Set auth header with password

apache · Feb 6, 2024 · d2bc4ad · d2bc4ad
1 parent 3ee604a
commit d2bc4ad
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 33 deletions.
diff --git a/build/UserALEWebExtension/background.js b/build/UserALEWebExtension/background.js
@@ -1149,6 +1149,7 @@ browser.runtime.onMessage.addListener(function (message) {
       log(message.payload);
       break;
     case CONFIG_CHANGE:
+      console.log(message);
       options(message.payload);
       dispatchTabMessage(message);
       break;

diff --git a/build/UserALEWebExtension/options.js b/build/UserALEWebExtension/options.js
@@ -1129,35 +1129,40 @@ function rerouteLog(log) {
 addCallbacks({
   reroute: rerouteLog
 });
-function setConfig(e) {
+function setConfig() {
+  var config = {
+    url: document.getElementById("url").value,
+    userId: document.getElementById("user").value,
+    toolName: document.getElementById("tool").value,
+    version: document.getElementById("version").value
+  };
+
+  // Set a basic auth header if given credentials.
+  var password = document.getElementById("password").value;
+  if (config.userId && password) {
+    config.authHeader = "Basic " + btoa("".concat(config.userId, ":").concat(password));
+  }
   browser.storage.local.set({
-    useraleConfig: {
-      url: document.getElementById("url").value,
-      userId: document.getElementById("user").value,
-      password: document.getElementById("password").value,
-      toolName: document.getElementById("tool").value,
-      version: document.getElementById("version").value
-    }
+    useraleConfig: config
   }, function () {
-    getConfig();
+    options(config);
+    browser.runtime.sendMessage({
+      type: CONFIG_CHANGE,
+      payload: config
+    });
   });
 }
 function getConfig() {
   browser.storage.local.get("useraleConfig", function (res) {
     var config = res.useraleConfig;
+    options(config);
     document.getElementById("url").value = config.url;
     document.getElementById("user").value = config.userId;
-    document.getElementById("password").value = config.password;
     document.getElementById("tool").value = config.toolName;
     document.getElementById("version").value = config.version;
-    options(config);
-    browser.runtime.sendMessage({
-      type: CONFIG_CHANGE,
-      payload: config
-    });
   });
 }
-document.addEventListener('DOMContentLoaded', getConfig);
+document.addEventListener("DOMContentLoaded", getConfig);
 document.addEventListener("submit", setConfig);
 
 /* eslint-enable */
diff --git a/src/UserALEWebExtension/background.js b/src/UserALEWebExtension/background.js
@@ -51,6 +51,7 @@ browser.runtime.onMessage.addListener(function (message) {
       break;
 
     case MessageTypes.CONFIG_CHANGE:
+      console.log(message);
       userale.options(message.payload);
       dispatchTabMessage(message);
       break;

diff --git a/src/UserALEWebExtension/options.js b/src/UserALEWebExtension/options.js
@@ -22,36 +22,42 @@ import { rerouteLog, browser } from './globals.js';
 
 userale.addCallbacks({reroute: rerouteLog});
 
-function setConfig(e) {
-  browser.storage.local.set(
-    {useraleConfig: {
-      url: document.getElementById("url").value,
-      userId: document.getElementById("user").value,
-      password: document.getElementById("password").value,
-      toolName: document.getElementById("tool").value,
-      version: document.getElementById("version").value
-    }},
-    () => {getConfig()}
-  );
+// TODO: Warn users when setting credentials with unsecured connection.
+const mitmWarning = "Setting credentials with http will expose you to a MITM attack. Are you sure you want to continue?";
+
+function setConfig() {
+  let config = {
+    url: document.getElementById("url").value,
+    userId: document.getElementById("user").value,
+    toolName: document.getElementById("tool").value,
+    version: document.getElementById("version").value
+  };
+
+  // Set a basic auth header if given credentials.
+  const password = document.getElementById("password").value;
+  if(config.userId && password) {
+    config.authHeader = "Basic " + btoa(`${config.userId}:${password}`);
+  }
+
+  browser.storage.local.set({useraleConfig: config}, () => {
+    userale.options(config);
+    browser.runtime.sendMessage({ type: MessageTypes.CONFIG_CHANGE, payload: config });
+  });
 }
 
 function getConfig() {
   browser.storage.local.get("useraleConfig", (res) => {
     let config = res.useraleConfig;
 
+    userale.options(config);
     document.getElementById("url").value = config.url;
     document.getElementById("user").value = config.userId;
-    document.getElementById("password").value = config.password;
     document.getElementById("tool").value = config.toolName;
     document.getElementById("version").value = config.version;
-
-    userale.options(config);
-    browser.runtime.sendMessage({ type: MessageTypes.CONFIG_CHANGE, payload: config });
-
   });
 }
 
-document.addEventListener('DOMContentLoaded', getConfig);
+document.addEventListener("DOMContentLoaded", getConfig);
 document.addEventListener("submit", setConfig);
 
 /* eslint-enable */