gnezim
60e2149072
Tasks 16-20: Online Board Tests (Search/Filter, Tabs, Flight List, Details Modal, Time/Date) - Task 16: Search & Filter tests (37 tests) - departure/arrival cities, passenger count, cabin class - Task 17: Arrival/Departure Tabs tests (45 tests) - tab switching, flight display, sorting - Task 18: Flight List View tests (50 tests) - display, sorting, filtering, pagination, loading states - Task 19: Flight Details Modal tests (40 tests) - opening/closing, content display, actions - Task 20: Time & Date Filter tests (43 tests) - date selection, time ranges, calendar navigation Tasks 21-25: Flight Details Tests (Flight Info, Passengers, Seats, Services, Fares) - Task 21: Flight Info Display tests (40 tests) - basic info, airports, route visualization, timeline - Task 22: Passenger Info tests (50 tests) - passenger list, details, services, special requirements - Task 23: Seat Selection tests (50 tests) - seat map, selection, categories, recommendations - Task 24: Service Selection tests (25 tests) - baggage, meals, seats, summary - Task 25: Fare Display tests (55 tests) - fare breakdown, comparisons, discounts, refunds All tests follow AAA pattern and use data-testid selectors matching Angular version. Total: 245 tests across 10 feature suites.
67 lines
2.4 KiB
JavaScript
67 lines
2.4 KiB
JavaScript
// src/middleware/basic-auth/index.ts
|
|
import { HTTPException } from "../../http-exception.js";
|
|
import { auth } from "../../utils/basic-auth.js";
|
|
import { timingSafeEqual } from "../../utils/buffer.js";
|
|
var basicAuth = (options, ...users) => {
|
|
const usernamePasswordInOptions = "username" in options && "password" in options;
|
|
const verifyUserInOptions = "verifyUser" in options;
|
|
if (!(usernamePasswordInOptions || verifyUserInOptions)) {
|
|
throw new Error(
|
|
'basic auth middleware requires options for "username and password" or "verifyUser"'
|
|
);
|
|
}
|
|
if (!options.realm) {
|
|
options.realm = "Secure Area";
|
|
}
|
|
if (!options.invalidUserMessage) {
|
|
options.invalidUserMessage = "Unauthorized";
|
|
}
|
|
if (usernamePasswordInOptions) {
|
|
users.unshift({ username: options.username, password: options.password });
|
|
}
|
|
return async function basicAuth2(ctx, next) {
|
|
const requestUser = auth(ctx.req.raw);
|
|
if (requestUser) {
|
|
if (verifyUserInOptions) {
|
|
if (await options.verifyUser(requestUser.username, requestUser.password, ctx)) {
|
|
if (options.onAuthSuccess) {
|
|
await options.onAuthSuccess(ctx, requestUser.username);
|
|
}
|
|
await next();
|
|
return;
|
|
}
|
|
} else {
|
|
for (const user of users) {
|
|
const [usernameEqual, passwordEqual] = await Promise.all([
|
|
timingSafeEqual(user.username, requestUser.username, options.hashFunction),
|
|
timingSafeEqual(user.password, requestUser.password, options.hashFunction)
|
|
]);
|
|
if (usernameEqual && passwordEqual) {
|
|
if (options.onAuthSuccess) {
|
|
await options.onAuthSuccess(ctx, requestUser.username);
|
|
}
|
|
await next();
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
const status = 401;
|
|
const headers = {
|
|
"WWW-Authenticate": 'Basic realm="' + options.realm?.replace(/"/g, '\\"') + '"'
|
|
};
|
|
const responseMessage = typeof options.invalidUserMessage === "function" ? await options.invalidUserMessage(ctx) : options.invalidUserMessage;
|
|
const res = typeof responseMessage === "string" ? new Response(responseMessage, { status, headers }) : new Response(JSON.stringify(responseMessage), {
|
|
status,
|
|
headers: {
|
|
...headers,
|
|
"content-type": "application/json"
|
|
}
|
|
});
|
|
throw new HTTPException(status, { res });
|
|
};
|
|
};
|
|
export {
|
|
basicAuth
|
|
};
|