search

electrode-io / electrode-ota-server

Electrode Over The Air Server for hot deployment of React Native and Cordova mobile apps
Other
204 stars 40 forks source link

Simple authentication #25

Closed muratkarakas closed 6 years ago

muratkarakas commented 6 years ago

I succesfully setup and used github auth but I want to use basic username and password validation(provide function or give the valid username/password list).I couldn't find any documentation for this kind of setup (if it is possible).

datvong-wm commented 6 years ago

You can add the "basic" strategy under "electrode-ota-server-auth". Please see example here: https://github.com/electrode-io/electrode-ota-server/tree/master/electrode-ota-server-auth-basic In the example, it uses ldap; you can define your own validate via "electrode-ota-server-auth-validate"

muratkarakas commented 6 years ago

Thanks for your quick response.I was using 1.0.2 of ota server with some custom configuration(security etc.) For new auth setup I change the version to 2.0.0-beta.1 to test the configuration you mentioned but it seems ota server ignores my configuration json file anf gives the following error. Config file name is production.json and placed under config folder where I run "npm start".

npm start

electrode_ota_server@1.0.0 start /Users/murat/DEV/git-alb/demo-api/electrode_ota/src/docker NODE_ENV=production node node_modules/.bin/electrode-ota

(node:33045) [DEP0022] DeprecationWarning: os.tmpDir() is deprecated. Use os.tmpdir() instead.

Register plugins is taking a while - If this takes longer than 10 seconds, then double check your plugins to make sure each one calls next() at the end.

Server will automatically abort after 20 seconds.

The following component(s) have not resolved

ota!scheme -> unresolved[ota!validate]

registered:

ESERVERSTART

This error is thrown by the electrode-server module

There was an error starting the Hapi.js server
Please check the output of the stack trace below and correct the error shown

If you have followed this resolution step and you are still seeing an
error, please file an issue on the electrode-server repository

git+https://github.com/electrode-io/electrode-server.git

Electrode Server register plugins timeout.  Did you forget next() in a plugin?

Unhandled rejection Error: Electrode Server register plugins timeout. Did you forget next() in a plugin? at server.stop (/Users/murat/DEV/git-alb/demo-api/electrode_ota/src/docker/node_modules/electrode-server/lib/electrode-server.js:132:20) at _invoke (/Users/murat/DEV/git-alb/demo-api/electrode_ota/src/docker/node_modules/hapi/lib/server.js:391:28) at module.exports.internals.Server.internals.Server._invoke (/Users/murat/DEV/git-alb/demo-api/electrode_ota/src/docker/node_modules/hapi/lib/server.js:403:16) at Object._events.emit [as callback] (/Users/murat/DEV/git-alb/demo-api/electrode_ota/src/docker/node_modules/hapi/lib/server.js:383:22) at Immediate.setImmediate (/Users/murat/DEV/git-alb/demo-api/electrode_ota/src/docker/node_modules/hapi/node_modules/podium/lib/index.js:165:37) at runCallback (timers.js:789:20) at tryOnImmediate (timers.js:751:5) at processImmediate [as _immediateCallback] (timers.js:722:5)

datvong-wm commented 6 years ago

You'll need to define the validation function. Make a copy of https://github.com/electrode-io/electrode-ota-server/tree/master/electrode-ota-server-auth-validate, and add custom validation.

Here's a sample one, name this file my-custom-auth-validate.js. I copied token and session, and added a third option ldap. Note the function signature of ldap.

const register = diregister.default({
    name: 'ota!validate',
    dependencies: ['ota!account'],
    multiple: false,
    connections: false
}, (options, {validateFunc}) => {

    const token = (name, callback) => validateFunc(name).then(profile => callback(null, true, {
        email: profile.email,
        name
    }), () => callback(null, false));

    // validates existing session
    const session = (request, session, callback) => token(session.token, callback);

    return {
        // name matches "validate" field in "electrode-ota-server-auth" config
        ldap(r, username, password, callback){
            // TODO:
            //      validate username, password
           // credentials objects matches hapijs/bell credentials format.
           // {
           //          provider: 'custom',
           //          query: {},
           //          profile: {
           //                         id: '1234567890',
           //                         username: 'steve',
           //                         displayName: 'steve',
           //                         email: 'steve@example.com'
            //         }
            //   }
            callback(error, isValid, credentials);
        },
        token,
        session
    };
});
module.exports = {register};

Then override the basic auth-validate with your custom one.

"electrode-ota-server-auth-validate": {
     "module": root("lib/my-custom-auth-validate"),
     "options": {}
}

Then use https://github.com/electrode-io/electrode-ota-server/tree/master/electrode-ota-server-auth-basic in your server-auth config.

"electrode-ota-server-auth": {
   "options": {
      "strategy": {
         "basic": {
            "module": "electrode-ota-server-auth-basic",
            "scheme": "basic",
            "validate": "ldap",
            "options": {
                "realm": "My Realm"
            }
         }
      }
   }
}

Note the value of "validate", ldap must match the function returned from my-custom-auth-validate.js.

muratkarakas commented 6 years ago

I've problem with starting ota-server (after that I'will try add sample code you have given, butI still don't know where to put it.) With given package json ota server gives the error above (npm start).

{ "name": "electrode_ota_server", "version": "1.0.0", "description": "electrode ota server for applications", "main": "index.js", "scripts": { "start": "NODE_ENV=production node node_modules/.bin/electrode-ota", "development": "NODE_ENV=development node node_modules/.bin/electrode-ota" }, "author": "", "license": "ISC", "dependencies": { "electrode-ota-server": "^2.0.0-beta.1", "electrode-ota-server-auth-validate": "^2.0.0-beta.1" } }

japreiss commented 6 years ago

I ran into the same thing. Took a while, but you need a different path to electrode-ota to get it to work. I ended up using 

 "scripts": {
    "start": "NODE_ENV=production node ./node_modules/electrode-ota-server",
    "development": "NODE_ENV=development node ./node_modules/electrode-ota-server"
  }

and it worked

dany1 commented 6 years ago

need help for auth with basic username and password.

mikeygee commented 6 years ago

@datvong-wm

you can define your own validate via "electrode-ota-server-auth-validate"

Can you expand on this? I'm not clear on where this code would go. Based on docs, I can only see how to override via the config file.

datvong-wm commented 6 years ago

@dany1 @mikeygee I've updated my example on Nov 15 above. Please let me know if anything else is unclear.

mikeygee commented 6 years ago

@datvong-wm I tried following the instructions, and no matter what I try, I keep getting:

Register plugins is taking a while - If this takes longer than 10 seconds, then 
double check your plugins to make sure each one calls next() at the end.

Server will automatically abort after 20 seconds.

The following component(s) have not resolved

ota!scheme
    -> unresolved[ota!validate]

registered:

Only thing I can think of:

"module": root("lib/my-custom-auth-validate")

I assume that's not the literal code to use? How would I point it to the custom validate file if it's located in the root of the project? Or does it need to be placed somewhere else?

datvong-wm commented 6 years ago 
const root = path.join.bind(path, __dirname, "..");
"module": root("lib/my-custom-auth-validate");

In this example, the file is located in the [root]/lib/my-custom-auth-validate.js.