-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthorizer.js
40 lines (33 loc) · 981 Bytes
/
authorizer.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
const USERS = [
{
name: 'Tyler',
username: 'tyler',
password: 'abc123'
},
{
name: 'Admin',
username: 'admin',
password: 'admin'
}
]
// super duper basic authorization. Don't even think about using this in prod.
function checkAuthorization(req, res, next) {
let auth = req.headers.authorization
if (auth === undefined) { return res.status(401).end() }
let credentials = decodeCredentials(auth)
let username = parseUsername(credentials)
let password = parsePassword(credentials)
if (USERS.find((x) => x.username === username && x.password === password)) { next() }
res.status(401).end()
}
function decodeCredentials(authHeader) {
let credentials = authHeader.split('Basic ')[1]
return Buffer.from(credentials, 'base64').toString('utf-8')
}
function parseUsername(decodedAuth) {
return decodedAuth.split(':')[0]
}
function parsePassword(decodedAuth) {
return decodedAuth.split(':')[1]
}
module.exports = checkAuthorization