From 304de9bd327df82894041c1da4bf7e68d78e9f94 Mon Sep 17 00:00:00 2001 From: Bilal Catic Date: Fri, 24 May 2019 15:42:45 +0200 Subject: [PATCH] use ENV variables --- .gitignore | 2 ++ README.md | 3 +++ environment.env | 2 ++ helpers/auth.js | 22 ++++++++++++++++++++++ package-lock.json | 5 +++++ package.json | 1 + server.js | 19 ++++++------------- 7 files changed, 41 insertions(+), 13 deletions(-) create mode 100644 environment.env create mode 100644 helpers/auth.js diff --git a/.gitignore b/.gitignore index 060587b..1128483 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,5 @@ node_modules npm-debug.log .idea + +.env diff --git a/README.md b/README.md index 5abeebd..14a672e 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,9 @@ NOTE : If migration fails, try executing migrations manually with `npm run migra If everything works correctly, it is possible to connect to database with : `psql -d CrmIntegration -p 5432 -U docker -h localhost` +2. Copy `environment.env` file to `.env` file and make appropriate changes. +`BASIC_AUTH_USERNAME` and `BASIC_AUTH_PASSWORD` are required for functional app. + 3. Start server : `npm run start-server` 4. Start client : `npm run start-client` diff --git a/environment.env b/environment.env new file mode 100644 index 0000000..b602a2b --- /dev/null +++ b/environment.env @@ -0,0 +1,2 @@ +BASIC_AUTH_USERNAME=username +BASIC_AUTH_PASSWORD=password diff --git a/helpers/auth.js b/helpers/auth.js new file mode 100644 index 0000000..76be9bd --- /dev/null +++ b/helpers/auth.js @@ -0,0 +1,22 @@ +'use strict'; +const basicAuth = require('express-basic-auth'); + +function myAuthorizer(username, password) { + if (!process.env.BASIC_AUTH_USERNAME || !process.env.BASIC_AUTH_PASSWORD){ + return false; + } + + const userMatches = basicAuth.safeCompare(username, process.env.BASIC_AUTH_USERNAME); + const passwordMatches = basicAuth.safeCompare(password, process.env.BASIC_AUTH_PASSWORD); + + return userMatches & passwordMatches +} + +function getUnauthorizedResponse(req) { + return 'Forbidden'; +} + +module.exports = { + myAuthorizer, + getUnauthorizedResponse, +}; diff --git a/package-lock.json b/package-lock.json index d89fbdc..f454197 100644 --- a/package-lock.json +++ b/package-lock.json @@ -664,6 +664,11 @@ "is-obj": "^1.0.0" } }, + "dotenv": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-8.0.0.tgz", + "integrity": "sha512-30xVGqjLjiUOArT4+M5q9sYdvuR4riM6yK9wMcas9Vbp6zZa+ocC9dp6QoftuhTPhFAiLK/0C5Ni2nou/Bk8lg==" + }, "dottie": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/dottie/-/dottie-2.0.1.tgz", diff --git a/package.json b/package.json index 266a50c..b7f73a8 100644 --- a/package.json +++ b/package.json @@ -31,6 +31,7 @@ }, "homepage": "https://gitlab.com/saburly/psihologija#README", "dependencies": { + "dotenv": "^8.0.0", "express": "^4.17.0", "express-basic-auth": "^1.2.0", "pg": "^7.11.0", diff --git a/server.js b/server.js index 307a53d..bbb332e 100644 --- a/server.js +++ b/server.js @@ -1,34 +1,26 @@ 'use strict'; +require('dotenv').config(); + const express = require("express"); const basicAuth = require('express-basic-auth'); const path = require('path'); const routes = require('./routes'); +const { myAuthorizer, getUnauthorizedResponse } = require('./helpers/auth'); + const app = express(); const port = process.env.PORT || 5000; -function myAuthorizer(username, password) { - const userMatches = basicAuth.safeCompare(username, 'senadU'); - const passwordMatches = basicAuth.safeCompare(password, 'Tulipan*123*'); - - return userMatches & passwordMatches -} - -function getUnauthorizedResponse(req) { - return 'Forbidden'; -} app.use('/api', routes); + app.use(basicAuth({ authorizer: myAuthorizer, challenge: true, unauthorizedResponse: getUnauthorizedResponse })); - - - //Static file declaration app.use(express.static(path.join(__dirname, 'client/build'))); @@ -44,4 +36,5 @@ app.get('*', (req, res) => { res.sendFile(path.join(__dirname + '/client/public/index.html')); }); + app.listen(port, () => console.log(`App running on port ${port}!`));