Put username+pass in cluster URLs, and fix buffer to use safer more modern Buffer.from

1 year ago · dc4083bcb0
parent 6618b0013a
commit dc4083bcb0
3 changed files with 6 additions and 8 deletions
--- a/.env.example
+++ b/.env.example
@ -10,5 +10,3 @@ DDOS_MAP_NAME="ddos"
 BACKENDS_MAP_NAME="backends"
 WHITELIST_MAP_NAME="whitelist"
 MAINTENANCE_MAP_NAME="maintenance"
-DATA_PLANE_USERNAME=admin
-DATA_PLANE_PASSWORD=admin
--- a/gulpfile.js
+++ b/gulpfile.js
@ -16,7 +16,7 @@ async function reset() {
 				_id: 'admin',
 				passwordHash: passwordHash,
 				domains: ['localhost'],
-				clusters: ['http://127.0.0.1:2001'],
+				clusters: ['http://admin:admin@127.0.0.1:2001'],
 				activeCluster: 0,
 				balance: 0,
 			});
@ -28,7 +28,7 @@ async function reset() {
 				$set: {
 					passwordHash,
 					domains: ['localhost'],
-					clusters: ['http://127.0.0.1:2001'],
+					clusters: ['http://admin:admin@127.0.0.1:2001'],
 					activeCluster: 0,
 				}
 			});
--- a/router.js
+++ b/router.js
@ -63,10 +63,10 @@ const testRouter = (server, app) => {
 				//const cluster = res.locals.user.clusters[res.locals.user.activeCluster]
 				res.locals.fMap = server.locals.fMap;
 				res.locals.mapValueNames = server.locals.mapValueNames;
-				const base64Auth = new Buffer(`${process.env.DATA_PLANE_USERNAME}:${process.env.DATA_PLANE_PASSWORD}`).toString("base64");
-				const firstCluster = res.locals.user.clusters[res.locals.user.activeCluster].split(',')[0];
+				const firstClusterURL = new URL(res.locals.user.clusters[res.locals.user.activeCluster].split(',')[0]);
+				const base64Auth = Buffer.from(`${firstClusterURL.username}:${firstClusterURL.password}`).toString("base64");
 				const api = new OpenAPIClientAxios({
-					definition: `${firstCluster}/v2/specification_openapiv3`,
+					definition: `${firstClusterURL.origin}/v2/specification_openapiv3`,
 					axiosConfigDefaults: {
 						headers: {
 							'authorization': `Basic ${base64Auth}`,
@ -74,7 +74,7 @@ const testRouter = (server, app) => {
 					}
 				});
 				res.locals.dataPlane = await api.init();
-				res.locals.dataPlane.defaults.baseURL = `${firstCluster}/v2`;
+				res.locals.dataPlane.defaults.baseURL = `${firstClusterURL.origin}/v2`;
 				next();
 			} catch (e) {
 				return dynamicResponse(req, res, 500, { error: e });