.get = config.users;
            } else {
                var us = config.users;
                /* istanbul ignore else */
                if (!util.isArray(us)) {
                    us = [us];
                }
                for (var i=0;i<us.length;i++) {
                    var u = us[i];
                    users[u.username] = {
                        "username":u.username,
                        "permissions":u.permissions
                    };
                    passwords[u.username] = u.password;
                }
            }
        }
        if (config.authenticate && typeof config.authenticate === "function") {
            api.authenticate = config.authenticate;
        } else {
            api.authenticate = authenticate;
        }
    }
    if (config.default) {
        if (typeof config.default === "function") {
            api.default = config.default;
        } else {
            api.default = function() {
                return when.resolve({
                    "anonymous": true,
                    "permissions":config.default.permissions
                });
            }
        }
    } else {
        api.default = getDefaultUser;
    }
}

module.exports = {
    init: init,
    get: function(username) { return api.get(username) },
    authenticate: function(username,password) { return api.authenticate(username,password) },
    default: function() { return api.default(); }
};
Add oauth grant 2014-11-06 23:59:48 +01:00			`/**`
Hide user profile menu 2014-12-10 15:58:53 +01:00			`* Copyright 2015 IBM Corp.`
Allow adminAuth setting to provide functions 2014-12-08 17:20:08 +01:00			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`**/`

Add oauth grant 2014-11-06 23:59:48 +01:00			`var when = require("when");`
Allow adminAuth setting to provide functions 2014-12-08 17:20:08 +01:00			`var util = require("util");`
add bcrypt as optional dependency to speed up Pi, but not force compile on Windows. Fix to close Issue #585 2015-03-19 12:36:48 +01:00			`var bcrypt;`
			`try { bcrypt = require('bcrypt'); }`
			`catch(e) { bcrypt = require('bcryptjs'); }`
Allow adminAuth setting to provide functions 2014-12-08 17:20:08 +01:00			`var users = {};`
			`var passwords = {};`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`var defaultUser = null;`
Add oauth grant 2014-11-06 23:59:48 +01:00
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`function authenticate(username,password) {`
			`var user = users[username];`
			`if (user) {`
Tie auth middleware to needsPermission api 2015-02-06 00:43:35 +01:00			`return when.promise(function(resolve,reject) {`
			`bcrypt.compare(password, passwords[username], function(err, res) {`
			`resolve(res?user:null);`
			`});`
			`});`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`return when.resolve(null);`
			`}`
			`function get(username) {`
			`return when.resolve(users[username]);`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`function getDefaultUser() {`
			`return when.resolve(null);`
			`}`

			`var api = {`
			`get: get,`
			`authenticate: authenticate,`
			`default: getDefaultUser`
			`}`

			`function init(config) {`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`users = {};`
			`passwords = {};`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`defaultUser = null;`
			`if (config.type == "credentials") {`
			`if (config.users) {`
			`if (typeof config.users === "function") {`
			`api.get = config.users;`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`} else {`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`var us = config.users;`
add bcrypt as optional dependency to speed up Pi, but not force compile on Windows. Fix to close Issue #585 2015-03-19 12:36:48 +01:00			`/* istanbul ignore else */`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`if (!util.isArray(us)) {`
			`us = [us];`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`for (var i=0;i<us.length;i++) {`
			`var u = us[i];`
			`users[u.username] = {`
			`"username":u.username,`
			`"permissions":u.permissions`
			`};`
			`passwords[u.username] = u.password;`
Allow adminAuth setting to provide functions 2014-12-08 17:20:08 +01:00			`}`
Add oauth grant 2014-11-06 23:59:48 +01:00			`}`
			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`if (config.authenticate && typeof config.authenticate === "function") {`
			`api.authenticate = config.authenticate;`
			`} else {`
			`api.authenticate = authenticate;`
			`}`
			`}`
			`if (config.default) {`
Allow user.default to be an api function 2015-02-05 11:45:03 +01:00			`if (typeof config.default === "function") {`
			`api.default = config.default;`
			`} else {`
			`api.default = function() {`
			`return when.resolve({`
			`"anonymous": true,`
			`"permissions":config.default.permissions`
			`});`
			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`}`
			`} else {`
			`api.default = getDefaultUser;`
Add oauth grant 2014-11-06 23:59:48 +01:00			`}`
			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`module.exports = {`
			`init: init,`
			`get: function(username) { return api.get(username) },`
			`authenticate: function(username,password) { return api.authenticate(username,password) },`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`default: function() { return api.default(); }`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`};`