diff --git a/src/lib/Server.js b/src/lib/Server.js index 7e331ed..40341ee 100644 --- a/src/lib/Server.js +++ b/src/lib/Server.js @@ -37,6 +37,32 @@ const { const requiresPassword = !!PASSWORD || !!PASSWORD_HASH; +/** + * Checks if `password` matches the PASSWORD_HASH. + * + * For backward compatibility it also allows `password` to match the clear text PASSWORD, + * but only if no PASSWORD_HASH is provided. + * + * If both enviornment variables are not set, the password is always invalid. + * + * @param {string} password String to test + * @returns {boolean} true if matching environment, otherwise false + */ +const isPasswordValid = (password) => { + if (typeof password !== 'string') { + return false; + } + + if (PASSWORD_HASH) { + return bcrypt.compareSync(password, PASSWORD_HASH); + } + if (PASSWORD) { + return password === PASSWORD; + } + + return false; +}; + module.exports = class Server { constructor() { @@ -101,7 +127,7 @@ module.exports = class Server { status: 401, message: 'Incorrect Password', }); - }; + } event.node.req.session.authenticated = true; event.node.req.session.save(); @@ -239,32 +265,6 @@ module.exports = class Server { }); }; - /** - * Checks if `password` matches the PASSWORD_HASH. - * - * For backward compatibility it also allows `password` to match the clear text PASSWORD, - * but only if no PASSWORD_HASH is provided. - * - * If both enviornment variables are not set, the password is always invalid. - * - * @param {string} password String to test - * @returns {boolean} true if matching environment, otherwise false - */ - const isPasswordValid = (password) => { - if (typeof password !== 'string') { - return false; - } - - if (!!PASSWORD_HASH) { - return bcrypt.compareSync(password, PASSWORD_HASH); - } - if (!!PASSWORD) { - return password == PASSWORD; - } - - return false; - } - // Static assets const publicDir = '/app/www'; app.use(