throw new Error('no authentication mechanisms available');
}
- this.mysteryBox = new MysteryBox(logger, options);
+ this.mysteryBox = new MysteryBox(options);
+ this.mysteryBox.on('statistics', common.mysteryBoxLogger(logger, _fileScope(this.constructor.name)));
this.cookieLifespan = options.authenticator.inactiveSessionLifespanSeconds || 60 * 60 * 24 * 32;
}
*/
async isValidIdentifierCredential(identifier, credential, ctx) {
const _scope = _fileScope('isValidIdentifierCredential');
- this.logger.debug(_scope, 'called', { identifier, credential: '*'.repeat(credential.length), ctx });
+ this.logger.debug(_scope, 'called', { identifier, credential: '*'.repeat((credential || '').length), ctx });
let isValid = false;
+ if (typeof credential === 'undefined') {
+ return isValid;
+ }
+
await this.db.context(async (dbCtx) => {
const authData = await this.db.authenticationGet(dbCtx, identifier);
if (!authData) {
&& this.authnEnabled.includes('pam')) {
isValid = this._isValidPAMIdentifier(identifier, credential);
} else {
- this.logger.error(_scope, 'failed, unknown type of stored credential', { identifier, ctx });
+ this.logger.error(_scope, 'failed, unknown or unsupported type of stored credential', { identifier, ctx });
}
}
(cookieHeader || '').split(/; */).forEach((field) => {
const [ name, value ] = common.splitFirst(field, '=', null).map((x) => x && decodeURIComponent(x.trim()));
if (name && !(name in cookie)) {
- if (value && value.startsWith('"') && value.endsWith('"')) {
+ if (value?.startsWith('"') && value.endsWith('"')) {
cookie[name] = value.slice(1, -1); // eslint-disable-line security/detect-object-injection
} else {
cookie[name] = value; // eslint-disable-line security/detect-object-injection
'SameSite=Lax',
`Path=${this.options.dingus.proxyPrefix}/`,
];
- if (this.options.authenticator.secureAuthOnly) {
+ if (this.secureAuthOnly) {
cookieParts.push('Secure');
}
res.setHeader(Enum.Header.SetCookie, cookieParts.join('; '));