github/skooner
1
0
Fork 0
mirror of https://github.com/skooner-k8s/skooner.git synced 2026-02-14 17:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding ability to pass authorization headers recieved from the GET for the index.html page through to the client

Browse Source
This commit is contained in:
Eric Herbrandson
2019-06-22 15:31:20 -05:00
parent b601e7799f
commit 4b8b23423d
5 changed files with 28 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/index.js
View File

@@ -44,7 +44,7 @@ const app = express();
app.disable('x-powered-by'); // for security reasons, best not to tell attackers too much about our backend
app.use(logging);
if (NODE_ENV !== 'production') app.use(cors());
app.use('/', express.static('public'));
app.use('/', preAuth, express.static('public'));
app.get('/oidc', getOidc);
app.post('/oidc', postOidc);
app.use('/*', proxy(proxySettings));
@@ -53,6 +53,18 @@ app.use(handleErrors);
http.createServer(app).listen(4654);
console.log('Server started');
function preAuth(req, res, next) {
const auth = req.header('Authorization');
// If the request already contains an authorization header, pass it through to the client (as a cookie)
if (auth) {
res.cookie('Authorization', auth, {maxAge: 60, httpOnly: false});
console.log('Authorization header found. Passing through to client.');
}
next();
}
function logging(req, res, next) {
res.once('finish', () => console.log(req.method, req.url, res.statusCode));
next();