How is authentication supposed to work?

[neilyoung]

In your examples you are not too specific how your authenticate function is supposed to work.

You are just tracing the username/password and proceed.

What am I supposed to do in order to achieve a proper authentication? So far I tried this:

Server

const repos = new Server(path.resolve(__dirname, 'tmp'), {
    autoCreate: true,
    authenticate: ({ type, repo, username, password, headers }, next) => {
        console.log(type, repo, username, password);
        return new Promise((resolve, reject) => {
            if (username === 'foo') {
                return resolve();
            }
            return reject("sorry you don't have access to this content");
        });
    }
});

The client calls this like so:

~/Documents/tmp/git $ git push http://kms:7005/what master
Username for 'http://kms:7005': foo
Password for 'http://foo@kms:7005': 
remote: sorry you don't have access to this content
fatal: Authentication failed for 'http://kms:7005/what/'

I'm getting asked client side for username/password, enter that, but get a rejection. Server side this is logged:

push what undefined undefined

[neilyoung]

OK, figured it out:

const repos = new Server(path.resolve(__dirname, 'tmp'), {
    autoCreate: true,
    authenticate: ({ type, repo, user, headers }, next) => {
        user((username, password) => {
            console.log(username, password);
            if (username == "foo" && password == "bar")
                next()
            else
                next("authentication failed")
        });
    }
});

[felixmariotto]

This definitely needs more doc

[neilyoung]

But it works well :)