Update basic auth middleware for staging server, update k8 config

catarak · catarak · commit ff44c7f8ad4b · 2020-11-11T19:08:16.000-05:00
diff --git a/kubernetes_app.yml b/kubernetes_app.yml
@@ -127,29 +127,17 @@ metadata:
   labels:
     name: staging
 ---
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   name: staging-editor-ingress-with-auth
   namespace: staging
   annotations:
-    kubernetes.io/ingress.class: nginx
-    # type of authentication
-    nginx.ingress.kubernetes.io/auth-type: basic
-    # name of the secret that contains the user/password definitions
-    nginx.ingress.kubernetes.io/auth-secret: basic-auth
-    # message to display with an appropriate context why the authentication is required
-    nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - p5.js Web Editor Staging'
-    # kubernetes.io/ingress.global-static-ip-name: "web-editor-staging-ip"
+    kubernetes.io/ingress.class: gce
+    kubernetes.io/ingress.global-static-ip-name: "web-editor-staging-ip"
 spec:
-  rules:
-  - host: stagingeditor.p5js.org
-    http:
-      paths:
-      - path: /
-        backend:
-          serviceName: web-editor-node
-          servicePort: 8001
+  serviceName: web-editor-node
+  servicePort: 8001
 ---
 apiVersion: v1
 kind: Service
diff --git a/server/server.js b/server/server.js
@@ -37,16 +37,6 @@ const MongoStore = connectMongo(session);
 
 app.get('/health', (req, res) => res.json({ success: true }));
 
-// For basic auth, in setting up beta editor
-if (process.env.BASIC_USERNAME && process.env.BASIC_PASSWORD) {
-  app.use(basicAuth({
-    users: {
-      [process.env.BASIC_USERNAME]: process.env.BASIC_PASSWORD
-    },
-    challenge: true
-  }));
-}
-
 const allowedCorsOrigins = [
   /p5js\.org$/,
 ];
@@ -75,23 +65,6 @@ app.use(corsMiddleware);
 // Enable pre-flight OPTIONS route for all end-points
 app.options('*', corsMiddleware);
 
-// Body parser, cookie parser, sessions, serve public assets
-app.use(
-  '/locales',
-  Express.static(
-    path.resolve(__dirname, '../dist/static/locales'),
-    {
-      // Browsers must revalidate for changes to the locale files
-      // It doesn't actually mean "don't cache this file"
-      // See: https://jakearchibald.com/2016/caching-best-practices/
-      setHeaders: res => res.setHeader('Cache-Control', 'no-cache')
-    }
-  )
-);
-app.use(Express.static(path.resolve(__dirname, '../dist/static'), {
-  maxAge: process.env.STATIC_MAX_AGE || (process.env.NODE_ENV === 'production' ? '1d' : '0')
-}));
-
 app.use(bodyParser.urlencoded({ limit: '50mb', extended: true }));
 app.use(bodyParser.json({ limit: '50mb' }));
 app.use(cookieParser());
@@ -111,16 +84,7 @@ app.use(session({
   })
 }));
 
-app.use(passport.initialize());
-app.use(passport.session());
 app.use('/api/v1', requestsOfTypeJSON(), api);
-app.use('/editor', requestsOfTypeJSON(), users);
-app.use('/editor', requestsOfTypeJSON(), sessions);
-app.use('/editor', requestsOfTypeJSON(), files);
-app.use('/editor', requestsOfTypeJSON(), projects);
-app.use('/editor', requestsOfTypeJSON(), aws);
-app.use('/editor', requestsOfTypeJSON(), collections);
-
 // This is a temporary way to test access via Personal Access Tokens
 // Sending a valid username:<personal-access-token> combination will
 // return the user's information.
@@ -129,6 +93,42 @@ app.get(
   passport.authenticate('basic', { session: false }), (req, res) => res.json(req.user)
 );
 
+// For basic auth, but can't have double basic auth for API
+if (process.env.BASIC_USERNAME && process.env.BASIC_PASSWORD) {
+  app.use(basicAuth({
+    users: {
+      [process.env.BASIC_USERNAME]: process.env.BASIC_PASSWORD
+    },
+    challenge: true
+  }));
+}
+
+// Body parser, cookie parser, sessions, serve public assets
+app.use(
+  '/locales',
+  Express.static(
+    path.resolve(__dirname, '../dist/static/locales'),
+    {
+      // Browsers must revalidate for changes to the locale files
+      // It doesn't actually mean "don't cache this file"
+      // See: https://jakearchibald.com/2016/caching-best-practices/
+      setHeaders: res => res.setHeader('Cache-Control', 'no-cache')
+    }
+  )
+);
+app.use(Express.static(path.resolve(__dirname, '../dist/static'), {
+  maxAge: process.env.STATIC_MAX_AGE || (process.env.NODE_ENV === 'production' ? '1d' : '0')
+}));
+
+app.use(passport.initialize());
+app.use(passport.session());
+app.use('/editor', requestsOfTypeJSON(), users);
+app.use('/editor', requestsOfTypeJSON(), sessions);
+app.use('/editor', requestsOfTypeJSON(), files);
+app.use('/editor', requestsOfTypeJSON(), projects);
+app.use('/editor', requestsOfTypeJSON(), aws);
+app.use('/editor', requestsOfTypeJSON(), collections);
+
 // this is supposed to be TEMPORARY -- until i figure out
 // isomorphic rendering
 app.use('/', serverRoutes);
