bam/my2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add internal authentication configuration and middleware support

Browse Source 
- Enable internal authentication via environment variable in .env.example
- Update nuxt.config.ts to include internalAuthEnabled check
- Modify internal-auth middleware to conditionally enforce authentication based on the new configuration
This commit is contained in:
Bastian Masanek
2025-10-31 12:15:51 +01:00
parent f8572c3386
commit f54b1f56d5
3 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.env.example
View File

@@ -112,6 +112,7 @@ SMTP_FROM=noreply@experimenta.science
# INTERNAL PAGES (Styleguide, Admin) # INTERNAL PAGES (Styleguide, Admin)
# ============================================== # ==============================================
# HTTP Basic Auth credentials for /internal/* routes # HTTP Basic Auth credentials for /internal/* routes
INTERNAL_AUTH_ENABLED=true
INTERNAL_AUTH_USERNAME=experimenta INTERNAL_AUTH_USERNAME=experimenta
INTERNAL_AUTH_PASSWORD=change-me-to-secure-password INTERNAL_AUTH_PASSWORD=change-me-to-secure-password

1
nuxt.config.ts
View File

@@ -51,6 +51,7 @@ export default defineNuxtConfig({
databaseUrl: process.env.DATABASE_URL, databaseUrl: process.env.DATABASE_URL,
redisHost: process.env.REDIS_HOST || 'localhost', redisHost: process.env.REDIS_HOST || 'localhost',
redisPort: process.env.REDIS_PORT || '6379', redisPort: process.env.REDIS_PORT || '6379',
internalAuthEnabled: ['true', '1'].includes(process.env.INTERNAL_AUTH_ENABLED || '') || false,
internalAuthUsername: process.env.INTERNAL_AUTH_USERNAME || '', internalAuthUsername: process.env.INTERNAL_AUTH_USERNAME || '',
internalAuthPassword: process.env.INTERNAL_AUTH_PASSWORD || '', internalAuthPassword: process.env.INTERNAL_AUTH_PASSWORD || '',

9
server/middleware/internal-auth.ts
View File

@@ -13,13 +13,20 @@ export default defineEventHandler((event) => {
const config = useRuntimeConfig() const config = useRuntimeConfig()
// Skip auth if internal auth is not enabled
if (!config.internalAuthEnabled) {
return
}
// Get credentials from environment variables // Get credentials from environment variables
const validUsername = config.internalAuthUsername const validUsername = config.internalAuthUsername
const validPassword = config.internalAuthPassword const validPassword = config.internalAuthPassword
// Skip auth if credentials are not configured (development convenience) // Skip auth if credentials are not configured (development convenience)
if (!validUsername || !validPassword) { if (!validUsername || !validPassword) {
console.warn('⚠️ INTERNAL_AUTH_USERNAME or INTERNAL_AUTH_PASSWORD not set. /internal routes are unprotected!') console.warn(
'⚠️ INTERNAL_AUTH_USERNAME or INTERNAL_AUTH_PASSWORD not set. /internal routes are unprotected!'
)
return return
} }