Merge pull request #26 from bobisjan/allow-basic-auth

Allow to enable Basic Authentication from FastBoot App Server

Author: tomdale

README.md

@@ -211,3 +211,14 @@ The `subscribe()` method on your notifier is passed a `notify` function.
 If you detect that a new version of your app has been deployed (whether
 via polling or a push notification), call this function to trigger a
 reload.
+
+## Basic Authentication
+
+You can enable Basic Authentication by providing `username` and `password` options:
+
+```js
+let server = new FastBootAppServer({
+  username: 'tomster',
+  password: 'zoey'
+});
+```

src/fastboot-app-server.js

@@ -16,6 +16,8 @@ class FastBootAppServer {
     this.cache = options.cache;
     this.ui = options.ui;
     this.gzip = options.gzip;
+    this.username = options.username;
+    this.password = options.password;
     this.httpServer = options.httpServer;
     this.beforeMiddleware = options.beforeMiddleware;
     this.afterMiddleware = options.afterMiddleware;
@@ -33,6 +35,8 @@ class FastBootAppServer {
         distPath: this.distPath || process.env.FASTBOOT_DIST_PATH,
         cache: this.cache,
         gzip: this.gzip,
+        username: this.username,
+        password: this.password,
         httpServer: this.httpServer,
         beforeMiddleware: this.beforeMiddleware,
         afterMiddleware: this.afterMiddleware

src/worker.js

@@ -11,6 +11,8 @@ class Worker {
     this.ui = options.ui;
     this.cache = options.cache;
     this.gzip = options.gzip;
+    this.username = options.username;
+    this.password = options.password;
     this.beforeMiddleware = options.beforeMiddleware;
     this.afterMiddleware = options.afterMiddleware;
 
@@ -20,6 +22,8 @@ class Worker {
         distPath: this.distPath,
         cache: this.cache,
         gzip: this.gzip,
+        username: this.username,
+        password: this.password,
         beforeMiddleware: this.beforeMiddleware,
         afterMiddleware: this.afterMiddleware,
       });

test/app-server-test.js

@@ -86,7 +86,21 @@ describe("FastBootAppServer", function() {
       .then(response => {
         expect(response.body).to.not.match(/error/);
         expect(response.headers['x-test-header']).to.equal('testing');
+      });
+  });
+
+  it("returns a 401 status code for non-authenticated request", function() {
+    return runServer('auth-app-server')
+      .then(() => request('http://localhost:3000/'))
+      .then(response => {
+        expect(response.statusCode).to.equal(401);
+        expect(response.headers['www-authenticate']).equal('Basic realm=Authorization Required');
       })
+      .then(() => request({ uri: 'http://localhost:3000/', headers: { 'Authorization': 'Basic dG9tc3Rlcjp6b2V5'  }}))
+      .then(response => {
+        expect(response.statusCode).to.equal(200);
+        expect(response.body).to.contain('Welcome to Ember');
+      });
   });
 
 });

test/fixtures/auth-app-server.js

@@ -0,0 +1,13 @@
+'use strict';
+
+var path = require('path');
+var alchemistRequire = require('broccoli-module-alchemist/require');
+var FastBootAppServer = alchemistRequire('fastboot-app-server');
+
+var server = new FastBootAppServer({
+  distPath: path.resolve(__dirname, './basic-app'),
+  username: 'tomster',
+  password: 'zoey'
+});
+
+server.start();