Implement support for webserver header based auth

This commit is contained in:
Thomas Karolski 2022-03-08 19:24:11 +00:00
parent aa3fe975e7
commit 82a7f0a796

View File

@ -192,6 +192,7 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
} }
mreq.users = getSessionProfiles(session); mreq.users = getSessionProfiles(session);
log.info(`mreq.users: ${mreq.users}`);
// If we haven't set a maxAge yet, set it now. // If we haven't set a maxAge yet, set it now.
if (session && session.cookie && !session.cookie.maxAge) { if (session && session.cookie && !session.cookie.maxAge) {
@ -232,6 +233,7 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
} }
profile = sessionUser && sessionUser.profile || undefined; profile = sessionUser && sessionUser.profile || undefined;
log.info(`profile: ${profile}`);
// If we haven't computed a userId yet, check for one using an email address in the profile. // If we haven't computed a userId yet, check for one using an email address in the profile.
// A user record will be created automatically for emails we've never seen before. // A user record will be created automatically for emails we've never seen before.
@ -245,6 +247,28 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
} }
} }
// Try to determine user based on x-remote-user header
if (!mreq.userId) {
// mreg.headers["x-remote-user"];
// log.info(`mreg.headers: ${JSON.stringify(mreq.headers, null, 4)}`);
if (mreq.headers && mreq.headers["x-remote-user"]) {
const remoteUser = mreq.headers["x-remote-user"].toString();
log.info("Authorized user found");
profile = {
"email": remoteUser,
"name": remoteUser
};
const user = await dbManager.getUserByLoginWithRetry(remoteUser, profile);
if(user) {
mreq.user = user;
mreq.users = [profile];
mreq.userId = user.id;
mreq.userIsAuthorized = true;
}
}
}
// If no userId has been found yet, fall back on anonymous. // If no userId has been found yet, fall back on anonymous.
if (!mreq.userId) { if (!mreq.userId) {
const anon = dbManager.getAnonymousUser(); const anon = dbManager.getAnonymousUser();