fixed custom header authentication

2025-10-31 18:36:30 +01:00 · 2021-02-07 21:50:34 +01:00
parent bed7bdfd00
commit be65e2e62f
5 changed files with 19 additions and 22 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -2626,9 +2626,9 @@
      "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0="
    },
    "ejs": {
-      "version": "3.1.5",
-      "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.5.tgz",
-      "integrity": "sha512-dldq3ZfFtgVTJMLjOe+/3sROTzALlL9E34V4/sDtUd/KlBSS0s6U1/+WPE1B4sj9CXHJpL1M6rhNJnc9Wbal9w==",
+      "version": "3.1.6",
+      "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.6.tgz",
+      "integrity": "sha512-9lt9Zse4hPucPkoP7FHDF0LQAlGyF9JVpnClFLFH3aSSbxmyoqINRpp/9wePWJTUl4KOQwRL72Iw3InHPDkoGw==",
      "requires": {
        "jake": "^10.6.1"
      }
@@ -3721,9 +3721,9 @@
      "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw=="
    },
    "filelist": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.1.tgz",
-      "integrity": "sha512-8zSK6Nu0DQIC08mUC46sWGXi+q3GGpKydAG36k+JDba6VRpkevvOWUW5a/PhShij4+vHT9M+ghgG7eM+a9JDUQ==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.2.tgz",
+      "integrity": "sha512-z7O0IS8Plc39rTCq6i6iHxk43duYOn8uFJiWSewIq0Bww1RNybVHSCjahmcC87ZqAm4OTvFzlzeGu3XAzG1ctQ==",
      "requires": {
        "minimatch": "^3.0.4"
      }
@@ -7645,9 +7645,9 @@
      }
    },
    "watchpack": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.1.0.tgz",
-      "integrity": "sha512-UjgD1mqjkG99+3lgG36at4wPnUXNvis2v1utwTgQ43C22c4LD71LsYMExdWXh4HZ+RmW+B0t1Vrg2GpXAkTOQw==",
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.1.1.tgz",
+      "integrity": "sha512-Oo7LXCmc1eE1AjyuSBmtC3+Wy4HcV8PxWh2kP6fOl8yTlNS7r0K9l1ao2lrrUza7V39Y3D/BbJgY8VeSlc5JKw==",
      "dev": true,
      "requires": {
        "glob-to-regexp": "^0.4.1",
@@ -7669,9 +7669,9 @@
      "integrity": "sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w=="
    },
    "webpack": {
-      "version": "5.21.1",
-      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.21.1.tgz",
-      "integrity": "sha512-H/fjQiDETEZDKoZm/LhvDBxOIKf9rfOdqb2pKTHRvBFMIRtwAwYlPCgBd0gc5xiDG5DqkxAiFZgAF/4H41wMuQ==",
+      "version": "5.21.2",
+      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.21.2.tgz",
+      "integrity": "sha512-xHflCenx+AM4uWKX71SWHhxml5aMXdy2tu/vdi4lClm7PADKxlyDAFFN1rEFzNV0MAoPpHtBeJnl/+K6F4QBPg==",
      "dev": true,
      "requires": {
        "@types/eslint-scope": "^3.7.0",
--- a/package.json
+++ b/package.json
@@ -33,7 +33,7 @@
    "cookie-parser": "1.4.5",
    "csurf": "1.11.0",
    "dayjs": "1.10.4",
-    "ejs": "3.1.5",
+    "ejs": "3.1.6",
    "electron-debug": "3.2.0",
    "electron-dl": "3.0.2",
    "electron-find": "1.0.6",
@@ -87,7 +87,7 @@
    "jsdoc": "3.6.6",
    "lorem-ipsum": "2.0.3",
    "rcedit": "3.0.0",
-    "webpack": "5.21.1",
+    "webpack": "5.21.2",
    "webpack-cli": "4.5.0"
  },
  "optionalDependencies": {
--- a/src/services/auth.js
+++ b/src/services/auth.js
@@ -79,8 +79,7 @@ function reject(req, res, message) {

 function checkCredentials(req, res, next) {
    const header = req.headers['trilium-cred'] || '';
-    const token = header.split(/\s+/).pop() || '';
-    const auth = new Buffer.from(token, 'base64').toString();
+    const auth = new Buffer.from(header, 'base64').toString();console.log("auth", auth);
    const [username, password] = auth.split(/:/);

    const dbUsername = optionService.getOption('username');
--- a/src/services/request.js
+++ b/src/services/request.js
@@ -38,9 +38,7 @@ function exec(opts) {
            };

            if (opts.auth) {
-                const token = Buffer.from(opts.auth.user + ":" + opts.auth.pass).toString('base64');
-
-                headers['Authorization'] = `Basic ${token}`;
+                headers['trilium-cred'] = Buffer.from(opts.auth.username + ":" + opts.auth.password).toString('base64');
            }

            const request = client.request({
--- a/src/services/setup.js
+++ b/src/services/setup.js
@@ -70,9 +70,9 @@ async function setupSyncFromSyncServer(syncServerHost, syncProxy, username, pass
        const resp = await request.exec({
            method: 'get',
            url: syncServerHost + '/api/setup/sync-seed',
-            headers: {
-                // not using Authorization header because some proxy servers will filter it out
-                'trilium-cred': Buffer.from(username + ':' + password).toString('base64')
+            auth: {
+                username,
+                password
            },
            proxy: syncProxy,
            timeout: 30000 // seed request should not take long