Add basic authentication.

Author: pedson

server/configuration.ts

@@ -1,16 +1,19 @@
 import {isNullOrUndefined} from "util";
 
 const configurations = {
-        port: 6101,
-        internalApiBase: "/api/v1/internal/",
-        graphQLHostname: "pipeline-api",
-        graphQLPort: 6001,
-        graphQlEndpoint: "/graphql",
-        thumbsHostname:  "pipeline-api",
-        thumbsPort:  6001,
-        thumbsPath:  "/thumbnail",
-        buildVersion: 5,
-        isActivePipeline: true
+    port: 6101,
+    internalApiBase: "/api/v1/internal/",
+    graphQLHostname: "pipeline-api",
+    graphQLPort: 6001,
+    graphQlEndpoint: "/graphql",
+    thumbsHostname: "pipeline-api",
+    thumbsPort: 6001,
+    thumbsPath: "/thumbnail",
+    authRequired: true,
+    authUser: "mouselight",
+    authPassword: "auth_secret", // always override this, but in the event env is not set, don't leave completely open.
+    buildVersion: 5,
+    isActivePipeline: true
 };
 
 function loadServerOptions() {
@@ -22,6 +25,9 @@ function loadServerOptions() {
     options.thumbsHostname = process.env.PIPELINE_THUMBS_HOST || process.env.PIPELINE_API_HOST || options.thumbsHostname;
     options.thumbsPort = parseInt(process.env.PIPELINE_THUMBS_PORT) || parseInt(process.env.PIPELINE_API_PORT) || options.thumbsPort;
     options.thumbsPath = process.env.PIPELINE_THUMBS_PATH || options.thumbsPath;
+    options.authRequired = process.env.PIPELINE_AUTH_REQUIRED !== "false";
+    options.authUser = process.env.PIPELINE_AUTH_USER || options.authUser;
+    options.authPassword = process.env.PIPELINE_AUTH_PASS || options.authPassword;
 
     if (!isNullOrUndefined(process.env.PIPELINE_IS_ACTIVE) && process.env.PIPELINE_IS_ACTIVE.length > 0) {
         options.isActivePipeline = parseInt(process.env.PIPELINE_IS_ACTIVE) > 0;

server/pipelineClientServer.ts

@@ -3,7 +3,8 @@ import * as os from "os";
 const express = require("express");
 import * as http from "http";
 import * as proxy from "express-http-proxy";
-
+const passport = require("passport");
+const DigestStrategy = require("passport-http").DigestStrategy;
 
 const debug = require("debug")("pipeline-api:server");
 
@@ -27,6 +28,28 @@ const hostname = process.env.NODE_ENV == "production" ? os.hostname() : "localho
 
 let socketIoPortOffset: number = 0;
 
+passport.use(new DigestStrategy({qop: 'auth'},
+    function (username: any, done: any) {
+        if (username === Configuration.authUser) {
+            return done(null, {id: 1, name: username}, Configuration.authPassword);
+        } else {
+            return done("Invalid user", null);
+        }
+    },
+    function (params: any, done: any) {
+        // validate nonce as necessary
+        done(null, true)
+    }
+));
+
+passport.serializeUser(function (user: any, done: any) {
+    done(null, user.id);
+});
+
+passport.deserializeUser(function (id: any, done: any) {
+    done(null, {id: 1, name: Configuration.authUser});
+});
+
 startExpressServer();
 
 function startExpressServer() {
@@ -48,14 +71,20 @@ function startExpressServer() {
 
         app = express();
 
+        if (Configuration.authRequired) {
+            app.use(passport.initialize());
+
+            app.get("/", passport.authenticate('digest', {session: false}), (request: any, response: any, next: any) => {
+                next();
+            });
+        }
+
         app.use(express.static(rootPath));
 
         app.post("/graphql", proxy(apiUri + "/graphql"));
 
         app.use("/thumbnail", proxy(apiUri + "/thumbnail"));
 
-        // app.use("/thumbnailData", proxy(apiUri + "/thumbnailData"));
-
         app.use(`${Configuration.internalApiBase}serverConfiguration`, serverConfiguration);
 
         app.use("/", (req, res) => {
@@ -126,12 +155,9 @@ function devServer() {
             },
             "/thumbnail": {
                 target: apiUri
-            },
-            // "/thumbnailData": {
-            //       target: apiUri
-            // }
+            }
         },
-        contentBase: path.resolve(path.join(__dirname, "..", "public")),
+        contentBase: path.resolve(path.join(__dirname, "..")),
         disableHostCheck: true,
         publicPath: webpackConfig.output.publicPath,
         // hot: true,

webpack.dev.config.ts

@@ -1,6 +1,6 @@
 import * as path from "path";
 
-const dist = path.join(__dirname, "public");
+const dist = path.join(__dirname);
 
 module.exports = {
     entry: [