feat(auth): allow disabling built-in basic auth

README.md

@@ -18,3 +18,5 @@ npm run dev
 docker build -t trade-frontend .
 docker run --rm -p 8081:8081 trade-frontend
 ```
+
+Jeśli auth jest realizowany przed aplikacją (np. Traefik `basicAuth`), ustaw `BASIC_AUTH_MODE=off`, żeby wyłączyć wbudowany basic auth w serwerze.

services/frontend/server.mjs

@@ -15,6 +15,10 @@ const STATIC_DIR = process.env.STATIC_DIR || '/srv';
 const BASIC_AUTH_FILE = process.env.BASIC_AUTH_FILE || '/tokens/frontend.json';
 const API_READ_TOKEN_FILE = process.env.API_READ_TOKEN_FILE || '/tokens/read.json';
 const API_UPSTREAM = process.env.API_UPSTREAM || process.env.API_URL || 'http://api:8787';
+const BASIC_AUTH_MODE = String(process.env.BASIC_AUTH_MODE || 'on')
+  .trim()
+  .toLowerCase();
+const BASIC_AUTH_ENABLED = !['off', 'false', '0', 'disabled', 'none'].includes(BASIC_AUTH_MODE);
 
 function readJson(filePath) {
   const raw = fs.readFileSync(filePath, 'utf8');
@@ -226,6 +230,7 @@ function handler(req, res) {
     return;
   }
 
+  if (BASIC_AUTH_ENABLED) {
     let creds;
     try {
       creds = loadBasicAuth();
@@ -238,6 +243,7 @@ function handler(req, res) {
       basicAuthRequired(res);
       return;
     }
+  }
 
   if (req.url?.startsWith('/api') && (req.url === '/api' || req.url.startsWith('/api/'))) {
     let token;
@@ -264,6 +270,7 @@ server.listen(PORT, () => {
         staticDir: STATIC_DIR,
         apiUpstream: API_UPSTREAM,
         basicAuthFile: BASIC_AUTH_FILE,
+        basicAuthMode: BASIC_AUTH_MODE,
         apiReadTokenFile: API_READ_TOKEN_FILE,
       },
       null,