diff --git a/apps/emqx_auth/src/emqx_authn/emqx_authn_chains.erl b/apps/emqx_auth/src/emqx_authn/emqx_authn_chains.erl index 0d668bc20..f79afab29 100644 --- a/apps/emqx_auth/src/emqx_authn/emqx_authn_chains.erl +++ b/apps/emqx_auth/src/emqx_authn/emqx_authn_chains.erl @@ -310,7 +310,11 @@ reorder_authenticator(_ChainName, []) -> reorder_authenticator(ChainName, AuthenticatorIDs) -> call({reorder_authenticator, ChainName, AuthenticatorIDs}). --spec import_users(chain_name(), authenticator_id(), {binary(), binary()}) -> +-spec import_users( + chain_name(), + authenticator_id(), + {plain | hash, prepared_user_list | binary(), binary()} +) -> ok | {error, term()}. import_users(ChainName, AuthenticatorID, Filename) -> call({import_users, ChainName, AuthenticatorID, Filename}). diff --git a/apps/emqx_auth/src/emqx_authn/emqx_authn_provider.erl b/apps/emqx_auth/src/emqx_authn/emqx_authn_provider.erl index 3898d0bc4..897f6a288 100644 --- a/apps/emqx_auth/src/emqx_authn/emqx_authn_provider.erl +++ b/apps/emqx_auth/src/emqx_authn/emqx_authn_provider.erl @@ -53,11 +53,14 @@ when when State :: state(). --callback import_users({Filename, FileData}, State) -> +-callback import_users({PasswordType, Filename, FileData}, State) -> ok | {error, term()} when - Filename :: binary(), FileData :: binary(), State :: state(). + PasswordType :: plain | hash, + Filename :: prepared_user_list | binary(), + FileData :: binary(), + State :: state(). -callback add_user(UserInfo, State) -> {ok, User} diff --git a/apps/emqx_auth/src/emqx_authn/emqx_authn_user_import_api.erl b/apps/emqx_auth/src/emqx_authn/emqx_authn_user_import_api.erl index 6986c52c2..f45923756 100644 --- a/apps/emqx_auth/src/emqx_authn/emqx_authn_user_import_api.erl +++ b/apps/emqx_auth/src/emqx_authn/emqx_authn_user_import_api.erl @@ -195,7 +195,9 @@ param_password_type() -> } )}. -password_type(_Req = #{query_string := #{<<"type">> := Type}}) -> - binary_to_existing_atom(Type); +password_type(_Req = #{query_string := #{<<"type">> := <<"plain">>}}) -> + plain; +password_type(_Req = #{query_string := #{<<"type">> := <<"hash">>}}) -> + hash; password_type(_) -> hash. diff --git a/apps/emqx_auth_mnesia/test/emqx_authn_mnesia_SUITE.erl b/apps/emqx_auth_mnesia/test/emqx_authn_mnesia_SUITE.erl index 80e6789d9..43b20c4fa 100644 --- a/apps/emqx_auth_mnesia/test/emqx_authn_mnesia_SUITE.erl +++ b/apps/emqx_auth_mnesia/test/emqx_authn_mnesia_SUITE.erl @@ -216,7 +216,7 @@ t_import_users(_) -> ?assertMatch( {error, {unsupported_file_format, _}}, emqx_authn_mnesia:import_users( - {<<"/file/with/unknown.extension">>, <<>>}, + {hash, <<"/file/with/unknown.extension">>, <<>>}, State ) ), @@ -224,7 +224,7 @@ t_import_users(_) -> ?assertEqual( {error, unknown_file_format}, emqx_authn_mnesia:import_users( - {<<"/file/with/no/extension">>, <<>>}, + {hash, <<"/file/with/no/extension">>, <<>>}, State ) ), @@ -264,7 +264,7 @@ sample_filename(Name) -> sample_filename_and_data(Name) -> Filename = sample_filename(Name), {ok, Data} = file:read_file(Filename), - {Filename, Data}. + {hash, Filename, Data}. config() -> #{ diff --git a/apps/emqx_gateway/src/emqx_gateway_api_authn_user_import.erl b/apps/emqx_gateway/src/emqx_gateway_api_authn_user_import.erl index 321b145ac..6089b70db 100644 --- a/apps/emqx_gateway/src/emqx_gateway_api_authn_user_import.erl +++ b/apps/emqx_gateway/src/emqx_gateway_api_authn_user_import.erl @@ -81,7 +81,7 @@ import_users(post, #{ [{FileName, FileData}] = maps:to_list(maps:without([type], File)), case emqx_authn_chains:import_users( - ChainName, AuthId, {FileName, FileData} + ChainName, AuthId, {hash, FileName, FileData} ) of ok -> {204}; @@ -105,7 +105,7 @@ import_listener_users(post, #{ [{FileName, FileData}] = maps:to_list(maps:without([type], File)), case emqx_authn_chains:import_users( - ChainName, AuthId, {FileName, FileData} + ChainName, AuthId, {hash, FileName, FileData} ) of ok -> {204};