mirror of
https://github.com/node-red/node-red.git
synced 2023-10-10 13:36:53 +02:00
Update the implementation according to the Design notes
This commit is contained in:
parent
b14a0e0dde
commit
cb0e631b85
@ -40,8 +40,9 @@ function init(runtime) {
|
||||
settings = runtime.settings;
|
||||
log = runtime.log;
|
||||
if (settings.adminAuth) {
|
||||
Users.init(settings.adminAuth,settings.apiAccessTokens);
|
||||
Tokens.init(settings.adminAuth,runtime.storage,settings.apiAccessTokens);
|
||||
var mergedAdminAuth = Object.assign(settings.adminAuth, settings.adminAuth.module);
|
||||
Users.init(mergedAdminAuth);
|
||||
Tokens.init(mergedAdminAuth,runtime.storage);
|
||||
strategies.init(runtime);
|
||||
}
|
||||
}
|
||||
@ -81,23 +82,24 @@ function getToken(req,res,next) {
|
||||
function login(req,res) {
|
||||
var response = {};
|
||||
if (settings.adminAuth) {
|
||||
if (settings.adminAuth.type === "credentials") {
|
||||
var mergedAdminAuth = Object.assign(settings.adminAuth, settings.adminAuth.module);
|
||||
if (mergedAdminAuth.type === "credentials") {
|
||||
response = {
|
||||
"type":"credentials",
|
||||
"prompts":[{id:"username",type:"text",label:"user.username"},{id:"password",type:"password",label:"user.password"}]
|
||||
}
|
||||
} else if (settings.adminAuth.type === "strategy") {
|
||||
} else if (mergedAdminAuth.type === "strategy") {
|
||||
|
||||
var urlPrefix = (settings.httpAdminRoot==='/')?"":settings.httpAdminRoot;
|
||||
response = {
|
||||
"type":"strategy",
|
||||
"prompts":[{type:"button",label:settings.adminAuth.strategy.label, url: urlPrefix + "auth/strategy"}]
|
||||
"prompts":[{type:"button",label:mergedAdminAuth.strategy.label, url: urlPrefix + "auth/strategy"}]
|
||||
}
|
||||
if (settings.adminAuth.strategy.icon) {
|
||||
response.prompts[0].icon = settings.adminAuth.strategy.icon;
|
||||
if (mergedAdminAuth.strategy.icon) {
|
||||
response.prompts[0].icon = mergedAdminAuth.strategy.icon;
|
||||
}
|
||||
if (settings.adminAuth.strategy.image) {
|
||||
response.prompts[0].image = theme.serveFile('/login/',settings.adminAuth.strategy.image);
|
||||
if (mergedAdminAuth.strategy.image) {
|
||||
response.prompts[0].image = theme.serveFile('/login/',mergedAdminAuth.strategy.image);
|
||||
}
|
||||
}
|
||||
if (theme.context().login && theme.context().login.image) {
|
||||
|
@ -63,7 +63,7 @@ function loadSessions() {
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
init: function(adminAuthSettings, _storage, apiAccessTokensSettings) {
|
||||
init: function(adminAuthSettings, _storage) {
|
||||
storage = _storage;
|
||||
sessionExpiryTime = adminAuthSettings.sessionExpiryTime || 604800; // 1 week in seconds
|
||||
// At this point, storage will not have been initialised, so defer loading
|
||||
@ -71,11 +71,11 @@ module.exports = {
|
||||
loadedSessions = null;
|
||||
|
||||
apiAccessTokens = {};
|
||||
if ( Array.isArray(apiAccessTokensSettings) ) {
|
||||
apiAccessTokens = apiAccessTokensSettings.reduce(function(prev, current) {
|
||||
if ( Array.isArray(adminAuthSettings.tokens) ) {
|
||||
apiAccessTokens = adminAuthSettings.tokens.reduce(function(prev, current) {
|
||||
prev[current.token] = {
|
||||
user: current.username,
|
||||
scope: current.permissions
|
||||
user: current.user,
|
||||
scope: current.scope
|
||||
};
|
||||
return prev;
|
||||
}, {});
|
||||
|
@ -57,35 +57,18 @@ function getDefaultUser() {
|
||||
}
|
||||
|
||||
var api = {
|
||||
get: wrapperGetUserFromSettings(get),
|
||||
get: get,
|
||||
authenticate: authenticate,
|
||||
default: getDefaultUser
|
||||
}
|
||||
|
||||
var apiAccessUsers = {};
|
||||
function wrapperGetUserFromSettings (getFunc) {
|
||||
return function (username) {
|
||||
if (apiAccessUsers[username]) {
|
||||
return Promise.resolve(apiAccessUsers[username]);
|
||||
} else {
|
||||
return getFunc(username);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
function init(config, apiAccessTokensSettings) {
|
||||
function init(config) {
|
||||
users = {};
|
||||
defaultUser = null;
|
||||
apiAccessUsers = apiAccessTokensSettings.reduce(function (prev, current) {
|
||||
if (current.username) {
|
||||
prev[current.username] = current.username;
|
||||
}
|
||||
return prev;
|
||||
}, {});
|
||||
if (config.type == "credentials" || config.type == "strategy") {
|
||||
if (config.users) {
|
||||
if (typeof config.users === "function") {
|
||||
api.get = wrapperGetUserFromSettings(config.users);
|
||||
api.get = config.users;
|
||||
} else {
|
||||
var us = config.users;
|
||||
/* istanbul ignore else */
|
||||
|
19
settings.js
19
settings.js
@ -124,6 +124,25 @@ module.exports = {
|
||||
// }]
|
||||
//},
|
||||
|
||||
// If you would like to use not only this access token feature but also a Node-RED
|
||||
// plugin module for authenticatiing users such as node-red-auth-github,
|
||||
// you can define the module in adminAuth.module property.
|
||||
//adminAuth: {
|
||||
// module: require('node-red-auth-github')({
|
||||
// clientID: GITHUB_CLIENT_ID,
|
||||
// clientSecret: GITHUB_CLIENT_SECRET,
|
||||
// baseURL: "http://localhost:1880/",
|
||||
// users: [
|
||||
// { username: "knolleary",permissions: ["*"]}
|
||||
// ]
|
||||
// })
|
||||
// tokens: [{
|
||||
// token: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ",
|
||||
// user: "knolleary",
|
||||
// scope: ["*"]
|
||||
// }]
|
||||
//},
|
||||
|
||||
// To password protect the node-defined HTTP endpoints (httpNodeRoot), or
|
||||
// the static content (httpStatic), the following properties can be used.
|
||||
// The pass field is a bcrypt hash of the password.
|
||||
|
Loading…
Reference in New Issue
Block a user