From 81486f412f614990a21eb36de1ce1832604b5147 Mon Sep 17 00:00:00 2001
From: Alex Kocharin <alex@kocharin.ru>
Date: Thu, 26 Jun 2014 19:23:21 +0400
Subject: [PATCH] make authentication function async

---
 lib/config.js     |  6 +++---
 lib/index.js      |  4 ++--
 lib/middleware.js | 21 ++++++++++++---------
 3 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/lib/config.js b/lib/config.js
index 593518b3d..3452a56b3 100644
--- a/lib/config.js
+++ b/lib/config.js
@@ -146,9 +146,9 @@ Config.prototype.get_package_setting = function(package, setting) {
 	return undefined
 }
 
-Config.prototype.authenticate = function(user, password) {
-	if (this.users[user] == null) return false
-	return crypto.createHash('sha1').update(password).digest('hex') === this.users[user].password
+Config.prototype.authenticate = function(user, password, cb) {
+	if (this.users[user] == null) return cb(null, false)
+	return cb(null, crypto.createHash('sha1').update(password).digest('hex') === this.users[user].password)
 }
 
 module.exports = Config
diff --git a/lib/index.js b/lib/index.js
index 3cce3f2d6..964d48021 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -89,8 +89,8 @@ module.exports = function(config_hash) {
 		next()
 	})
 	app.use(Cats.middleware)
-	app.use(basic_auth(function(user, pass) {
-		return config.authenticate(user, pass)
+	app.use(basic_auth(function(user, pass, cb) {
+		config.authenticate(user, pass, cb)
 	}))
 	app.use(express.json({strict: false, limit: config.max_body_size || '10mb'}))
 	app.use(express.compress())
diff --git a/lib/middleware.js b/lib/middleware.js
index 629da8c8a..ca5d89a9f 100644
--- a/lib/middleware.js
+++ b/lib/middleware.js
@@ -76,15 +76,18 @@ module.exports.basic_auth = function basic_auth(callback) {
 		var user = credentials.slice(0, index)
 		  , pass = credentials.slice(index + 1)
 
-		if (callback(user, pass)) {
-			req.remoteUser = user
-			next()
-		} else {
-			next({
-				status: 403,
-				msg: 'bad username/password, access denied',
-			})
-		}
+		callback(user, pass, function(err, is_ok) {
+			if (err) return next(err)
+			if (is_ok) {
+				req.remoteUser = user
+				next()
+			} else {
+				next({
+					status: 403,
+					msg: 'bad username/password, access denied',
+				})
+			}
+		})
 	}
 }