yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #5388 from tigercl/feat/authn-api 

feat(authn api): support query authentication status
This commit is contained in:
tigercl 2021-08-03 11:05:12 +08:00 committed by GitHub
parent 149ef6d7cc 05b72157e2
commit 58b39361b3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/emqx_authn/src/emqx_authn.erl
View File

@ -20,6 +20,7 @@
-export([ enable/0 -export([ enable/0
, disable/0 , disable/0
, is_enabled/0
]). ]).
-export([authenticate/2]). -export([authenticate/2]).
@ -84,6 +85,14 @@ disable() ->
emqx:unhook('client.authenticate', {?MODULE, authenticate, []}), emqx:unhook('client.authenticate', {?MODULE, authenticate, []}),
ok. ok.
is_enabled() ->
Callbacks = emqx_hooks:lookup('client.authenticate'),
lists:any(fun({callback, {?MODULE, authenticate, []}, _, _}) ->
true;
(_) ->
false
end, Callbacks).
authenticate(Credential, _AuthResult) -> authenticate(Credential, _AuthResult) ->
case mnesia:dirty_read(?CHAIN_TAB, ?CHAIN) of case mnesia:dirty_read(?CHAIN_TAB, ?CHAIN) of
[#chain{authenticators = Authenticators}] -> [#chain{authenticators = Authenticators}] ->

26
apps/emqx_authn/src/emqx_authn_api.erl
View File

@ -131,6 +131,27 @@ authentication_api() ->
}, },
<<"400">> => ?ERR_RESPONSE(<<"Bad Request">>) <<"400">> => ?ERR_RESPONSE(<<"Bad Request">>)
} }
},
get => #{
description => "Get status of authentication",
responses => #{
<<"200">> => #{
description => <<"OK">>,
content => #{
'application/json' => #{
schema => #{
type => object,
properties => #{
enabled => #{
type => boolean,
example => true
}
}
}
}
}
}
}
} }
}, },
{"/authentication", Metadata, authentication}. {"/authentication", Metadata, authentication}.
@ -1153,7 +1174,10 @@ authentication(post, Request) ->
serialize_error({invalid_parameter, enable}); serialize_error({invalid_parameter, enable});
_ -> _ ->
serialize_error({missing_parameter, enable}) serialize_error({missing_parameter, enable})
end. end;
authentication(get, _Request) ->
Enabled = emqx_authn:is_enabled(),
{200, #{enabled => Enabled}}.
authenticators(post, Request) -> authenticators(post, Request) ->
{ok, Body, _} = cowboy_req:read_body(Request), {ok, Body, _} = cowboy_req:read_body(Request),

2
apps/emqx_authn/test/emqx_authn_SUITE.erl
View File

@ -101,5 +101,7 @@ t_authenticate(_) ->
username => <<"myuser">>, username => <<"myuser">>,
password => <<"mypass">>}, password => <<"mypass">>},
?assertEqual(ok, emqx_access_control:authenticate(ClientInfo)), ?assertEqual(ok, emqx_access_control:authenticate(ClientInfo)),
?assertEqual(false, emqx_authn:is_enabled()),
emqx_authn:enable(), emqx_authn:enable(),
?assertEqual(true, emqx_authn:is_enabled()),
?assertEqual({error, not_authorized}, emqx_access_control:authenticate(ClientInfo)). ?assertEqual({error, not_authorized}, emqx_access_control:authenticate(ClientInfo)).