mirror of
https://github.com/bigcapitalhq/bigcapital.git
synced 2026-02-17 13:20:31 +00:00
feat(server): add bull ui board
This commit is contained in:
59
packages/server/src/middleware/bull-board-auth.middleware.ts
Normal file
59
packages/server/src/middleware/bull-board-auth.middleware.ts
Normal file
@@ -0,0 +1,59 @@
|
||||
import { Request, Response, NextFunction } from 'express';
|
||||
|
||||
/**
|
||||
* Creates Express middleware for the Bull Board UI:
|
||||
* - When disabled: responds with 404.
|
||||
* - When enabled and username/password are set: enforces HTTP Basic Auth (401 if invalid).
|
||||
* - When enabled and credentials are not set: allows access (no auth).
|
||||
*/
|
||||
export function createBullBoardAuthMiddleware(
|
||||
enabled: boolean,
|
||||
username: string | undefined,
|
||||
password: string | undefined,
|
||||
): (req: Request, res: Response, next: NextFunction) => void {
|
||||
return (req: Request, res: Response, next: NextFunction) => {
|
||||
if (!enabled) {
|
||||
res.status(404).send('Not Found');
|
||||
return;
|
||||
}
|
||||
|
||||
if (!username || !password) {
|
||||
return next();
|
||||
}
|
||||
|
||||
const authHeader = req.headers.authorization;
|
||||
if (!authHeader || !authHeader.startsWith('Basic ')) {
|
||||
res.setHeader('WWW-Authenticate', 'Basic realm="Bull Board"');
|
||||
res.status(401).send('Authentication required');
|
||||
return;
|
||||
}
|
||||
|
||||
const base64Credentials = authHeader.slice(6);
|
||||
let decoded: string;
|
||||
try {
|
||||
decoded = Buffer.from(base64Credentials, 'base64').toString('utf8');
|
||||
} catch {
|
||||
res.setHeader('WWW-Authenticate', 'Basic realm="Bull Board"');
|
||||
res.status(401).send('Invalid credentials');
|
||||
return;
|
||||
}
|
||||
|
||||
const colonIndex = decoded.indexOf(':');
|
||||
if (colonIndex === -1) {
|
||||
res.setHeader('WWW-Authenticate', 'Basic realm="Bull Board"');
|
||||
res.status(401).send('Invalid credentials');
|
||||
return;
|
||||
}
|
||||
|
||||
const reqUsername = decoded.slice(0, colonIndex);
|
||||
const reqPassword = decoded.slice(colonIndex + 1);
|
||||
|
||||
if (reqUsername !== username || reqPassword !== password) {
|
||||
res.setHeader('WWW-Authenticate', 'Basic realm="Bull Board"');
|
||||
res.status(401).send('Invalid credentials');
|
||||
return;
|
||||
}
|
||||
|
||||
next();
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user