mirror of
https://github.com/Jermolene/TiddlyWiki5.git
synced 2025-12-06 02:30:46 -08:00
7944f42467
* Move Node.js specific files out of the core plugin * Package server files as new $:/core-server plugin * Missed commander.js * Fix crash in browser * Extend server-only mechanism to be usable by other plugins * in * Revert "Extend server-only mechanism to be usable by other plugins" This reverts commit3faf503073. * Revert "in" This reverts commitb80213128f. * Reapply "Extend server-only mechanism to be usable by other plugins" This reverts commitc6c83bc18b. * Fix test failure * Move filesystem utilities into core-server * Move old-style release notes out of the way * Move the 5.4.0 release note into the right place * Revert "Move the 5.4.0 release note into the right place" This reverts commit3f5c2bfba3. * Revert "Move old-style release notes out of the way" This reverts commitee16e48a43.
45 lines
1.4 KiB
JavaScript
45 lines
1.4 KiB
JavaScript
/*\
|
|
title: $:/core/modules/server/authenticators/header.js
|
|
type: application/javascript
|
|
module-type: authenticator
|
|
|
|
Authenticator for trusted header authentication
|
|
|
|
\*/
|
|
|
|
"use strict";
|
|
|
|
function HeaderAuthenticator(server) {
|
|
this.server = server;
|
|
this.header = server.get("authenticated-user-header") ? server.get("authenticated-user-header").toLowerCase() : undefined;
|
|
}
|
|
|
|
/*
|
|
Returns true if the authenticator is active, false if it is inactive, or a string if there is an error
|
|
*/
|
|
HeaderAuthenticator.prototype.init = function() {
|
|
return !!this.header;
|
|
};
|
|
|
|
/*
|
|
Returns true if the request is authenticated and assigns the "authenticatedUsername" state variable.
|
|
Returns false if the request couldn't be authenticated having sent an appropriate response to the browser
|
|
*/
|
|
HeaderAuthenticator.prototype.authenticateRequest = function(request,response,state) {
|
|
// Otherwise, authenticate as the username in the specified header
|
|
var username = request.headers[this.header];
|
|
if(!username && !state.allowAnon) {
|
|
response.writeHead(401,"Authorization header required to login to '" + state.server.servername + "'");
|
|
response.end();
|
|
return false;
|
|
} else {
|
|
// authenticatedUsername will be undefined for anonymous users
|
|
if(username) {
|
|
state.authenticatedUsername = $tw.utils.decodeURIComponentSafe(username);
|
|
}
|
|
return true;
|
|
}
|
|
};
|
|
|
|
exports.AuthenticatorClass = HeaderAuthenticator;
|
|
|