@@ -214,69 +214,31 @@ export class LoginProvider {
214214 }
215215 }
216216 const authorization : string = req . headers . authorization ;
217- if ( ! NoderedUtil . IsNullEmpty ( authorization ) && authorization . indexOf ( " " ) > 1 &&
218- ( authorization . toLocaleLowerCase ( ) . startsWith ( "bearer" ) || authorization . toLocaleLowerCase ( ) . startsWith ( "jwt" ) ) ) {
219- const token = authorization . split ( " " ) [ 1 ] ;
220- let user : User = await LoginProvider . validateToken ( token , span ) ;
221- // let user: User = Auth.getUser(token, "dashboard");
222- // if (user == null) {
223- // try {
224- // user = await LoginProvider.validateToken(token, span);
225- // } catch (error) {
226- // }
227- // }
228- if ( user == null ) {
229- try {
230- user = await DBHelper . FindById ( user . _id , undefined , span ) ;
231- } catch ( error ) {
232- }
233- }
234- if ( user != null ) {
235- const allowed = user . roles . filter ( x => x . name == "dashboardusers" || x . name == "admins" ) ;
236- if ( allowed . length > 0 ) {
237- // await Auth.AddUser(user, token, "dashboard");
238- return res . send ( {
239- status : "success" ,
240- display_status : "Success" ,
241- message : "Connection OK"
242- } ) ;
243- } else {
244- console . warn ( "dashboardauth: " + user . username + " is not member of 'dashboardusers' for " + req . url ) ;
245- }
246- }
217+
218+ if ( NoderedUtil . IsNullEmpty ( authorization ) ) {
247219 res . statusCode = 401 ;
220+ res . setHeader ( 'WWW-Authenticate' , 'Basic realm="OpenFlow"' ) ;
248221 res . end ( 'Unauthorized' ) ;
249222 return ;
250223 }
251224
252- // parse login and password from headers
253- const b64auth = ( authorization || '' ) . split ( ' ' ) [ 1 ] || ''
254- // const [login, password] = new Buffer(b64auth, 'base64').toString().split(':')
255- const [ login , password ] = Buffer . from ( b64auth , "base64" ) . toString ( ) . split ( ':' )
256- if ( login && password ) {
257- span ?. setAttribute ( "username" , login ) ;
258- let user : User = await Auth . ValidateByPassword ( login , password , span ) ;
259- // let user: User = Auth.getUser(b64auth, "dashboard");
260- // if (user == null) user = await Auth.ValidateByPassword(login, password, span);
261- if ( user != null ) {
262- const allowed = user . roles . filter ( x => x . name == "dashboardusers" || x . name == "admins" ) ;
263- if ( allowed . length > 0 ) {
264- // Auth.AddUser(user, b64auth, "dashboard");
265- return res . send ( {
266- status : "success" ,
267- display_status : "Success" ,
268- message : "Connection OK"
269- } ) ;
270- } else {
271- console . warn ( "dashboardauth: " + user . username + " is not member of 'dashboardusers' for " + req . url ) ;
272- }
225+ var user : User = await DBHelper . FindByAuthorization ( authorization , null , span ) ;
226+ if ( user != null ) {
227+ const allowed = user . roles . filter ( x => x . name == "dashboardusers" || x . name == "admins" ) ;
228+ if ( allowed . length > 0 ) {
229+ return res . send ( {
230+ status : "success" ,
231+ display_status : "Success" ,
232+ message : "Connection OK"
233+ } ) ;
234+ } else {
235+ console . warn ( "dashboardauth: " + user . username + " is not member of 'dashboardusers' for " + req . url ) ;
273236 }
274- } else {
275- Logger . instanse . warn ( "dashboardauth: Unauthorized, no username/password for " + req . url ) ;
276237 }
277238 res . statusCode = 401 ;
278239 res . setHeader ( 'WWW-Authenticate' , 'Basic realm="OpenFlow"' ) ;
279240 res . end ( 'Unauthorized' ) ;
241+ return ;
280242 } catch ( error ) {
281243 span ?. recordException ( error ) ;
282244 throw error ;
0 commit comments