From 56070f19ecd1de2c95a0663fe697ecffc6b51c38 Mon Sep 17 00:00:00 2001
From: Lomanic <Lomanic@users.noreply.github.com>
Date: Thu, 8 Oct 2020 00:14:19 +0200
Subject: [PATCH] Use dedicated login for ESP and properly parse HTTP basic
 auth on /status

---
 server.js | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/server.js b/server.js
index 61056f9..8aba76a 100644
--- a/server.js
+++ b/server.js
@@ -88,14 +88,13 @@ app.get("/api", (req, res) => {
 app.get("/status", (req, res) => {
   // http basic auth handling without 3rd-party lib https://stackoverflow.com/a/33905671
   const auth = {
-    login: process.env.MATRIXUSERNAME,
-    password: process.env.MATRIXPASSWORD
+    login: process.env.ESPUSERNAME,
+    password: process.env.ESPPASSWORD
   };
 
   // parse login and password from headers
-  const b64auth = (req.headers.authorization || "").split(" ")[1] || "";
-  const [_, login, password] =
-    new Buffer(b64auth, "base64").toString().match(/(.*):(.*)/) || []; // slightly modified as we use : in username
+  const b64auth = (req.headers.authorization || '').split(' ')[1] || ''
+  const [login, password] = Buffer.from(b64auth, 'base64').toString().split(':')
 
   if (
     !login ||
@@ -103,6 +102,7 @@ app.get("/status", (req, res) => {
     login !== auth.login ||
     password !== auth.password
   ) {
+  	console.log("Bad auth", auth, login, password)
     res.set("WWW-Authenticate", 'Basic realm="Authentication required"');
     return res.status(401).send("Authentication required.");
   }