Require authentication again when first attempt failed. (#4)

* Require authentication again when first attempt failed. In firefox, upon bad authentication (with wrong credentials), MesosTerm was then always returning a 401 error with a page containing the message "Unauthorized". From this time on, ao authentication request was pushed to the user anymore and therefore there was no way for him/her to fix the credentials. The only workaround was to clear the browser cache. * Remove bad tsc dependency.
criteo · Jan 5, 2019 · 98ce2a9 · 98ce2a9
1 parent 537a6f6
commit 98ce2a9
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 2 deletions.
diff --git a/package.json b/package.json
@@ -55,7 +55,6 @@
     "selenium-webdriver": "^4.0.0-alpha.1",
     "sinon": "^5.0.7",
     "ts-node": "^6.0.3",
-    "tsc": "^1.20150623.0",
     "tslint": "^5.10.0",
     "tslint-eslint-rules": "^5.3.1",
     "typescript": "^2.8.3"

diff --git a/src/authentication.ts b/src/authentication.ts
@@ -45,7 +45,23 @@ export default function(app: Express.Application) {
 
   app.use(passport.initialize());
   app.use(protectWithBasicAuth);
-  app.use(passport.authenticate('ldapauth', {session: true}));
+  app.use((req, res, next) => {
+    passport.authenticate('ldapauth', {session: true}, (err: Error, user: any, info: any) => {
+      if (err) {
+        return next(err);
+      }
+
+      if (!user) {
+        res.status(401);
+        res.header('WWW-Authenticate', 'Basic realm="must be authenticated"');
+        res.send('Unauthenticated');
+        return;
+      }
+
+      req.user = user;
+      next();
+    })(req, res, next);
+  });
 
   passport.use(new LdapStrategy(options));
 }