aidio-description/dist/server/middleware/auth.js

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.basicAuth = basicAuth;
const AUTH_USERNAME = process.env.SERVER_USERNAME || 'admin';
const AUTH_PASSWORD = process.env.SERVER_PASSWORD || 'aidio2024';
function basicAuth(req, res, next) {
    // Allow login/check endpoints and all non-API routes (static files, HTML)
    if (req.path === '/api/auth/login' || req.path === '/api/auth/check' || !req.path.startsWith('/api/')) {
        next();
        return;
    }
    // Support token via query param for SSE (EventSource doesn't support custom headers)
    let authHeader = req.headers.authorization;
    if (!authHeader && req.query.token) {
        const token = Array.isArray(req.query.token) ? req.query.token[0] : req.query.token;
        authHeader = `Basic ${token}`;
    }
    if (!authHeader || !authHeader.startsWith('Basic ')) {
        res.setHeader('WWW-Authenticate', 'Basic realm="Audio Description Server"');
        res.status(401).json({ error: 'Authentication required' });
        return;
    }
    const credentials = Buffer.from(authHeader.slice(6), 'base64').toString('utf-8');
    const [username, password] = credentials.split(':');
    if (username === AUTH_USERNAME && password === AUTH_PASSWORD) {
        next();
        return;
    }
    res.setHeader('WWW-Authenticate', 'Basic realm="Audio Description Server"');
    res.status(401).json({ error: 'Invalid credentials' });
}
//# sourceMappingURL=auth.js.map
Rewrite frontend as single self-contained HTML file — all CSS/JS inline, no external files to fail loading 2026-05-13 17:24:10 +02:00			`"use strict";`
			`Object.defineProperty(exports, "__esModule", { value: true });`
			`exports.basicAuth = basicAuth;`
			`const AUTH_USERNAME = process.env.SERVER_USERNAME \|\| 'admin';`
			`const AUTH_PASSWORD = process.env.SERVER_PASSWORD \|\| 'aidio2024';`
			`function basicAuth(req, res, next) {`
			`// Allow login/check endpoints and all non-API routes (static files, HTML)`
			`if (req.path === '/api/auth/login' \|\| req.path === '/api/auth/check' \|\| !req.path.startsWith('/api/')) {`
			`next();`
			`return;`
			`}`
			`// Support token via query param for SSE (EventSource doesn't support custom headers)`
			`let authHeader = req.headers.authorization;`
			`if (!authHeader && req.query.token) {`
			`const token = Array.isArray(req.query.token) ? req.query.token[0] : req.query.token;`
			authHeader = `Basic ${token}`;
			`}`
			`if (!authHeader \|\| !authHeader.startsWith('Basic ')) {`
			`res.setHeader('WWW-Authenticate', 'Basic realm="Audio Description Server"');`
			`res.status(401).json({ error: 'Authentication required' });`
			`return;`
			`}`
			`const credentials = Buffer.from(authHeader.slice(6), 'base64').toString('utf-8');`
			`const [username, password] = credentials.split(':');`
			`if (username === AUTH_USERNAME && password === AUTH_PASSWORD) {`
			`next();`
			`return;`
			`}`
			`res.setHeader('WWW-Authenticate', 'Basic realm="Audio Description Server"');`
			`res.status(401).json({ error: 'Invalid credentials' });`
			`}`
			`//# sourceMappingURL=auth.js.map`