Revert "Make realm dynamic (#39)"

This reverts commit 5b1b7d6.

Author: mcollina

README.md

@@ -55,7 +55,7 @@ const authenticate = {realm: 'Westeros'}
 fastify.register(require('fastify-basic-auth'), { validate, authenticate })
 async function validate (username, password, req, reply) {
   if (username !== 'Tyrion' || password !== 'wine') {
-    throw new Error('Winter is coming')
+    return new Error('Winter is coming')
   }
 }
 
@@ -79,7 +79,7 @@ fastify.register(require('fastify-auth'))
 fastify.register(require('fastify-basic-auth'), { validate, authenticate })
 async function validate (username, password, req, reply) {
   if (username !== 'Tyrion' || password !== 'wine') {
-    throw new Error('Winter is coming')
+    return new Error('Winter is coming')
   }
 }
 
@@ -132,33 +132,7 @@ the `validate` function may return a promise, resolving for valid
 requests and rejecting for invalid. This can also be achieved using
 an `async/await` function, and throwing for invalid requests.
 
-It is also possible to override set the `realm` dynamically by returning it
-as the first argument.
-
-```js
-const fastify = require('fastify')()
-const authenticate = {realm: 'Westeros'}
-fastify.register(require('fastify-basic-auth'), { validate, authenticate })
-async function validate (username, password, req, reply) {
-  if (username !== 'Tyrion' || password !== 'Wine') {
-    throw new Error('Winter is coming')
-  }
-
-  // custom realm
-  return 'Lannister'
-}
-
-fastify.after(() => {
-  fastify.route({
-    method: 'GET',
-    url: '/',
-    onRequest: fastify.basicAuth,
-    handler: async (req, reply) => {
-      return { hello: 'world' }
-    }
-  })
-})
-```
+See code above for examples.
 
 ### `authenticate` <Boolean|Object> (optional, default: false)
 
@@ -192,6 +166,7 @@ fastify.register(require('fastify-basic-auth'), {
 })
 ```
 
+
 ## License
 
 Licensed under [MIT](./LICENSE).

index.js

@@ -4,15 +4,20 @@ const fp = require('fastify-plugin')
 const auth = require('basic-auth')
 const { Unauthorized } = require('http-errors')
 
-async function basicPlugin (fastify, opts) {
+function basicPlugin (fastify, opts, next) {
   if (typeof opts.validate !== 'function') {
-    throw new Error('Basic Auth: Missing validate function')
+    return next(new Error('Basic Auth: Missing validate function'))
   }
-  const authenticateHeader = getAuthenticateHeader(opts.authenticate)
+  const authenticateHeader = getAuthenticateHeader(opts.authenticate, next)
   const validate = opts.validate.bind(fastify)
   fastify.decorate('basicAuth', basicAuth)
 
+  next()
+
   function basicAuth (req, reply, next) {
+    if (authenticateHeader) {
+      reply.header(authenticateHeader.key, authenticateHeader.value)
+    }
     const credentials = auth(req)
     if (credentials == null) {
       done(new Unauthorized('Missing or bad formatted authorization header'))
@@ -23,51 +28,39 @@ async function basicPlugin (fastify, opts) {
       }
     }
 
-    function done (err, realm) {
-      // TODO remove in the next major
-      if (typeof err === 'string') {
-        realm = err
-        err = undefined
-      }
-      if (err) {
+    function done (err) {
+      if (err !== undefined) {
         // We set the status code to be 401 if it is not set
         if (!err.statusCode) {
           err.statusCode = 401
         }
         next(err)
       } else {
-        const header = realm ? formatRealm(realm) : authenticateHeader
-        reply.header('WWW-Authenticate', header)
         next()
       }
     }
   }
 }
 
-function getAuthenticateHeader (authenticate) {
+function getAuthenticateHeader (authenticate, next) {
   if (!authenticate) return false
   if (authenticate === true) {
-    return 'Basic'
+    return {
+      key: 'WWW-Authenticate',
+      value: 'Basic'
+    }
   }
   if (typeof authenticate === 'object') {
-    const realm = formatRealm(authenticate.realm)
-    if (realm) {
-      return realm
+    const realm = (authenticate.realm && typeof authenticate.realm === 'string')
+      ? authenticate.realm
+      : ''
+    return {
+      key: 'WWW-Authenticate',
+      value: 'Basic' + (realm ? ` realm="${realm}"` : '')
     }
   }
 
-  throw new Error('Basic Auth: Invalid authenticate option')
-}
-
-function formatRealm (realm) {
-  switch (typeof realm) {
-    case 'undefined':
-      return 'Basic'
-    case 'boolean':
-      return 'Basic'
-    case 'string':
-      return `Basic realm="${realm}"`
-  }
+  next(new Error('Basic Auth: Invalid authenticate option'))
 }
 
 module.exports = fp(basicPlugin, {

test.js

@@ -236,8 +236,8 @@ test('WWW-Authenticate Realm (authenticate: {realm: "example"})', t => {
       authorization: basicAuthHeader('user', 'pwd')
     }
   }, (err, res) => {
-    t.error(err)
     t.equal(res.headers['www-authenticate'], 'Basic realm="example"')
+    t.error(err)
     t.equal(res.statusCode, 200)
   })
 })
@@ -571,26 +571,6 @@ test('Invalid options (authenticate)', t => {
   })
 })
 
-test('Invalid options (realm is a number)', t => {
-  t.plan(1)
-
-  const fastify = Fastify()
-  fastify
-    .register(basicAuth, { validate, authenticate: { realm: 42 } })
-
-  function validate (username, password, req, res, done) {
-    if (username === 'user' && password === 'pwd') {
-      done()
-    } else {
-      done(new Error('Unauthorized'))
-    }
-  }
-
-  fastify.ready(function (err) {
-    t.equal(err.message, 'Basic Auth: Invalid authenticate option')
-  })
-})
-
 test('Invalid options (authenticate realm)', t => {
   t.plan(3)
 
@@ -624,129 +604,8 @@ test('Invalid options (authenticate realm)', t => {
       authorization: basicAuthHeader('user', 'pwd')
     }
   }, (err, res) => {
-    t.error(err)
     t.equal(res.headers['www-authenticate'], 'Basic')
-    t.equal(res.statusCode, 200)
-  })
-})
-
-test('Invalid options (authenticate realm = undefined)', t => {
-  t.plan(3)
-
-  const fastify = Fastify()
-  fastify
-    .register(basicAuth, { validate, authenticate: { realm: undefined } })
-
-  function validate (username, password, req, res, done) {
-    if (username === 'user' && password === 'pwd') {
-      done()
-    } else {
-      done(new Error('Unauthorized'))
-    }
-  }
-
-  fastify.after(() => {
-    fastify.route({
-      method: 'GET',
-      url: '/',
-      preHandler: fastify.basicAuth,
-      handler: (req, reply) => {
-        reply.send({ hello: 'world' })
-      }
-    })
-  })
-
-  fastify.inject({
-    url: '/',
-    method: 'GET',
-    headers: {
-      authorization: basicAuthHeader('user', 'pwd')
-    }
-  }, (err, res) => {
-    t.error(err)
-    t.equal(res.headers['www-authenticate'], 'Basic')
-    t.equal(res.statusCode, 200)
-  })
-})
-
-test('WWW-Authenticate Realm dynamic realm', t => {
-  t.plan(3)
-
-  const fastify = Fastify()
-  const authenticate = {
-    realm: true
-  }
-  fastify.register(basicAuth, { validate, authenticate })
-
-  function validate (username, password, req, res, done) {
-    if (username === 'user' && password === 'pwd') {
-      done(null, 'root')
-    } else {
-      done(new Error('Unauthorized'))
-    }
-  }
-
-  fastify.after(() => {
-    fastify.route({
-      method: 'GET',
-      url: '/',
-      preHandler: fastify.basicAuth,
-      handler: (req, reply) => {
-        reply.send({ hello: 'world' })
-      }
-    })
-  })
-
-  fastify.inject({
-    url: '/',
-    method: 'GET',
-    headers: {
-      authorization: basicAuthHeader('user', 'pwd')
-    }
-  }, (err, res) => {
-    t.error(err)
-    t.equal(res.headers['www-authenticate'], 'Basic realm="root"')
-    t.equal(res.statusCode, 200)
-  })
-})
-
-test('WWW-Authenticate Realm dynamic realm promise', t => {
-  t.plan(3)
-
-  const fastify = Fastify()
-  const authenticate = {
-    realm: true
-  }
-  fastify.register(basicAuth, { validate, authenticate })
-
-  function validate (username, password, req, res) {
-    if (username === 'user' && password === 'pwd') {
-      return Promise.resolve('root')
-    } else {
-      return Promise.reject(new Error('Unauthorized'))
-    }
-  }
-
-  fastify.after(() => {
-    fastify.route({
-      method: 'GET',
-      url: '/',
-      preHandler: fastify.basicAuth,
-      handler: (req, reply) => {
-        reply.send({ hello: 'world' })
-      }
-    })
-  })
-
-  fastify.inject({
-    url: '/',
-    method: 'GET',
-    headers: {
-      authorization: basicAuthHeader('user', 'pwd')
-    }
-  }, (err, res) => {
     t.error(err)
-    t.equal(res.headers['www-authenticate'], 'Basic realm="root"')
     t.equal(res.statusCode, 200)
   })
 })