Merge pull request #6242 from overleaf/bg-remove-basic-auth-connect

[real-time] remove basic auth connect and default credentials

GitOrigin-RevId: 8dfa9f0859c7d3538f80587a99cffd9c4aea48d1

services/real-time/app/js/Router.js

@@ -13,17 +13,6 @@ const base64id = require('base64id')
 const { UnexpectedArgumentsError } = require('./Errors')
 const Joi = require('@hapi/joi')
 
-const basicAuth = require('basic-auth-connect')
-const httpAuth = basicAuth(function (user, pass) {
-  const isValid =
-    user === settings.internal.realTime.user &&
-    pass === settings.internal.realTime.pass
-  if (!isValid) {
-    logger.err({ user, pass }, 'invalid login details')
-  }
-  return isValid
-})
-
 const HOSTNAME = require('os').hostname()
 
 const JOI_OBJECT_ID = Joi.string()
@@ -122,15 +111,13 @@ module.exports = Router = {
 
     app.post(
       '/project/:project_id/message/:message',
-      httpAuth,
       bodyParser.json({ limit: '5mb' }),
       HttpApiController.sendMessage
     )
 
-    app.post('/drain', httpAuth, HttpApiController.startDrain)
+    app.post('/drain', HttpApiController.startDrain)
     app.post(
       '/client/:client_id/disconnect',
-      httpAuth,
       HttpApiController.disconnectClient
     )
 

services/real-time/config/settings.defaults.js

@@ -81,8 +81,6 @@ const settings = {
     realTime: {
       port: 3026,
       host: process.env.LISTEN_ADDRESS || 'localhost',
-      user: 'sharelatex',
-      pass: 'password',
     },
   },
 

services/real-time/package-lock.json

@@ -695,11 +695,6 @@
       "resolved": "https://registry.npmjs.org/base64id/-/base64id-0.1.0.tgz",
       "integrity": "sha512-DSjtfjhAsHl9J4OJj7e4+toV2zqxJrGwVd3CLlsCp8QmicvOn7irG0Mb8brOc/nur3SdO8lIbNlY1s1ZDJdUKQ=="
     },
-    "basic-auth-connect": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/basic-auth-connect/-/basic-auth-connect-1.0.0.tgz",
-      "integrity": "sha512-kiV+/DTgVro4aZifY/hwRwALBISViL5NP4aReaR2EVJEObpbUBHIkdJh/YpcoEiYt7nBodZ6U2ajZeZvSxUCCg=="
-    },
     "bcrypt-pbkdf": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz",

services/real-time/package.json

@@ -30,7 +30,6 @@
     "@overleaf/settings": "^2.1.1",
     "async": "^0.9.0",
     "base64id": "0.1.0",
-    "basic-auth-connect": "^1.0.0",
     "body-parser": "^1.19.0",
     "bunyan": "^1.8.15",
     "connect-redis": "^2.1.0",

services/real-time/test/acceptance/js/DrainManagerTests.js

@@ -16,16 +16,10 @@ const { expect } = require('chai')
 const async = require('async')
 const request = require('request')
 
-const Settings = require('@overleaf/settings')
-
 const drain = function (rate, callback) {
   request.post(
     {
       url: `http://localhost:3026/drain?rate=${rate}`,
-      auth: {
-        user: Settings.internal.realTime.user,
-        pass: Settings.internal.realTime.pass,
-      },
     },
     (error, response, data) => callback(error, data)
   )

services/real-time/test/acceptance/js/helpers/RealTimeClient.js

@@ -104,10 +104,6 @@ module.exports = Client = {
     request.post(
       {
         url: `http://localhost:3026/client/${client_id}/disconnect`,
-        auth: {
-          user: Settings.internal.realTime.user,
-          pass: Settings.internal.realTime.pass,
-        },
       },
       (error, response, data) => callback(error, data)
     )