Merge pull request #2 from crowi/feature/basic-auth

全体にBasic認証をかける機能を追加

CHANGES.md

@@ -1,100 +1,11 @@
 CHANGES
 ========
 
-## 1.0.3
-
-* Feature: Page access control
-* Fix: Upgrade twbs and fixed popover problem
-
-## 1.0.2
-
-* Feature: Use SCSS instead of LESS
-* Improve: Style of presentation mode
-
-## 1.0.1
-
-* Feature: Printable style
-* Fix: Added tmp dir to repository and set cache dir option to googleapi.
-* Fix: Responsive styles
-* Fix: GitHub linker
-
-## 1.0.0
-
-* Feature: GitHub issue link syntax (`[userOrOrgName/repo#issue]`)
-* Feature: User login restriction and E-mail registration
-    * User can now update the information themselves
-* Feature: Presentation mode (thanks. @riaf)
-* Feature: Hide sidebar
-* Feature: Upload user picture by themselves
-* Improve: styles
-
-### Configurations
-
-* Added `security` section
-    * `security.passwordSeed`
-    * `security.registrationWhiteList`
-    * `security.confidential`
-* Added `aws` section
-    * `aws.bucket`: S3 bucket
-    * `aws.region`: Region
-    * `aws.accessKeyId`
-    * `aws.secretAccessKey`
-
-### B.C.
-
-* Configuration name changed: `app.confidential` to `security.confidential`
-
-
-## 0.9.6
-
-* Fix some bugs
-
-## 0.9.5
+## 1.1.0
 
-* Fix: pager
-* Improve affix style
+* Feature: Basic auth restriction whole pages access.
 
-## 0.9.4
 
-* Feature: Page conflict check
-* Feature: Sticky page header
-* Feature: Search on header and popup
-* Fix: URL detect with x-forwarded-proto header
-
-## 0.9.3
-
-* Feature: Added link create modal: Easy to create today's memo
-* Feature: Generate clickable and copieable link
-* Feature: Page rename
-* Feature: Help modal
-* Fix: Express configuration
-
-## 0.9.2
-
-* Bug Fix: Fatal error on session recover
-
-## 0.9.1
-
-* Update design
-* Upgrade dependencies
-* Compiling LESS and JS files with Grunt
-
-## 0.2.0
-
-* Use revision schema instead of embedded document
-* Show table of contents
-* Preview on editting
-* Insert 4 space when TAB key pressed on editting
-
-
-### Migration
-
-* npm install async
-
-run:
-
-    $ node bin/migration/0.0.1-0.0.2-convert_embedded_object_to_schema.js
-
-## 0.1.0
+## 1.0.3
 
-* Initial Release
+* Initial Release.

app.js

@@ -51,18 +51,20 @@ app.use(express.session({
 }));
 app.use(flash());
 
-config = require('./models/config')(app);
+configModel = require('./models/config')(app);
 
 async.series([
   function (next) {
-    config.getConfigArray(function(err, doc) {
+    configModel.getConfigArray(function(err, doc) {
       app.set('config', doc);
 
       return next();
     });
   }, function (next) {
+    var config = app.set('config');
+
     models = require('./models')(app);
-    models.Config = config;
+    models.Config = configModel;
 
     // configure application
     app.use(function(req, res, next) {
@@ -97,6 +99,16 @@ async.series([
       next();
     });
 
+    app.use(function(req, res, next) {
+      if (config.crowi['security:basicName'] && config.crowi['security:basicSecret']) {
+        return express.basicAuth(
+          config.crowi['security:basicName'],
+          config.crowi['security:basicSecret'])(req, res, next);
+      } else {
+        next();
+      }
+    });
+
     app.use(function(req, res, next) {
       var config = app.set('config');
       if (config.crowi['facebook:appId'] && config.crowi['facebook:secret']) {

form/admin/sec.js

@@ -4,7 +4,9 @@ var form = require('express-form')
   , field = form.field;
 
 module.exports = form(
-  field('settingForm[sec:registrationMode]').required(),
-  field('settingForm[sec:registrationWhiteList]')
+  field('settingForm[security:basicName]'),
+  field('settingForm[security:basicSecret]'),
+  field('settingForm[security:registrationMode]').required(),
+  field('settingForm[security:registrationWhiteList]')
 );
 

lib/middlewares.js

@@ -99,8 +99,7 @@ exports.applicationNotInstalled = function() {
   return function(req, res, next) {
     var config = req.config;
 
-    debug('config.crowi', Object.keys(config.crowi).length);
-    if (Object.keys(config.crowi).length != 0) {
+    if (Object.keys(config.crowi).length !== 0) {
       return res.render('500', { error: 'Application already installed.' });
     }
 

routes/admin.js

@@ -159,8 +159,6 @@ module.exports = function(app) {
   actions.api.appSetting = function(req, res) {
     var form = req.body.settingForm;
 
-    debug("posted form", req.form);
-    debug("posted form", form);
     if (req.form.isValid) {
       Config.updateNamespaceByArray('crowi', form, function(err, config) {
         Config.updateConfigCache('crowi', config)

views/admin/app.html

@@ -68,7 +68,25 @@
       <legend>セキュリティ設定</legend>
 
         <div class="form-group">
-          <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">公開設定</label>
+          <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">Basic認証</label>
+          <div class="col-xs-3">
+            <label for="">ID</label>
+            <input class="form-control" type="text" name="settingForm[security:basicName]"   value="{{ settingForm['security:basicName']|default('') }}">
+          </div>
+          <div class="col-xs-3">
+            <label for="">パスワード</label>
+            <input class="form-control" type="text" name="settingForm[security:basicSecret]" value="{{ settingForm['security:basicSecret']|default('') }}">
+          </div>
+          <div class="col-xs-offset-3 col-xs-9">
+            <p class="help-block">
+              Basic認証を設定すると、ページ全体に共通の認証がかかります。<br>
+              IDとパスワードは暗号化されずに送信されるのでご注意下さい。<br>
+            </p>
+          </div>
+        </div>
+
+        <div class="form-group">
+          <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">登録の制限</label>
           <div class="col-xs-6">
             <select class="form-control" name="settingForm[security:registrationMode]" value="{{ settingForm['security:registrationMode'] }}">
               <option value="Open">公開 (だれでも登録可能)</option>
@@ -81,7 +99,7 @@
 
         <div class="form-group">
           <label for="settingForm[security:registrationWhiteList]" class="col-xs-3 control-label">登録許可メールアドレスの<br>ホワイトリスト</label>
-          <div class="col-xs-6">
+          <div class="col-xs-8">
             <textarea class="form-control" type="textarea" name="settingForm[security:registrationWhiteList]" placeholder="例: @crowi.wiki">{{ settingForm['security:registrationWhiteList']|join('\n') }}</textarea>
             <p class="help-block">登録可能なメールアドレスを制限することができます。例えば、会社で使う場合、<code>@crowi.wiki</code> などと記載すると、その会社のメールアドレスを持っている人のみ登録可能になります。<br>
             1行に1メールアドレス入力してください。</p>