Merge pull request #56 from ab320012/patch-1

einfallstoll · web-flow · commit d4b4b4ed4555 · 2018-04-24T10:10:23.000+02:00
moving handle_unauthorized function to options, fixes #57, #29
diff --git a/README.md b/README.md
@@ -91,6 +91,7 @@ It's not recommended, but it's possible to add NTLM-Authentication without valid
 | `badrequest` | `function` | `function(request, response, next) { response.sendStatus(400); }` | Function to handle HTTP 400 Bad Request. |
 | `internalservererror` | `function` | `function(request, response, next) { response.sendStatus(500); }` | Function to handle HTTP 500 Internal Server Error. |
 | `forbidden` | `function` | `function(request, response, next) { response.sendStatus(403); }` | Function to handle HTTP 403 Forbidden. |
+| `unauthorized` | `function` | `function(request, response, next) { response.statusCode = 401; response.setHeader('WWW-Authenticate', 'NTLM'); response.end();  }` | Function to handle HTTP 401 Unauthorized. |
 | `prefix` | `string` | `[express-ntlm]` | The prefix is the first argument passed to the `debug`-function. |
 | `debug` | `function` | `function() {}` | Function to log the debug messages. See [logging](#logging) for more details. |
 | `domain` | `string` | `undefined` | Default domain if the DomainName-field cannot be parsed. |
diff --git a/lib/express-ntlm.js b/lib/express-ntlm.js
@@ -32,7 +32,11 @@ module.exports = function(options) {
         forbidden: function(request, response, next) {
             response.sendStatus(403);
         },
-
+        unauthorized: function(request, response, next) {
+            response.statusCode = 401;
+            response.setHeader('WWW-Authenticate', 'NTLM');
+            response.end();
+        },
         prefix: '[express-ntlm]',
         debug: function() {
 
@@ -87,12 +91,6 @@ module.exports = function(options) {
         return false;
     }
 
-    function handle_unauthorized(request, response, next) {
-        response.statusCode = 401;
-        response.setHeader('WWW-Authenticate', 'NTLM');
-        response.end();
-    }
-
     function connect_to_proxy(type1, callback) {
         var domain = options.domain,
             pdc = options.primarydomaincontroller,
@@ -218,7 +216,7 @@ module.exports = function(options) {
 
         if (!auth_headers) {
             options.debug(options.prefix, 'No Authorization header present');
-            return handle_unauthorized(request, response, next);
+            return options.unauthorized(request, response, next);
         }
 
         var ah_data = decode_http_authorization_header(auth_headers);
