fixes #16 (#20)

* fixes #16
- allow authenticate to handle promises

* fixes lint

* fixes lcov location

Author: gabrielcsapo

.travis.yml

@@ -7,7 +7,7 @@ script:
   - npm install lcov-server -g
   - npm run lint
   - npm run coverage
-  - cat coverage/lcov.info | lcov-server-cli --url https://lcov-server.herokuapp.com
+  - cat coverage/lcov.info | lcov-server --upload https://lcov-server.herokuapp.com
 node_js:
   - "6"
   - "8"

CHANGELOG.md

@@ -1,3 +1,7 @@
+# Unreleased
+
+- allow authenticate to handle promises
+
 # 0.3.0
 
 - removes authentication logic and makes it a configurable middleware

docs/code/Git.html

@@ -65,7 +65,7 @@ <h4 class="name" id="Git"><span class="type-signature"></span>new Git<span class
 
     <dt class="tag-source">Source:</dt>
     <dd class="tag-source"><ul class="dummy"><li>
-        <a href="git.js.html">git.js</a>, <a href="git.js.html#line131">line 131</a>
+        <a href="git.js.html">git.js</a>, <a href="git.js.html#line141">line 141</a>
     </li></ul></dd>
 
 
@@ -315,8 +315,18 @@ <h6>Properties</h6>
 
             <td class="description last"><p>a function that has the following arguments (repo, username, password, next) and will be called when a request comes through if set</p>
 <pre class="prettyprint source"><code> authenticate: (type, repo, username, password, next) => {
-   console.log(type, repo, username, password); // eslint-disable-line
+   console.log(type, repo, username, password);
    next();
+ }
+ // alternatively you can also pass authenticate a promise
+ authenticate: (type, repo, username, password, next) => {
+   console.log(type, repo, username, password);
+   return new Promise((resolve, reject) => {
+    if(username === 'foo') {
+      return resolve();
+    }
+    return reject(&quot;sorry you don't have access to this content&quot;);
+   });
  }</code></pre></td>
         </tr>
 

docs/code/git.js.html

@@ -64,9 +64,19 @@ <h1 class="page-title">git.js</h1>
    * @param  {Function}  options.authenticate - a function that has the following arguments (repo, username, password, next) and will be called when a request comes through if set
    *
      authenticate: (type, repo, username, password, next) => {
-       console.log(type, repo, username, password); // eslint-disable-line
+       console.log(type, repo, username, password);
        next();
      }
+     // alternatively you can also pass authenticate a promise
+     authenticate: (type, repo, username, password, next) => {
+       console.log(type, repo, username, password);
+       return new Promise((resolve, reject) => {
+        if(username === 'foo') {
+          return resolve();
+        }
+        return reject("sorry you don't have access to this content");
+       });
+     }
    * @param  {Boolean=}  options.checkout - If `opts.checkout` is true, create and expected checked-out repos instead of
    bare repos
    * @return {Git}
@@ -301,32 +311,36 @@ <h1 class="page-title">git.js</h1>
             }
 
             var repoName = parseGitName(m[1]);
+            var next = (error) => {
+              if(error) {
+                res.setHeader("Content-Type", 'text/plain');
+                res.setHeader("WWW-Authenticate", 'Basic realm="authorization needed"');
+                res.writeHead(401);
+                res.end(error);
+                return;
+              } else {
+                return infoResponse({
+                    repos: self,
+                    repo: repo,
+                    service: service,
+                }, req, res);
+              }
+            }
 
             // check if the repo is authenticated
             if(this.authenticate) {
                 basicAuth(req, res, (username, password) => {
-                    this.authenticate(service === 'upload-pack' ? 'upload' : 'download', repoName, username, password, (error) => {
-                      if(error) {
-                        res.setHeader("Content-Type", 'text/plain');
-                        res.setHeader("WWW-Authenticate", 'Basic realm="authorization needed"');
-                        res.writeHead(401);
-                        res.end(error);
-                        return;
-                      } else {
-                        return infoResponse({
-                            repos: self,
-                            repo: repo,
-                            service: service,
-                        }, req, res);
-                      }
+                    var promise = this.authenticate(service === 'upload-pack' ? 'upload' : 'download', repoName, username, password, (error) => {
+                      return next(error);
                     });
+                    if(promise instanceof Promise) {
+                      return promise
+                        .then(next)
+                        .catch(next)
+                    }
                 });
             } else {
-                return infoResponse({
-                    repos: self,
-                    repo: repo,
-                    service: service,
-                }, req, res);
+              return next();
             }
         },
         function(req, res) {

docs/code/global.html

@@ -127,7 +127,7 @@ <h4 class="name" id="create"><span class="type-signature"></span>create<span cla
 
     <dt class="tag-source">Source:</dt>
     <dd class="tag-source"><ul class="dummy"><li>
-        <a href="git.js.html">git.js</a>, <a href="git.js.html#line191">line 191</a>
+        <a href="git.js.html">git.js</a>, <a href="git.js.html#line201">line 201</a>
     </li></ul></dd>
 
 
@@ -303,7 +303,7 @@ <h4 class="name" id="exists"><span class="type-signature"></span>exists<span cla
 
     <dt class="tag-source">Source:</dt>
     <dd class="tag-source"><ul class="dummy"><li>
-        <a href="git.js.html">git.js</a>, <a href="git.js.html#line165">line 165</a>
+        <a href="git.js.html">git.js</a>, <a href="git.js.html#line175">line 175</a>
     </li></ul></dd>
 
 
@@ -479,7 +479,7 @@ <h4 class="name" id="handle"><span class="type-signature"></span>handle<span cla
 
     <dt class="tag-source">Source:</dt>
     <dd class="tag-source"><ul class="dummy"><li>
-        <a href="git.js.html">git.js</a>, <a href="git.js.html#line232">line 232</a>
+        <a href="git.js.html">git.js</a>, <a href="git.js.html#line242">line 242</a>
     </li></ul></dd>
 
 
@@ -635,7 +635,7 @@ <h4 class="name" id="list"><span class="type-signature"></span>list<span class="
 
     <dt class="tag-source">Source:</dt>
     <dd class="tag-source"><ul class="dummy"><li>
-        <a href="git.js.html">git.js</a>, <a href="git.js.html#line150">line 150</a>
+        <a href="git.js.html">git.js</a>, <a href="git.js.html#line160">line 160</a>
     </li></ul></dd>
 
 
@@ -768,7 +768,7 @@ <h4 class="name" id="mkdir"><span class="type-signature"></span>mkdir<span class
 
     <dt class="tag-source">Source:</dt>
     <dd class="tag-source"><ul class="dummy"><li>
-        <a href="git.js.html">git.js</a>, <a href="git.js.html#line174">line 174</a>
+        <a href="git.js.html">git.js</a>, <a href="git.js.html#line184">line 184</a>
     </li></ul></dd>
 
 

lib/git.js

@@ -25,9 +25,19 @@ class Git extends EventEmitter {
    * @param  {Function}  options.authenticate - a function that has the following arguments (repo, username, password, next) and will be called when a request comes through if set
    *
      authenticate: (type, repo, username, password, next) => {
-       console.log(type, repo, username, password); // eslint-disable-line
+       console.log(type, repo, username, password);
        next();
      }
+     // alternatively you can also pass authenticate a promise
+     authenticate: (type, repo, username, password, next) => {
+       console.log(type, repo, username, password);
+       return new Promise((resolve, reject) => {
+        if(username === 'foo') {
+          return resolve();
+        }
+        return reject("sorry you don't have access to this content");
+       });
+     }
    * @param  {Boolean=}  options.checkout - If `opts.checkout` is true, create and expected checked-out repos instead of
    bare repos
    * @return {Git}
@@ -262,32 +272,36 @@ class Git extends EventEmitter {
             }
 
             var repoName = parseGitName(m[1]);
+            var next = (error) => {
+              if(error) {
+                res.setHeader("Content-Type", 'text/plain');
+                res.setHeader("WWW-Authenticate", 'Basic realm="authorization needed"');
+                res.writeHead(401);
+                res.end(error);
+                return;
+              } else {
+                return infoResponse({
+                    repos: self,
+                    repo: repo,
+                    service: service,
+                }, req, res);
+              }
+            };
 
             // check if the repo is authenticated
             if(this.authenticate) {
                 basicAuth(req, res, (username, password) => {
-                    this.authenticate(service === 'upload-pack' ? 'upload' : 'download', repoName, username, password, (error) => {
-                      if(error) {
-                        res.setHeader("Content-Type", 'text/plain');
-                        res.setHeader("WWW-Authenticate", 'Basic realm="authorization needed"');
-                        res.writeHead(401);
-                        res.end(error);
-                        return;
-                      } else {
-                        return infoResponse({
-                            repos: self,
-                            repo: repo,
-                            service: service,
-                        }, req, res);
-                      }
+                    var promise = this.authenticate(service === 'upload-pack' ? 'upload' : 'download', repoName, username, password, (error) => {
+                      return next(error);
                     });
+                    if(promise instanceof Promise) {
+                      return promise
+                        .then(next)
+                        .catch(next);
+                    }
                 });
             } else {
-                return infoResponse({
-                    repos: self,
-                    repo: repo,
-                    service: service,
-                }, req, res);
+              return next();
             }
         },
         function(req, res) {

test/git.js

@@ -10,7 +10,7 @@ const async = require('async');
 const GitServer = require('../');
 
 test('git', (t) => {
-  t.plan(5);
+  t.plan(6);
 
   t.test('create, push to, and clone a repo', (t) => {
       var lastCommit;
@@ -666,5 +666,62 @@ test('git', (t) => {
 
   });
 
+  t.test('should be able to protect certain routes with a promised authenticate', (t) => {
+      const repoDir = `/tmp/${Math.floor(Math.random() * (1 << 30)).toString(16)}`;
+      const srcDir = `/tmp/${Math.floor(Math.random() * (1 << 30)).toString(16)}`;
+      const dstDir = `/tmp/${Math.floor(Math.random() * (1 << 30)).toString(16)}`;
+
+      fs.mkdirSync(repoDir, 0700);
+      fs.mkdirSync(srcDir, 0700);
+      fs.mkdirSync(dstDir, 0700);
+
+      const repos = new GitServer(repoDir, {
+          autoCreate: true,
+          authenticate: (type, repo, username, password) => {
+            return new Promise(function(resolve, reject) {
+              if(type == 'download', repo == 'doom' && username == 'root' && password == 'root') {
+                return resolve();
+              }
+              return reject('that is not the correct password');
+            });
+          }
+      });
+      const port = Math.floor(Math.random() * ((1<<16) - 1e4)) + 1e4;
+      repos.listen(port);
+
+      process.chdir(srcDir);
+      async.waterfall([
+          (callback) => {
+              process.chdir(dstDir);
+              const clone = spawn('git', [ 'clone', `http://root:root@localhost:${port}/doom.git` ]);
+
+              clone.on('close', function(code) {
+                  t.equal(code, 0);
+                  callback();
+              });
+          },
+          (callback) => {
+              process.chdir(dstDir);
+              const clone = spawn('git', [ 'clone', `http://root:world@localhost:${port}/doom.git doom1` ]);
+              let error = '';
+
+              clone.stderr.on('data', (d) => {
+                error += d.toString('utf8');
+              });
+
+              clone.on('close', function(code) {
+                  t.equal(error, `Cloning into 'doom.git doom1'...\nfatal: unable to access 'http://root:world@localhost:${port}/doom.git doom1/': Empty reply from server\n`);
+                  t.equal(code, 128);
+                  callback();
+              });
+          }
+      ], (err) => {
+          t.ok(!err, 'no errors');
+          repos.close();
+          t.end();
+      });
+
+  });
+
   t.end();
 });

tryitout.js

@@ -43,4 +43,4 @@ module.exports = {
       author: 'Made with ❤️ Gabriel J. Csapo',
       website: 'http://www.gabrielcsapo.com'
     }
-}
+};