forked from bigearth/rest.bitbox.earth
-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #356 from Bitcoin-com/stage
v3.2.2
- Loading branch information
Showing
16 changed files
with
2,333 additions
and
904 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
/* | ||
Handle authorization for bypassing rate limits. | ||
This file uses the passport npm library to check the header of each REST API | ||
call for the prescence of a Basic authorization header: | ||
https://en.wikipedia.org/wiki/Basic_access_authentication | ||
If the header is found and validated, the req.locals.proLimit Boolean value | ||
is set and passed to the route-ratelimits.ts middleware. | ||
*/ | ||
"use strict"; | ||
var passport = require("passport"); | ||
var BasicStrategy = require("passport-http").BasicStrategy; | ||
var AnonymousStrategy = require("passport-anonymous"); | ||
// Used for debugging and iterrogating JS objects. | ||
var util = require("util"); | ||
util.inspect.defaultOptions = { depth: 1 }; | ||
var _this; | ||
// Set default rate limit value for testing | ||
var PRO_PASS = process.env.PRO_PASS | ||
? parseInt(process.env.PRO_PASS) | ||
: "BITBOX"; | ||
// Auth Middleware | ||
var AuthMW = /** @class */ (function () { | ||
function AuthMW() { | ||
_this = this; | ||
// Initialize passport for 'anonymous' authentication. | ||
/* | ||
passport.use( | ||
new AnonymousStrategy({ passReqToCallback: true }, function( | ||
req, | ||
username, | ||
password, | ||
done | ||
) { | ||
console.log(`anonymous auth handler triggered.`) | ||
}) | ||
) | ||
*/ | ||
passport.use(new AnonymousStrategy()); | ||
// Initialize passport for 'basic' authentication. | ||
passport.use(new BasicStrategy({ passReqToCallback: true }, function (req, username, password, done) { | ||
//console.log(`req: ${util.inspect(req)}`) | ||
//console.log(`username: ${username}`) | ||
//console.log(`password: ${password}`) | ||
// Create the req.locals property if it does not yet exist. | ||
if (!req.locals) | ||
req.locals = {}; | ||
// Evaluate the username and password and set the rate limit accordingly. | ||
if (username === "BITBOX" && password === PRO_PASS) { | ||
// Success | ||
req.locals.proLimit = true; | ||
} | ||
else { | ||
req.locals.proLimit = false; | ||
} | ||
//console.log(`req.locals: ${util.inspect(req.locals)}`) | ||
return done(null, true); | ||
})); | ||
} | ||
// Middleware called by the route. | ||
AuthMW.prototype.mw = function () { | ||
return passport.authenticate(["basic", "anonymous"], { | ||
session: false | ||
}); | ||
}; | ||
return AuthMW; | ||
}()); | ||
module.exports = AuthMW; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.