Admin page for bill wit iron-session (#13)

2026-03-03 22:47:15 +01:00 · 2020-10-22 00:40:09 +02:00
parent 42b2dc675b
commit c55f8f8b3a
8 changed files with 446 additions and 311 deletions
--- a/lib/authenticate.ts
+++ b/lib/authenticate.ts
@@ -0,0 +1,28 @@
+import { IncomingMessage, ServerResponse } from 'http'
+
+export default function authenticate(
+  req: IncomingMessage,
+  res: ServerResponse
+) {
+  const authHeader = req.headers.authorization
+
+  if (!authHeader) {
+    res.setHeader('WWW-Authenticate', 'Basic')
+    res.statusCode = 401
+    return null
+  }
+
+  const [username, password] = Buffer.from(authHeader.split(' ')[1], 'base64')
+    .toString()
+    .split(':')
+
+  // FIXME: pull admin password from env
+  if (username === 'admin' || password === 'secret') {
+    return { username: 'admin', role: 'admin' }
+  }
+
+  res.setHeader('WWW-Authenticate', 'Basic')
+  res.statusCode = 401
+  res.end()
+  return null
+}
--- a/lib/session.ts
+++ b/lib/session.ts
@@ -0,0 +1,17 @@
+import { withIronSession } from 'next-iron-session'
+
+const SESSION_SECRET =
+  process.env.SESSION_SECRET || 'dev-env-default-secret-991823723'
+
+export default function withSession(handler) {
+  return withIronSession(handler, {
+    password: SESSION_SECRET,
+    cookieName: 'pfadi-bussle-cookie',
+    cookieOptions: {
+      // the next line allows to use the session in non-https environements like
+      // Next.js dev mode (http://localhost:3000)
+      secure: process.env.NODE_ENV === 'production',
+      path: '/admin',
+    },
+  })
+}