Protect logging backend.

2016-05-24 19:40:02 +02:00 · 2016-05-24 19:40:02 +02:00 · 921052dff5
commit 921052dff5
parent 09b01f5ccf
5 changed files with 32 additions and 1 deletions
--- a/server/app.js
+++ b/server/app.js
@ -2,11 +2,27 @@

 angular.module('ffffng').factory('app', function (fs, config, _) {
    var express = require('express');
+    var auth = require('http-auth');
    var bodyParser = require('body-parser');
    var compress = require('compression');

    var app = express();

+    // urls beneath /internal are protected
+    var internalAuth = auth.basic(
+        {
+            realm: "Knotenformular - Intern"
+        },
+        function (username, password, callback) {
+            callback(
+                config.server.internal.active &&
+                username === config.server.internal.user &&
+                password === config.server.internal.password
+            );
+        }
+    );
+    app.use('/internal', auth.connect(internalAuth));
+
    app.use(bodyParser.json());

    var clientDir = __dirname + '/../client';