search

yocontra / smog

HTML5/Node/WebSocket MongoDB panel
MIT License
443 stars 42 forks source link

No authentication system ? #3

Closed syrm closed 12 years ago

syrm commented 12 years ago

There is no authentication system ?

SeanBannister commented 12 years ago

I noticed this as well, however I haven't had a chance to set a password on mongodb to see if this makes it ask for the password.

jsalonen commented 12 years ago

+1

jsalonen commented 12 years ago

I think this should be actually very easy to implemented. I fooled around a little to see what needs to be done. Too bad the build system (build) doesn't work on Windows, which is my preferred development platform.

So basically something like this would need to be done:

Add username and password fields to HTML template at templates/connect.jade, like:

input#username.small-modal-box(type="text", placeholder="Username (optional)", value="")
input#password.small-modal-box(type="password", placeholder="Password (optional)", value="")

Pass data from form to in client/js/routes/connect.coffee

  username = $('#username').val()
  password = $('#password').val()

  server.connect host, port, database, username, password, (err, okay) ->

If username and password are present, run authentication in lib/services/connect.coffee. Not sure about this, but something like:

  dbt.open (err, db) ->
    return res.send err if err?
    res.socket.mongo.database = db

    if not username or not password
      db.admin (err, admin) ->
        return res.send err if err?
        res.socket.mongo.admin = admin
        return res.send null, true      
    else
      db.authenticate username, password, ((err, success) ->
        return res.send err if err?

        db.admin (err, admin) ->
          return res.send err if err?
          res.socket.mongo.admin = admin
          return res.send null, true      
      )
yocontra commented 12 years ago

@jsalonen can you submit those changes as a pull request? Sorry for the delay github didn't notify me of any issues on this repo

jsalonen commented 12 years ago

@Contra I could, but I didn't get your build system running on Windows so I wasn't able to test if it even works :) I'm guessing those snippets could be helpful, but I'm not sure if they are suffient to make the code work.

yocontra commented 12 years ago

I'm switching everything over to mongoskin so you can pass a standard mongoose-style URL vs. putting in everything by hand. mongodb://user:pass@host:port/?options

yocontra commented 12 years ago

Fixed in 0.0.9