Fixing an issue with cookie auth.

This commit is contained in:
mike12345567 2022-04-27 16:56:30 +01:00
parent 6556a41a5a
commit 061868c826
3 changed files with 44 additions and 48 deletions

View File

@ -1,35 +1,36 @@
const PouchDB = require("pouchdb")
const env = require("../environment")
exports.getCouchUrl = () => {
if (!env.COUCH_DB_URL) return
// username and password already exist in URL
if (env.COUCH_DB_URL.includes("@")) {
return env.COUCH_DB_URL
exports.getCouchInfo = () => {
let url = "http://localhost:4005"
if (env.COUCH_DB_URL && env.COUCH_DB_URL.includes("@")) {
url = env.COUCH_DB_URL
} else if (env.COUCH_DB_URL) {
const [protocol, ...rest] = env.COUCH_DB_URL.split("://")
url = `${protocol}://${env.COUCH_DB_USERNAME}:${env.COUCH_DB_PASSWORD}@${rest}`
if (!env.COUCH_DB_USERNAME || !env.COUCH_DB_PASSWORD) {
throw new Error(
"CouchDB configuration invalid. You must provide a fully qualified CouchDB url, or the COUCH_DB_USER and COUCH_DB_PASSWORD environment variables."
)
}
}
const [protocol, ...rest] = env.COUCH_DB_URL.split("://")
if (!env.COUCH_DB_USERNAME || !env.COUCH_DB_PASSWORD) {
throw new Error(
"CouchDB configuration invalid. You must provide a fully qualified CouchDB url, or the COUCH_DB_USER and COUCH_DB_PASSWORD environment variables."
)
}
return `${protocol}://${env.COUCH_DB_USERNAME}:${env.COUCH_DB_PASSWORD}@${rest}`
}
exports.splitCouchUrl = url => {
const [protocol, rest] = url.split("://")
const [auth, host] = rest.split("@")
const [username, password] = auth.split(":")
let [username, password] = auth.split(":")
if (!username && env.COUCH_DB_USERNAME) {
username = env.COUCH_DB_USERNAME
}
if (!password && env.COUCH_DB_PASSWORD) {
password = env.COUCH_DB_PASSWORD
}
const authCookie = Buffer.from(`${username}:${password}`).toString("base64")
return {
url: `${protocol}://${host}`,
auth: {
username,
password,
username: username,
password: password,
},
cookie: `Basic ${authCookie}`,
}
}
@ -39,26 +40,12 @@ exports.splitCouchUrl = url => {
* Exposed for exceptional cases such as in-memory views.
*/
exports.getPouch = (opts = {}) => {
let auth = {
username: env.COUCH_DB_USERNAME,
password: env.COUCH_DB_PASSWORD,
}
let url = exports.getCouchUrl() || "http://localhost:4005"
// need to update security settings
if (!auth.username || !auth.password || url.includes("@")) {
const split = exports.splitCouchUrl(url)
url = split.url
auth = split.auth
}
const authCookie = Buffer.from(`${auth.username}:${auth.password}`).toString(
"base64"
)
let { url, cookie } = exports.getCouchInfo()
let POUCH_DB_DEFAULTS = {
prefix: url,
fetch: (url, opts) => {
// use a specific authorization cookie - be very explicit about how we authenticate
opts.headers.set("Authorization", `Basic ${authCookie}`)
opts.headers.set("Authorization", cookie)
return PouchDB.fetch(url, opts)
},
}

View File

@ -12,7 +12,7 @@ const {
const { getTenantId, getGlobalDBName } = require("../tenancy")
const fetch = require("node-fetch")
const { doWithDB, allDbs } = require("./index")
const { getCouchUrl } = require("./pouch")
const { getCouchInfo } = require("./pouch")
const { getAppMetadata } = require("../cache/appMetadata")
const { checkSlashesInUrl } = require("../helpers")
const {
@ -169,8 +169,14 @@ exports.getAllDbs = async (opts = { efficient: false }) => {
return allDbs()
}
let dbs = []
async function addDbs(url) {
const response = await fetch(checkSlashesInUrl(encodeURI(url)))
let { url, cookie } = getCouchInfo()
async function addDbs(couchUrl) {
const response = await fetch(checkSlashesInUrl(encodeURI(couchUrl)), {
method: "GET",
headers: {
Authorization: cookie,
},
})
if (response.status === 200) {
let json = await response.json()
dbs = dbs.concat(json)
@ -178,7 +184,7 @@ exports.getAllDbs = async (opts = { efficient: false }) => {
throw "Cannot connect to CouchDB instance"
}
}
let couchUrl = `${getCouchUrl()}/_all_dbs`
let couchUrl = `${url}/_all_dbs`
let tenantId = getTenantId()
if (!env.MULTI_TENANCY || (!efficient && tenantId === DEFAULT_TENANT_ID)) {
// just get all DBs when:

View File

@ -1,6 +1,6 @@
const { SearchIndexes } = require("../../../db/utils")
const fetch = require("node-fetch")
const { getCouchUrl } = require("@budibase/backend-core/db")
const { getCouchInfo } = require("@budibase/backend-core/db")
const { getAppId } = require("@budibase/backend-core/context")
/**
@ -242,11 +242,10 @@ class QueryBuilder {
async run() {
const appId = getAppId()
const url = `${getCouchUrl()}/${appId}/_design/database/_search/${
SearchIndexes.ROWS
}`
const { url, cookie } = getCouchInfo()
const fullPath = `${url}/${appId}/_design/database/_search/${SearchIndexes.ROWS}`
const body = this.buildSearchBody()
return await runQuery(url, body)
return await runQuery(fullPath, body, cookie)
}
}
@ -254,12 +253,16 @@ class QueryBuilder {
* Executes a lucene search query.
* @param url The query URL
* @param body The request body defining search criteria
* @param cookie The auth cookie for CouchDB
* @returns {Promise<{rows: []}>}
*/
const runQuery = async (url, body) => {
const runQuery = async (url, body, cookie) => {
const response = await fetch(url, {
body: JSON.stringify(body),
method: "POST",
headers: {
Authorization: cookie,
},
})
const json = await response.json()