perf: parse with regular expressions

Author: dougwilson

HISTORY.md

@@ -2,6 +2,7 @@ unreleased
 ==========
 
   * perf: hoist regular expression
+  * perf: parse with regular expressions
 
 1.0.1 / 2015-05-04
 ==================

LICENSE

@@ -2,6 +2,7 @@
 
 Copyright (c) 2013 TJ Holowaychuk
 Copyright (c) 2014 Jonathan Ong <[email protected]>
+Copyright (c) 2015 Douglas Christopher Wilson <[email protected]>
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

index.js

@@ -2,6 +2,7 @@
  * morgan
  * Copyright(c) 2013 TJ Holowaychuk
  * Copyright(c) 2014 Jonathan Ong
+ * Copyright(c) 2015 Douglas Christopher Wilson
  * MIT Licensed
  */
 
@@ -12,8 +13,24 @@
 
 module.exports = auth
 
+/**
+ * RegExp for basic auth credentials
+ *
+ * credentials = auth-scheme 1*SP token68
+ * auth-scheme = "Basic" ; case insensitive
+ * token68     = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" ) *"="
+ * @private
+ */
+
+var credentialsRegExp = /^ *(?:[Bb][Aa][Ss][Ii][Cc]) +([A-Za-z0-9\-\._~\+\/]+=*) *$/
+
 /**
  * RegExp for basic auth user/pass
+ *
+ * user-pass   = userid ":" password
+ * userid      = *<TEXT excluding ":">
+ * password    = *TEXT
+ * @private
  */
 
 var userPassRegExp = /^([^:]*):(.*)$/
@@ -29,19 +46,40 @@ var userPassRegExp = /^([^:]*):(.*)$/
 function auth(req) {
   req = req.req || req;
 
-  var auth = req.headers.authorization;
-  if (!auth) return;
+  // parse header
+  var header = req.headers.authorization
+  var match = credentialsRegExp.exec(header || '')
+
+  if (!match) {
+    return
+  }
 
-  // malformed
-  var parts = auth.split(' ');
-  if ('basic' != parts[0].toLowerCase()) return;
-  if (!parts[1]) return;
-  auth = parts[1];
+  // decode user pass
+  var userPass = userPassRegExp.exec(decodeBase64(match[1]))
 
-  // credentials
-  auth = new Buffer(auth, 'base64').toString();
-  auth = auth.match(userPassRegExp)
-  if (!auth) return;
+  if (!userPass) {
+    return
+  }
+
+  // return credentials object
+  return new Credentials(userPass[1], userPass[2])
+}
+
+/**
+ * Decode base64 string.
+ * @private
+ */
+
+function decodeBase64(str) {
+  return new Buffer(str, 'base64').toString()
+}
+
+/**
+ * Object to represent user credentials.
+ * @private
+ */
 
-  return { name: auth[1], pass: auth[2] };
+function Credentials(name, pass) {
+  this.name = name
+  this.pass = pass
 }