From 12bcfb99ca3bf6003223e6301d1de1eb2f385a23 Mon Sep 17 00:00:00 2001
From: Benjamin Kaiser <benjaminjkaiser@gmail.com>
Date: Wed, 27 Jul 2016 22:32:10 +1000
Subject: [PATCH] restructure app.js and add basic http-auth functionality

This functionality isn't included in the electron version
(http auth doesn't make sense in the use case for electron).
It is mainly provided for use when hosting stretto so you can
lock down your server with basic authentication.
---
 app.js       | 91 ++++++++++++++++++++++++++++++++--------------------
 config.js    |  6 ++++
 package.json |  1 +
 3 files changed, 63 insertions(+), 35 deletions(-)

diff --git a/app.js b/app.js
index 44cc4199..75275555 100644
--- a/app.js
+++ b/app.js
@@ -2,6 +2,7 @@
  * Module dependencies.
  */
 
+var async = require('async');
 var express = require('express.oi');
 var favicon = require('serve-favicon');
 var bodyParser = require('body-parser');
@@ -12,6 +13,7 @@ var path = require('path');
 var util = require(__dirname + '/util.js');
 var mkdirp = require('mkdirp');
 var proxy = require('express-http-proxy');
+var basicAuth = require('basic-auth-connect');
 
 var app = express().http().io();
 
@@ -22,7 +24,7 @@ var sessionOpts = {
 };
 app.io.session(sessionOpts);
 
-app.io.set('authorization', function(handshakeData, accept) {
+app.io.set('authorization', function handleAuth(handshakeData, accept) {
   // accept all requests
   accept(null, true);
 });
@@ -30,8 +32,18 @@ app.io.set('authorization', function(handshakeData, accept) {
 // fetch the config directory
 app.set('configDir', process.env.configDir || __dirname);
 
-// make sure the dbs directory is present
-mkdirp(app.get('configDir') + '/dbs/covers', function() {
+// all variables to be shared throughout the app
+app.set('port', process.env.PORT || 2000);
+app.set('views', path.join(__dirname, 'views'));
+app.set('view engine', 'html');
+app.set('root', __dirname);
+app.set('started', Date.now());
+app.engine('html', require('swig').renderFile);
+
+async.series([function createDatabaseDirectory(next) {
+  // make sure the dbs directory is present
+  mkdirp(app.get('configDir') + '/dbs/covers', next);
+}, function databaseDirectoryCreated(next) {
   // attach the db to the app
   require(__dirname + '/db.js')(app);
 
@@ -40,38 +52,47 @@ mkdirp(app.get('configDir') + '/dbs/covers', function() {
 
   // attach the config
   app.set('config', require(__dirname + '/config')(app));
-});
 
-// all environments
-app.set('port', process.env.PORT || 2000);
-app.set('views', path.join(__dirname, 'views'));
-app.set('view engine', 'html');
-app.set('root', __dirname);
-app.set('started', Date.now());
-app.engine('html', require('swig').renderFile);
-app.use(favicon(__dirname + '/static/images/favicon.ico'));
-app.use(bodyParser.urlencoded({extended: false}));
-app.use(bodyParser.json());
-app.use(cookieParser());
-app.use(express.session(sessionOpts));
-app.use('/static', express.static(__dirname + '/static'));
-
-// proxy for itunes requests
-app.use('/proxy', proxy('https://itunes.apple.com', {
-  forwardPath: function(req, res) {
-    return require('url').parse(req.url).path;
-  },
-}));
-
-// development only
-if (app.get('env') == 'development') {
-  app.use(errorhandler());
-}
-
-require(__dirname + '/routes').createRoutes(app);
-
-app.listen(app.get('port'), function() {
-  console.log('Express server listening on port ' + app.get('port'));
-});
+  next();
+}, function setupAuth(next) {
+  var config = app.get('config');
+
+  // auth is only intended for use outside of electron
+  if (config.auth &&
+      config.auth.username !== undefined &&
+      config.auth.password !== undefined &&
+      !process.env.ELECTRON_ENABLED) {
+    app.use(basicAuth(config.auth.username, config.auth.password));
+  }
+  next();
+}, function setupEverythinElse(next) {
+  // middleware to use in the app
+  app.use(favicon(__dirname + '/static/images/favicon.ico'));
+  app.use(bodyParser.urlencoded({extended: false}));
+  app.use(bodyParser.json());
+  app.use(cookieParser());
+  app.use(express.session(sessionOpts));
+  app.use('/static', express.static(__dirname + '/static'));
+
+  // proxy for itunes requests
+  app.use('/proxy', proxy('https://itunes.apple.com', {
+    forwardPath: function (req, res) {
+      return require('url').parse(req.url).path;
+    },
+  }));
+
+  // development only
+  if (app.get('env') == 'development') {
+    app.use(errorhandler());
+  }
+
+  require(__dirname + '/routes').createRoutes(app);
+
+  app.listen(app.get('port'), function () {
+    console.log('Express server listening on port ' + app.get('port'));
+  });
+
+  next();
+}]);
 
 module.exports = app;
diff --git a/config.js b/config.js
index 208cba48..48a37574 100644
--- a/config.js
+++ b/config.js
@@ -24,6 +24,12 @@ function Config(app) {
     parallel_download: 5,
   };
 
+  // // Uncomment this block to set your own basic http authentication
+  // this.auth = {
+  //   username: 'username',
+  //   password: 'password',
+  // };
+
   // used for itunes metadata fetching (to select the store to search)
   this.country_code = 'us';
 
diff --git a/package.json b/package.json
index a1ac50af..57c97d2a 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,7 @@
   "dependencies": {
     "archiver": "^1.0.0",
     "async": "*",
+    "basic-auth-connect": "^1.0.0",
     "body-parser": "^1.14.1",
     "cookie-parser": "^1.4.0",
     "errorhandler": "^1.4.2",