Merge pull request #5388 from tigercl/feat/authn-api

feat(authn api): support query authentication status
2021-08-03 11:05:12 +08:00 · 2021-08-03 11:05:12 +08:00 · 58b39361b3
parent 149ef6d7cc 05b72157e2
commit 58b39361b3
3 changed files with 36 additions and 1 deletions
--- a/apps/emqx_authn/src/emqx_authn.erl
+++ b/apps/emqx_authn/src/emqx_authn.erl
@ -20,6 +20,7 @@

 -export([ enable/0
        , disable/0
+        , is_enabled/0
        ]).

 -export([authenticate/2]).
@ -84,6 +85,14 @@ disable() ->
    emqx:unhook('client.authenticate', {?MODULE, authenticate, []}),
    ok.

+is_enabled() ->
+    Callbacks = emqx_hooks:lookup('client.authenticate'),
+    lists:any(fun({callback, {?MODULE, authenticate, []}, _, _}) ->
+                  true;
+                 (_) ->
+                  false
+              end, Callbacks).
+
 authenticate(Credential, _AuthResult) ->
    case mnesia:dirty_read(?CHAIN_TAB, ?CHAIN) of
        [#chain{authenticators = Authenticators}] ->
--- a/apps/emqx_authn/src/emqx_authn_api.erl
+++ b/apps/emqx_authn/src/emqx_authn_api.erl
@ -131,6 +131,27 @@ authentication_api() ->
                },
                <<"400">> => ?ERR_RESPONSE(<<"Bad Request">>)
            }
+        },
+        get => #{
+            description => "Get status of authentication",
+            responses => #{
+                <<"200">> => #{
+                    description => <<"OK">>,
+                    content => #{
+                        'application/json' => #{
+                            schema => #{
+                                type => object,
+                                properties => #{
+                                    enabled => #{
+                                        type => boolean,
+                                        example => true
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
        }
    },
    {"/authentication", Metadata, authentication}.
@ -1153,7 +1174,10 @@ authentication(post, Request) ->
            serialize_error({invalid_parameter, enable});
        _ ->
            serialize_error({missing_parameter, enable})
-    end.
+    end;
+authentication(get, _Request) ->
+    Enabled = emqx_authn:is_enabled(),
+    {200, #{enabled => Enabled}}.

 authenticators(post, Request) ->
    {ok, Body, _} = cowboy_req:read_body(Request),
--- a/apps/emqx_authn/test/emqx_authn_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_SUITE.erl
@ -101,5 +101,7 @@ t_authenticate(_) ->
                   username => <<"myuser">>,
 			       password => <<"mypass">>},
    ?assertEqual(ok, emqx_access_control:authenticate(ClientInfo)),
+    ?assertEqual(false, emqx_authn:is_enabled()),
    emqx_authn:enable(),
+    ?assertEqual(true, emqx_authn:is_enabled()),
    ?assertEqual({error, not_authorized}, emqx_access_control:authenticate(ClientInfo)).