From ab98ff41ed6c291b7a8f624d0f5464d013084043 Mon Sep 17 00:00:00 2001 From: Nadav Ivgi Date: Tue, 5 Feb 2019 12:14:53 +0200 Subject: [PATCH] Add optional password protection --- README.md | 3 +++ app.js | 7 +++++++ app/auth.js | 11 +++++++++++ bin/cli.js | 11 ++++++----- package.json | 1 + 5 files changed, 28 insertions(+), 5 deletions(-) create mode 100644 app/auth.js diff --git a/README.md b/README.md index a6cbffc..d9a992f 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,9 @@ BTCEXP_IPSTACK_KEY = 0000aaaafffffgggggg BTCEXP_COOKIE_SECRET = 0x000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f ``` +You may enable password protection by setting `BTCEXP_LOGIN=`. +Authenticating is done with http basic auth, using the selected password and an empty (or any) username. + ## Run via Docker 1. `docker build -t btc-rpc-explorer .` diff --git a/app.js b/app.js index 90f638d..1e401cd 100755 --- a/app.js +++ b/app.js @@ -27,6 +27,7 @@ var fs = require('fs'); var electrumApi = require("./app/api/electrumApi.js"); var Influx = require("influx"); var coreApi = require("./app/api/coreApi.js"); +var auth = require('./app/auth.js'); var crawlerBotUserAgentStrings = [ "Googlebot", "Bingbot", "Slurp", "DuckDuckBot", "Baiduspider", "YandexBot", "Sogou", "Exabot", "facebot", "ia_archiver" ]; @@ -46,6 +47,12 @@ app.engine('pug', (path, options, fn) => { app.set('view engine', 'pug'); +// basic http authentication +if (process.env.BTCEXP_LOGIN) { + app.disable('x-powered-by'); + app.use(auth(process.env.BTCEXP_LOGIN)); +} + // uncomment after placing your favicon in /public //app.use(favicon(__dirname + '/public/favicon.ico')); app.use(logger('dev')); diff --git a/app/auth.js b/app/auth.js new file mode 100644 index 0000000..d643716 --- /dev/null +++ b/app/auth.js @@ -0,0 +1,11 @@ +var basicAuth = require('basic-auth'); + +module.exports = pass => (req, res, next) => { + var cred = basicAuth(req); + + if (cred && cred.pass === pass) + return next(); + + res.set('WWW-Authenticate', `Basic realm="Private Area"`) + .sendStatus(401); +} diff --git a/bin/cli.js b/bin/cli.js index 64141f5..b169179 100755 --- a/bin/cli.js +++ b/bin/cli.js @@ -6,6 +6,7 @@ const args = require('meow')(` Options -p, --port port to bind http server [default: 3002] + -l, --login protect web interface with a password [default: no password] --coin crypto-coin to enable [default: BTC] -H, --bitcoind-host hostname for bitcoind rpc [default: 127.0.0.1] @@ -27,9 +28,9 @@ const args = require('meow')(` --influxdb-pass password for influxdb [default: admin] --influxdb-dbname database name for influxdb [default: influxdb] - -e, --node-env nodejs environment mode [default: production] - -h, --help output usage information - -v, --version output version number + -e, --node-env nodejs environment mode [default: production] + -h, --help output usage information + -v, --version output version number Example $ btc-rpc-explorer --port 8080 --bitcoind-port 18443 --bitcoind-cookie ~/.bitcoin/regtest/.cookie @@ -38,10 +39,10 @@ const args = require('meow')(` All options may also be specified as environment variables: $ BTCEXP_PORT=8080 BTCEXP_BITCOIND_PORT=18443 BTCEXP_BITCOIND_COOKIE=~/.bitcoin/regtest/.cookie btc-rpc-explorer -`, { flags: { port: {alias:'p'}, enableInfluxdb: {type:'boolean'}, nodeEnv: {alias:'e', default:'production'} +`, { flags: { port: {alias:'p'}, login: {alias:'l'} , bitcoindHost: {alias:'H'}, bitcoindPort: {alias:'P'}, bitcoindCookie: {alias:'c'} , bitcoindUser: {alias:'u'}, bitcoindPass: {alias:'w'} - , demo: {type:'boolean'} + , demo: {type:'boolean'}, enableInfluxdb: {type:'boolean'}, nodeEnv: {alias:'e', default:'production'} } } ).flags; diff --git a/package.json b/package.json index 89b1ea3..e1a307c 100644 --- a/package.json +++ b/package.json @@ -22,6 +22,7 @@ "url": "git+https://github.com/janoside/btc-rpc-explorer.git" }, "dependencies": { + "basic-auth": "^2.0.1", "bitcoin-core": "2.0.0", "bitcoinjs-lib": "3.3.2", "body-parser": "~1.18.2",