2017-04-23 20:02:26 +02:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
let crypto = require('crypto');
|
|
|
|
let crypt3 = require('./crypt3');
|
|
|
|
let md5 = require('apache-md5');
|
|
|
|
let locker = require('../../file-locking');
|
2016-05-01 11:02:01 +02:00
|
|
|
|
|
|
|
// this function neither unlocks file nor closes it
|
|
|
|
// it'll have to be done manually later
|
|
|
|
function lock_and_read(name, cb) {
|
2017-04-23 20:02:26 +02:00
|
|
|
locker.readFile(name, {lock: true}, function(err, res) {
|
2016-05-01 11:02:01 +02:00
|
|
|
if (err) {
|
2017-04-23 20:02:26 +02:00
|
|
|
return cb(err);
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
2017-04-23 20:02:26 +02:00
|
|
|
return cb(null, res);
|
|
|
|
});
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// close and unlock file
|
|
|
|
function unlock_file(name, cb) {
|
2017-04-23 20:02:26 +02:00
|
|
|
locker.unlockFile(name, cb);
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function parse_htpasswd(input) {
|
2017-04-23 20:02:26 +02:00
|
|
|
let result = {};
|
2016-05-01 11:02:01 +02:00
|
|
|
input.split('\n').forEach(function(line) {
|
2017-04-23 20:02:26 +02:00
|
|
|
let args = line.split(':', 3);
|
|
|
|
if (args.length > 1) result[args[0]] = args[1];
|
|
|
|
});
|
|
|
|
return result;
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
function verify_password(user, passwd, hash) {
|
|
|
|
if (hash.indexOf('{PLAIN}') === 0) {
|
2017-04-23 20:02:26 +02:00
|
|
|
return passwd === hash.substr(7);
|
2016-05-01 11:02:01 +02:00
|
|
|
} else if (hash.indexOf('{SHA}') === 0) {
|
2017-04-23 20:02:26 +02:00
|
|
|
return crypto.createHash('sha1').update(passwd, 'binary').digest('base64') === hash.substr(5);
|
2016-05-01 11:02:01 +02:00
|
|
|
} else {
|
2017-01-19 16:14:53 +01:00
|
|
|
return (
|
|
|
|
// for backwards compatibility, first check md5 then check crypt3
|
|
|
|
md5(passwd, hash) === hash ||
|
|
|
|
crypt3(passwd, hash) === hash
|
2017-04-23 20:02:26 +02:00
|
|
|
);
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
function add_user_to_htpasswd(body, user, passwd) {
|
|
|
|
if (user !== encodeURIComponent(user)) {
|
2017-04-23 20:02:26 +02:00
|
|
|
let err = Error('username should not contain non-uri-safe characters');
|
|
|
|
err.status = 409;
|
|
|
|
throw err;
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if (crypt3) {
|
2017-04-23 20:02:26 +02:00
|
|
|
passwd = crypt3(passwd);
|
2016-05-01 11:02:01 +02:00
|
|
|
} else {
|
2017-04-23 20:02:26 +02:00
|
|
|
passwd = '{SHA}' + crypto.createHash('sha1').update(passwd, 'binary').digest('base64');
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
2017-04-23 20:02:26 +02:00
|
|
|
let comment = 'autocreated ' + (new Date()).toJSON();
|
2016-05-01 11:02:01 +02:00
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
let newline = user + ':' + passwd + ':' + comment + '\n';
|
|
|
|
if (body.length && body[body.length-1] !== '\n') newline = '\n' + newline;
|
|
|
|
return body + newline;
|
2016-05-01 11:02:01 +02:00
|
|
|
}
|
|
|
|
|
2017-04-23 20:02:26 +02:00
|
|
|
module.exports.parse_htpasswd = parse_htpasswd;
|
|
|
|
module.exports.verify_password = verify_password;
|
|
|
|
module.exports.add_user_to_htpasswd = add_user_to_htpasswd;
|
|
|
|
module.exports.lock_and_read = lock_and_read;
|
|
|
|
module.exports.unlock_file = unlock_file;
|