Add admin api authentication function

2025-03-01 10:36:34 +00:00 · 2020-02-26 12:59:40 +09:00
parent 4f9395e881
commit bba6855872
5 changed files with 112 additions and 4 deletions
--- a/packages/node_modules/@node-red/editor-api/lib/auth/index.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/index.js
@@ -36,6 +36,7 @@ var log = require("@node-red/util").log; // TODO: separate module
 passport.use(strategies.bearerStrategy.BearerStrategy);
 passport.use(strategies.clientPasswordStrategy.ClientPasswordStrategy);
 passport.use(strategies.anonymousStrategy);
+passport.use(strategies.tokensStrategy);

 var server = oauth2orize.createServer();

@@ -60,7 +61,7 @@ function init(_settings,storage) {
 function needsPermission(permission) {
    return function(req,res,next) {
        if (settings && settings.adminAuth) {
-            return passport.authenticate(['bearer','anon'],{ session: false })(req,res,function() {
+            return passport.authenticate(['bearer','anon','tokens'],{ session: false })(req,res,function() {
                if (!req.user) {
                    return next();
                }