Implement support for webserver header based auth

app/server/lib/Authorizer.ts

@@ -192,6 +192,7 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
     }
 
     mreq.users = getSessionProfiles(session);
+    log.info(`mreq.users: ${mreq.users}`);
 
     // If we haven't set a maxAge yet, set it now.
     if (session && session.cookie && !session.cookie.maxAge) {
@@ -232,6 +233,7 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
     }
 
     profile = sessionUser && sessionUser.profile || undefined;
+    log.info(`profile: ${profile}`);
 
     // If we haven't computed a userId yet, check for one using an email address in the profile.
     // A user record will be created automatically for emails we've never seen before.
@@ -245,6 +247,28 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
     }
   }
 
+  // Try to determine user based on x-remote-user header
+  if (!mreq.userId) {
+    // mreg.headers["x-remote-user"];
+    // log.info(`mreg.headers: ${JSON.stringify(mreq.headers, null, 4)}`);
+    if (mreq.headers && mreq.headers["x-remote-user"]) {
+      const remoteUser = mreq.headers["x-remote-user"].toString();
+      log.info("Authorized user found");
+      profile = {
+	      "email": remoteUser,
+	      "name": remoteUser
+      };
+      const user = await dbManager.getUserByLoginWithRetry(remoteUser, profile);
+      if(user) {
+        mreq.user = user;
+	mreq.users = [profile];
+        mreq.userId = user.id;
+        mreq.userIsAuthorized = true;
+      }
+    }
+  }
+
+
   // If no userId has been found yet, fall back on anonymous.
   if (!mreq.userId) {
     const anon = dbManager.getAnonymousUser();