Yoji SHIDARA
null+****@clear*****
Thu Nov 1 17:54:46 JST 2012
Yoji SHIDARA 2012-11-01 17:54:46 +0900 (Thu, 01 Nov 2012) New Revision: 09d5a0adbfa10563edd0acf039179a3144ce207a https://github.com/groonga/gcs-console/commit/09d5a0adbfa10563edd0acf039179a3144ce207a Log: Support basic authorization #17 Modified files: app.js bin/gcs-console test/index.test.js test/test-utils.js Modified: app.js (+16 -6) =================================================================== --- app.js 2012-10-31 18:26:43 +0900 (4187c63) +++ app.js 2012-11-01 17:54:46 +0900 (ae4e8a0) @@ -5,6 +5,16 @@ var express = require('express') var flash = require('connect-flash'); function setupApplication(app) { + var auth = function(req, res, next) { + // middleware that does nothing + next(); + }; + + var user = app.get('user'), password = app.get('password'); + if (user && password) { + auth = express.basicAuth(user, password); + } + app.configure(function(){ app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); @@ -29,12 +39,12 @@ function setupApplication(app) { app.configure('development', function(){ }); - app.get('/', routes.index); - app.get('/domain/:name', routes.domain); - app.get('/domain/:name/search', routes.domainSearch); - app.get('/domain_create', routes.domainCreate); - app.post('/domain_create', routes.domainCreatePost); - app.delete('/domain/:name', routes.domainDelete); + app.get('/', auth, routes.index); + app.get('/domain/:name', auth, routes.domain); + app.get('/domain/:name/search', auth, routes.domainSearch); + app.get('/domain_create', auth, routes.domainCreate); + app.post('/domain_create', auth, routes.domainCreatePost); + app.delete('/domain/:name', auth, routes.domainDelete); } module.exports.setupApplication = setupApplication; Modified: bin/gcs-console (+21 -1) =================================================================== --- bin/gcs-console 2012-10-31 18:26:43 +0900 (15d6ddc) +++ bin/gcs-console 2012-11-01 17:54:46 +0900 (592a286) @@ -10,7 +10,8 @@ var app = express(); var defaults = { port: process.env.GCS_CONSOLE_PORT || 7576, - endpoint: process.env.GCS_CONSOLE_ENDPOINT || 'http://localhost:7575' + endpoint: process.env.GCS_CONSOLE_ENDPOINT || 'http://localhost:7575', + auth: process.env.GCS_CONSOLE_AUTH || '' }; program @@ -23,10 +24,29 @@ program 'Endpoint of Target Server. [' + defaults.endpoint + ']', String, defaults.endpoint) + .option('--auth <user:password>', + 'Request basic authorizatoin', + String) .parse(process.argv); app.set('port', program.port); app.set('endpoint', program.endpoint); + +if (program.auth) { + var match = program.auth.match(/^(.*?):(.*)$/); + if (match) { + var user = match[1], password = match[2]; + app.set('user', user); + app.set('password', password); + console.log('Basic authorization for user <' + user + '> is activated'); + } else { + console.log('You must specify the parameter for --auth in user:password'); + process.exit(-1); + } +} else { + console.log('Basic authorization is not configured. Anyone can control your Groonga CloudSearch Console.'); +} + setupApplication(app); http.createServer(app).listen(app.get('port'), function(){ Modified: test/index.test.js (+41 -0) =================================================================== --- test/index.test.js 2012-10-31 18:26:43 +0900 (4160dfe) +++ test/index.test.js 2012-11-01 17:54:46 +0900 (3148d94) @@ -24,3 +24,44 @@ suite('dashboard', function() { }); }); }); + +suite('Basic auth configured', function() { + var target = new Target({auth: 'user:password'}); + setup(function(done) { + target.setup(done) + }); + teardown(function() { + target.teardown() + }); + + test('GET / without credentials', function(done) { + var browser = new Browser(); + browser.visit(target.rootURL) + .fail(function(error) { + assert.equal(browser.statusCode, 401); + assert.isNotNull(error); + done(); + }); + }) + + test('GET / with wrong password', function(done) { + var browser = new Browser(); + browser.authenticate().basic('user', 'wrong-password'); + browser.visit(target.rootURL) + .fail(function(error) { + assert.equal(browser.statusCode, 401); + assert.isNotNull(error); + done(); + }); + }) + + test('GET / with correct password', function(done) { + var browser = new Browser(); + browser.authenticate().basic('user', 'password'); + browser.visit(target.rootURL) + .then(function() { + assert.ok(browser.success); + done(); + }); + }) +}); Modified: test/test-utils.js (+7 -1) =================================================================== --- test/test-utils.js 2012-10-31 18:26:43 +0900 (84f3022) +++ test/test-utils.js 2012-11-01 17:54:46 +0900 (42d2b28) @@ -19,7 +19,7 @@ function runServer(path, options, callback) { return command; } -var Target = function() { +var Target = function(options) { this.gcsConsolePort = 3335; this.gcsPort = 3334; this.databaseDir = __dirname + '/../test/tmp/gcs'; @@ -27,6 +27,9 @@ var Target = function() { this.gcsPath = __dirname + '/../node_modules/.bin/gcs'; this.gcsConsolePath = __dirname + '/../bin/gcs-console'; this.rootURL = 'http://localhost:' + this.gcsConsolePort + '/'; + if (options) { + this.auth = options.auth; + } }; Target.prototype = { @@ -42,6 +45,9 @@ Target.prototype = { '--port', self.gcsConsolePort, '--endpoint', 'http://localhost:' + self.gcsPort ]; + if (self.auth) { + gcsConsoleOptions = gcsConsoleOptions.concat(['--auth', self.auth]); + } if (!existsSync(self.gcsPath)) { var error = new Error('gcs executable is not found at ' + self.gcsPath + '. You need to setup gcs to test with gcs-console. Run "npm install gcs" (for the latest release) or "npm install git://github.com/groonga/gcs.git" (for the development)'); -------------- next part -------------- HTML����������������������������... Télécharger