sudoxreboot/habitica-self-host
1
0
Fork 0
mirror of https://github.com/sudoxnym/habitica-self-host.git synced 2026-04-14 11:36:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(basic-auth): allow multiple auth pairs (#11204)

Browse source
This commit is contained in:
Sabe Jones 2019-06-04 15:52:25 -05:00 committed by GitHub
parent 74c93955f8
commit 12250a93f1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
config.json.example
View file

@ -61,8 +61,8 @@
"SESSION_SECRET_IV": "12345678912345678912345678912345",
"SESSION_SECRET_KEY": "1234567891234567891234567891234567891234567891234567891234567891",
"SITE_HTTP_AUTH_ENABLED": "false",
"SITE_HTTP_AUTH_PASSWORD": "password",
"SITE_HTTP_AUTH_USERNAME": "admin",
"SITE_HTTP_AUTH_PASSWORDS": "password,wordpass,passkey",
"SITE_HTTP_AUTH_USERNAMES": "admin,tester,contributor",
"SLACK_FLAGGING_FOOTER_LINK": "https://habitrpg.github.io/flag-o-rama/",
"SLACK_FLAGGING_URL": "https://hooks.slack.com/services/id/id/id",
"SLACK_SUBSCRIPTIONS_URL": "https://hooks.slack.com/services/id/id/id",

7
website/server/middlewares/index.js
View file

@ -79,7 +79,12 @@ module.exports = function attachMiddlewares (app, server) {
// The site can require basic HTTP authentication to be accessed
if (ENABLE_HTTP_AUTH) {
const httpBasicAuthUsers = {};
httpBasicAuthUsers[nconf.get('SITE_HTTP_AUTH_USERNAME')] = nconf.get('SITE_HTTP_AUTH_PASSWORD');
const usernames = nconf.get('SITE_HTTP_AUTH_USERNAMES').split(',');
const passwords = nconf.get('SITE_HTTP_AUTH_PASSWORDS').split(',');
usernames.forEach((user, index) => {
httpBasicAuthUsers[user] = passwords[index];
});
app.use(basicAuth({
users: httpBasicAuthUsers,