Redefining behavior of guard() middleware to respond with a 401 whe…

…n unauthenticated, swapping `mimetype` for `mime-db` as source of media types, creating `mime()` to access media types by filename (path)
avoidwork · Nov 11, 2019 · 96f9d9b · 96f9d9b
1 parent 3b8e560
commit 96f9d9b
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 18 deletions.
diff --git a/lib/middleware.js b/lib/middleware.js
@@ -4,7 +4,7 @@ const path = require("path"),
 	fs = require("fs"),
 	retsu = require("retsu"),
 	coerce = require("tiny-coerce"),
-	mime = require("mimetype"),
+	mime = require(path.join(__dirname, "mime.js")),
 	{canGet, each, hasBody, jsonWrap} = require(path.join(__dirname, "shared.js")),
 	regex = require(path.join(__dirname, "regex.js")),
 	rateHeaders = [
@@ -72,7 +72,7 @@ function guard (req, res, next) {
 	if (req.parsed.pathname === login || req.isAuthenticated()) {
 		next();
 	} else {
-		res.redirect(login, false);
+		res.error(401);
 	}
 }
 
@@ -163,7 +163,7 @@ function rate (req, res, next) {
 
 function stream (req, res) {
 	res.header("content-length", req.file.stats.size);
-	res.header("content-type", mime.lookup(req.file.path));
+	res.header("content-type", mime(req.file.path));
 	res.header("last-modified", req.file.stats.mtime.toUTCString());
 
 	let status = 200,

diff --git a/lib/mime.js b/lib/mime.js
@@ -0,0 +1,17 @@
+const {extname} = require("path"),
+	valid = Object.entries(require("mime-db")).filter(i => "extensions" in i[1]),
+	extensions = valid.reduce((a, v) => {
+		const result = Object.assign({type: v[0]}, v[1]);
+
+		for (const key of result.extensions) {
+			a[`.${key}`] = result;
+		}
+
+		return a;
+	}, {});
+
+module.exports = (arg = "") => {
+	const ext = extname(arg);
+
+	return ext in extensions ? extensions[ext].type : "";
+};
diff --git a/lib/utility.js b/lib/utility.js
@@ -65,7 +65,7 @@ function auth (obj, config) {
 		authMap = {},
 		authUris = [];
 
-	let keys, sesh, fnCookie, fnSession, luscaCsp, luscaCsrf, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection,
+	let sesh, fnCookie, fnSession, luscaCsp, luscaCsrf, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection,
 		luscaNoSniff,
 		passportInit, passportSession;
 
@@ -355,9 +355,7 @@ function auth (obj, config) {
 	}
 
 	if (authUris.length > 0) {
-		keys = Object.keys(authMap).length > 0;
-
-		if (keys) {
+		if (Object.keys(authMap).length > 0) {
 			config.routes.get[config.auth.uri.root] = authMap;
 		}
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "tenso",
   "description": "Tensō is an HTTP/HTTP2 REST API framework",
-  "version": "14.0.1",
+  "version": "15.0.0",
   "homepage": "http://avoidwork.github.io/tenso",
   "author": "Jason Mulligan <[email protected]>",
   "repository": {
@@ -29,7 +29,7 @@
     "express-session": "^1.17.0",
     "keysort": "^1.0.2",
     "lusca": "^1.6.1",
-    "mimetype": "^0.0.8",
+    "mime-db": "^1.42.0",
     "moment": "^2.24.0",
     "passport": "^0.4.0",
     "passport-http": "^0.3.0",

diff --git a/test/auth_test.js b/test/auth_test.js
@@ -186,8 +186,7 @@ describe("Local", function () {
 	it("GET /uuid (invalid) - returns an 'unauthorized' error", function () {
 		return tinyhttptest({url: "http://localhost:" + port + "/uuid"})
 			.cookies()
-			.expectStatus(302)
-			.expectHeader("location", login)
+			.expectStatus(401)
 			.end();
 	});
 

diff --git a/test/auth_test2.js b/test/auth_test2.js
@@ -205,8 +205,7 @@ describe("Local (HTTP2)", function () {
 	it("GET /uuid (invalid) - returns an 'unauthorized' error", function () {
 		return tinyhttptest({http2: true, url: "https://localhost:" + port + "/uuid"})
 			.cookies()
-			.expectStatus(302)
-			.expectHeader("location", login)
+			.expectStatus(401)
 			.end();
 	});