要件
知らないアクセスを簡易的にはじきたくてBASIC認証を簡易的に使いたい。Custom Node node-red-contrib-httpauth もあるけれど、簡易的に実施したい場合。
Flow
[{"id":"ed9fe57c.324f5","type":"http in","z":"7a0185dd.0a030c","name":"","url":"/autht","method":"get","swaggerDoc":"","x":176.5,"y":143.5,"wires":[["73231d07.6fbe64"]]},{"id":"a19a9fce.199a6","type":"http response","z":"7a0185dd.0a030c","name":"","x":504.5,"y":143,"wires":[]},{"id":"73231d07.6fbe64","type":"function","z":"7a0185dd.0a030c","name":"","func":"var auth = msg.req.get('Authorization');\n\nif(auth === undefined) { // 認証情報なし\n msg.statusCode = 401;\n msg.headers = {'WWW-Authenticate':'Basic realm=\\\"SECRET AREA\\\"'};\n msg.payload = \"not auth\";\n}\nelse if (auth.indexOf('Basic ')===0) { // BASIC認証\n msg.base64 = auth.slice(6);\n if(msg.base64 === 'dXNlcjpwYXNzd29yZDEyMw==') { //echo -n 'user:password123' | base64 -e \n msg.statusCode = 200;\n msg.payload = 'logged in';\n }\n else { // 認証情報合ってない\n msg.statusCode = 401;\n msg.headers = {'WWW-Authenticate':'Basic realm=\\\"SECRET AREA\\\"'};\n msg.payload = \"not auth\";\n }\n}\nelse { // 違う認証方法だった \n msg.statusCode = 401;\n msg.headers = {'WWW-Authenticate':'Basic realm=\\\"SECRET AREA\\\"'};\n msg.payload = \"not auth\";\n}\nreturn msg;","outputs":1,"noerr":0,"x":334.5,"y":143.5,"wires":[["a19a9fce.199a6","cf34f627.b61478"]]},{"id":"cf34f627.b61478","type":"debug","z":"7a0185dd.0a030c","name":"","active":true,"console":"false","complete":"base64","x":435.666748046875,"y":90.55555725097656,"wires":[]}]
Function Nodeのコード
function
var auth = msg.req.get('Authorization');
if(auth === undefined) { // 認証情報なし
msg.statusCode = 401;
msg.headers = {'WWW-Authenticate':'Basic realm=\"SECRET AREA\"'};
msg.payload = "not auth";
}
else if (auth.indexOf('Basic ')===0) { // BASIC認証
msg.base64 = auth.slice(6);
if(msg.base64 === 'dXNlcjpwYXNzd29yZDEyMw==') { //echo -n 'user:password123' | base64 -e
msg.statusCode = 200;
msg.payload = 'logged in';
}
else { // 認証情報合ってない
msg.statusCode = 401;
msg.headers = {'WWW-Authenticate':'Basic realm=\"SECRET AREA\"'};
msg.payload = "not auth";
}
}
else { // 違う認証方法だった
msg.statusCode = 401;
msg.headers = {'WWW-Authenticate':'Basic realm=\"SECRET AREA\"'};
msg.payload = "not auth";
}
return msg;