forked from Badgerati/Pode
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathWeb-AuthBasicAnon.ps1
More file actions
106 lines (88 loc) · 3.54 KB
/
Web-AuthBasicAnon.ps1
File metadata and controls
106 lines (88 loc) · 3.54 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<#
.SYNOPSIS
A PowerShell script to set up a Pode server with Basic authentication for REST APIs.
.DESCRIPTION
This script sets up a Pode server that listens on a specified port, enables basic authentication
for a REST API endpoint, and returns user information upon successful authentication. The authentication
details are checked on a per-request basis without using session-based authentication.
.PARAMETER Location
The location where the API key is expected. Valid values are 'Header', 'Query', and 'Cookie'. Default is 'Header'.
.EXAMPLE
To run the sample: ./Web-AuthBasicAnon.ps1
This example shows how to use sessionless authentication, which will mostly be for
REST APIs. The example used here is Basic authentication.
Calling the '[POST] http://localhost:8081/users' endpoint, with an Authorization
header of 'Basic bW9ydHk6cGlja2xl' will display the uesrs. Anything else and
you'll get a 401 status code back.
Success:
Invoke-RestMethod -Uri http://localhost:8081/users -Headers @{ Authorization = 'Basic bW9ydHk6cGlja2xl' }
Failure:
Invoke-RestMethod -Uri http://localhost:8081/users -Headers @{ Authorization = 'Basic bW9ydHk6cmljaw==' }
.LINK
https://github.com/Badgerati/Pode/blob/develop/examples/Web-AuthBasicAnon.ps1
.NOTES
Author: Pode Team
License: MIT License
#>
try {
# Determine the script path and Pode module path
$ScriptPath = (Split-Path -Parent -Path $MyInvocation.MyCommand.Path)
$podePath = Split-Path -Parent -Path $ScriptPath
# Import the Pode module from the source path if it exists, otherwise from installed modules
if (Test-Path -Path "$($podePath)/src/Pode.psm1" -PathType Leaf) {
Import-Module "$($podePath)/src/Pode.psm1" -Force -ErrorAction Stop
}
else {
Import-Module -Name 'Pode' -MaximumVersion 2.99 -ErrorAction Stop
}
}
catch { throw }
# or just:
# Import-Module Pode
# create a server, and start listening on port 8081
Start-PodeServer -Threads 2 {
# listen on localhost:8081
Add-PodeEndpoint -Address localhost -Port 8081 -Protocol Http
# setup basic auth (base64> username:password in header)
New-PodeAuthScheme -Basic -Realm 'Pode Example Page' | Add-PodeAuth -Name 'Validate' -Sessionless -ScriptBlock {
param($username, $password)
# here you'd check a real user storage, this is just for example
if ($username -eq 'morty' -and $password -eq 'pickle') {
return @{
User = @{
ID ='M0R7Y302'
Name = 'Morty'
Type = 'Human'
}
}
}
return @{ Message = 'Invalid details supplied' }
}
# GET request to get list of users (since there's no session, authentication will always happen, but, we're allowing anon access)
Add-PodeRoute -Method Get -Path '/users' -Authentication 'Validate' -AllowAnon -ScriptBlock {
if (Test-PodeAuthUser) {
Write-PodeJsonResponse -Value @{
Users = @(
@{
Name = 'Deep Thought'
Age = 42
},
@{
Name = 'Leeroy Jenkins'
Age = 1337
}
)
}
}
else {
Write-PodeJsonResponse -Value @{
Users = @(
@{
Name = 'John Smith'
Age = 21
}
)
}
}
}
}