refactor(emqx_dashboard_admin): simplify default pwd read/write
This commit is contained in:
Zaiming (Stone) Shi
parent
1a715c8708
commit
0d4822ba78
|
|
@ -156,13 +156,15 @@ update_pwd(Username, Fun) ->
|
||||||
|
|
||||||
-spec(lookup_user(binary()) -> [mqtt_admin()]).
|
-spec(lookup_user(binary()) -> [mqtt_admin()]).
|
||||||
lookup_user(Username) when is_binary(Username) ->
|
lookup_user(Username) when is_binary(Username) ->
|
||||||
case binenv(default_user_username) of
|
IsDefaultUser = binenv(default_user_username) =:= Username,
|
||||||
Username ->
|
case mnesia:dirty_read(mqtt_admin, Username) of
|
||||||
Password = hashed_default_passwd(),
|
[] when IsDefaultUser ->
|
||||||
[#mqtt_admin{username=Username, password=Password, tags= <<"administrator">>}];
|
_ = ensure_default_user_in_db(Username),
|
||||||
|
ok;
|
||||||
_ ->
|
_ ->
|
||||||
mnesia:dirty_read(mqtt_admin, Username)
|
ok
|
||||||
end.
|
end,
|
||||||
|
mnesia:dirty_read(mqtt_admin, Username).
|
||||||
|
|
||||||
-spec(all_users() -> [#mqtt_admin{}]).
|
-spec(all_users() -> [#mqtt_admin{}]).
|
||||||
all_users() -> ets:tab2list(mqtt_admin).
|
all_users() -> ets:tab2list(mqtt_admin).
|
||||||
|
|
@ -194,7 +196,8 @@ check(Username, Password) ->
|
||||||
init([]) ->
|
init([]) ->
|
||||||
%% Add default admin user
|
%% Add default admin user
|
||||||
{ok, _} = mnesia:subscribe({table, mqtt_admin, simple}),
|
{ok, _} = mnesia:subscribe({table, mqtt_admin, simple}),
|
||||||
add_default_user_hashed(binenv(default_user_username), hashed_default_passwd()),
|
PasswordHash = ensure_default_user_in_db(binenv(default_user_username)),
|
||||||
|
ok = ensure_default_user_passwd_hashed_in_app_env(PasswordHash),
|
||||||
{ok, state}.
|
{ok, state}.
|
||||||
|
|
||||||
handle_call(_Req, _From, State) ->
|
handle_call(_Req, _From, State) ->
|
||||||
|
|
@ -204,11 +207,11 @@ handle_cast(_Msg, State) ->
|
||||||
{noreply, State}.
|
{noreply, State}.
|
||||||
|
|
||||||
handle_info({mnesia_table_event, {write, Admin, _}}, State) ->
|
handle_info({mnesia_table_event, {write, Admin, _}}, State) ->
|
||||||
#mqtt_admin{username=Username, password=HashedPassword} = Admin,
|
%% the password is chagned from another node, sync it to app env
|
||||||
|
#mqtt_admin{username = Username, password = HashedPassword} = Admin,
|
||||||
case binenv(default_user_username) of
|
case binenv(default_user_username) of
|
||||||
Username ->
|
Username ->
|
||||||
application:set_env(emqx_dashboard, default_user_passwd_hashed, HashedPassword);
|
ok = ensure_default_user_passwd_hashed_in_app_env(HashedPassword);
|
||||||
|
|
||||||
_ ->
|
_ ->
|
||||||
ignore
|
ignore
|
||||||
end,
|
end,
|
||||||
|
|
@ -242,24 +245,43 @@ salt() ->
|
||||||
binenv(Key) ->
|
binenv(Key) ->
|
||||||
iolist_to_binary(application:get_env(emqx_dashboard, Key, <<>>)).
|
iolist_to_binary(application:get_env(emqx_dashboard, Key, <<>>)).
|
||||||
|
|
||||||
add_default_user_hashed(Username, HashedPassword) ->
|
ensure_default_user_in_db(Username) ->
|
||||||
case mnesia:dirty_read(mqtt_admin, Username) of
|
F =
|
||||||
[] ->
|
fun() ->
|
||||||
Admin = #mqtt_admin{username=Username, password=HashedPassword, tags= <<"administrator">>},
|
case mnesia:wread(mqtt_admin, Username) of
|
||||||
return(mnesia:transaction(fun add_user_/1, [Admin]));
|
[] ->
|
||||||
_ -> ok
|
PasswordHash = initial_default_user_passwd_hashed(),
|
||||||
end.
|
Admin = #mqtt_admin{username = Username,
|
||||||
|
password = PasswordHash,
|
||||||
|
tags = <<"administrator">>},
|
||||||
|
ok = mnesia:write(Admin),
|
||||||
|
PasswordHash;
|
||||||
|
[#mqtt_admin{password = PasswordHash}] ->
|
||||||
|
PasswordHash
|
||||||
|
end
|
||||||
|
end,
|
||||||
|
{atomic, PwdHash} = mnesia:transaction(F),
|
||||||
|
PwdHash.
|
||||||
|
|
||||||
hashed_default_passwd() ->
|
initial_default_user_passwd_hashed() ->
|
||||||
case binenv(default_user_passwd_hashed) of
|
case get_default_user_passwd_hashed_in_app_env() of
|
||||||
Empty0 when ?EMPTY_KEY(Empty0) ->
|
Empty when ?EMPTY_KEY(Empty) ->
|
||||||
|
%% in case it's not set yet
|
||||||
case binenv(default_user_passwd) of
|
case binenv(default_user_passwd) of
|
||||||
Empty when ?EMPTY_KEY(Empty) ->
|
Empty when ?EMPTY_KEY(Empty) ->
|
||||||
undefined;
|
error({missing_configuration, default_user_passwd});
|
||||||
Password ->
|
Pwd ->
|
||||||
Hashed = hash(Password),
|
hash(Pwd)
|
||||||
application:set_env(emqx_dashboard, default_user_passwd_hashed, Hashed),
|
|
||||||
Hashed
|
|
||||||
end;
|
end;
|
||||||
HashedPassword -> HashedPassword
|
PwdHash ->
|
||||||
|
PwdHash
|
||||||
end.
|
end.
|
||||||
|
|
||||||
|
%% use this app env for a copy of the value in mnesia database
|
||||||
|
%% so that after the node leaves a cluster, db gets purged,
|
||||||
|
%% we can still find the changed password back from this app env
|
||||||
|
ensure_default_user_passwd_hashed_in_app_env(Hashed) ->
|
||||||
|
ok = application:set_env(emqx_dashboard, default_user_passwd_hashed, Hashed).
|
||||||
|
|
||||||
|
get_default_user_passwd_hashed_in_app_env() ->
|
||||||
|
application:get_env(emqx_dashboard, default_user_passwd_hashed, <<>>).
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue