opensource/code-server
1
0
Fork 0
mirror of https://github.com/coder/code-server.git synced 2025-08-01 06:23:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixes browser app, adds no-auth (#38)

Browse Source 
* Add no-auth flag

* Install packages for app dir
This commit is contained in:
Kyle Carberry
2019-02-26 16:03:42 -06:00
committed by GitHub
parent a07d0c9c3d
commit be3f0c437f
3 changed files with 79 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
packages/server/src/server.ts
View File

@ -20,7 +20,15 @@ import { handle as handleTunnel } from "@coder/tunnel/src/server";
import { createPortScanner } from "./portScanner";
import { buildDir, isCli } from "./constants";
export const createApp = async (registerMiddleware?: (app: express.Application) => void, options?: ServerOptions, password?: string, httpsOptions?: https.ServerOptions): Promise<{
interface CreateAppOptions {
registerMiddleware?: (app: express.Application) => void;
serverOptions?: ServerOptions;
password?: string;
httpsOptions?: https.ServerOptions;
bypassAuth?: boolean;
}
export const createApp = async (options: CreateAppOptions): Promise<{
readonly express: express.Application;
readonly server: http.Server;
readonly wss: ws.Server;
@ -38,15 +46,26 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
return cookies;
};
const ensureAuthed = (req: http.IncomingMessage, res: express.Response): boolean => {
if (!isAuthed(req)) {
res.status(401);
res.end();
return false;
}
return true;
};
const isAuthed = (req: http.IncomingMessage): boolean => {
try {
if (!password || !isCli) {
if (!options.password || options.bypassAuth) {
return true;
}
// Try/catch placed here just in case
const cookies = parseCookies(req);
if (cookies.password && cookies.password === password) {
if (cookies.password && cookies.password === options.password) {
return true;
}
} catch (ex) {
@ -62,8 +81,8 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
};
const app = express();
if (registerMiddleware) {
registerMiddleware(app);
if (options.registerMiddleware) {
options.registerMiddleware(app);
}
const certs = await new Promise<pem.CertificateCreationResult>((res, rej): void => {
@ -134,7 +153,7 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
onClose: (cb): void => ws.addEventListener("close", () => cb()),
};
const server = new Server(connection, options);
const server = new Server(connection, options.serverOptions);
});
const baseDir = buildDir || path.join(__dirname, "..");
@ -150,6 +169,10 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
}
});
app.get("/resource/:url(*)", async (req, res) => {
if (!ensureAuthed(req, res)) {
return;
}
try {
const fullPath = `/${req.params.url}`;
// const relative = path.relative(options!.dataDirectory, fullPath);
@ -184,6 +207,10 @@ export const createApp = async (registerMiddleware?: (app: express.Application)
}
});
app.post("/resource/:url(*)", async (req, res) => {
if (!ensureAuthed(req, res)) {
return;
}
try {
const fullPath = `/${req.params.url}`;