Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var express = require('./node_modules/express')
- var crypto = require('crypto')
- var app = express.createServer(
- express.bodyParser(),
- express.cookieParser(),
- express.session({ secret: 'some sected words' }),
- 'root', __dirname+'/www'
- )
- var users = {
- 'elcuore@gmail.com': {name: 'drago', salt: 'salt', pass: hash('helloworld', 'elcuore@gmail.com')}
- }
- app.use(basic_auth)
- function basic_auth(req, res, next) {
- if(req.session.user) { //разрешаем вход
- next()
- return
- } else if(req.headers.authorization && req.headers.authorization.search('Basic ') === 0) { //пытаемся авторизировать
- var auth = new Buffer(req.headers.authorization.split(' ')[1], 'Base64').toString().split(':')
- if(users[auth[0]] && users[auth[0]].pass == hash(auth[1], auth[0])) {
- req.session.user = users[auth[0]]
- console.log('access allowed for %s', auth[0])
- next()
- return
- }
- console.log('access denied for %s', auth[0])
- }
- res.header('WWW-Authenticate', 'Basic realm="game"')
- res.send('auth required', 401)
- }
- function hash(str, salt) {
- return crypto.createHash('sha256').update(str+salt).digest('hex')
- }
- app.get('/', function(req, res) {
- res.send('welcome '+req.session.user.name)
- })
- app.listen(3000);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement