move to emqtt/emq_auth_clientid plugin

2016-10-15 17:36:40 +08:00 · 2016-10-15 17:36:40 +08:00 · e85ad35d35
parent bf075a125b
commit e85ad35d35
1 changed files with 0 additions and 123 deletions
--- a/src/emqttd_auth_clientid.erl
+++ b/src/emqttd_auth_clientid.erl
@ -1,123 +0,0 @@
 %%--------------------------------------------------------------------
 %% Copyright (c) 2012-2016 Feng Lee <feng@emqtt.io>.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
 %% You may obtain a copy of the License at
 %%
 %%     http://www.apache.org/licenses/LICENSE-2.0
 %%
 %% Unless required by applicable law or agreed to in writing, software
 %% distributed under the License is distributed on an "AS IS" BASIS,
 %% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 %% See the License for the specific language governing permissions and
 %% limitations under the License.
 %%--------------------------------------------------------------------
 -module(emqttd_auth_clientid).
 -include("emqttd.hrl").
 -export([add_clientid/1, add_clientid/2, lookup_clientid/1, remove_clientid/1,
         all_clientids/0]).
 -behaviour(emqttd_auth_mod).
 %% emqttd_auth_mod callbacks
 -export([init/1, check/3, description/0]).
 -define(AUTH_CLIENTID_TAB, mqtt_auth_clientid).
 -record(?AUTH_CLIENTID_TAB, {client_id, ipaddr, password}).
 %%--------------------------------------------------------------------
 %% API
 %%--------------------------------------------------------------------
 %% @doc Add clientid
 -spec(add_clientid(binary()) -> {atomic, ok} | {aborted, any()}).
 add_clientid(ClientId) when is_binary(ClientId) ->
    R = #mqtt_auth_clientid{client_id = ClientId},
    mnesia:transaction(fun mnesia:write/1, [R]).
 %% @doc Add clientid with password
 -spec(add_clientid(binary(), binary()) -> {atomic, ok} | {aborted, any()}).
 add_clientid(ClientId, Password) ->
    R = #mqtt_auth_clientid{client_id = ClientId, password = Password},
    mnesia:transaction(fun mnesia:write/1, [R]).
 %% @doc Lookup clientid
 -spec(lookup_clientid(binary()) -> list(#mqtt_auth_clientid{})).
 lookup_clientid(ClientId) ->
    mnesia:dirty_read(?AUTH_CLIENTID_TAB, ClientId).
 %% @doc Lookup all clientids
 -spec(all_clientids() -> list(binary())).
 all_clientids() -> mnesia:dirty_all_keys(?AUTH_CLIENTID_TAB).
 %% @doc Remove clientid
 -spec(remove_clientid(binary()) -> {atomic, ok} | {aborted, any()}).
 remove_clientid(ClientId) ->
    mnesia:transaction(fun mnesia:delete/1, [{?AUTH_CLIENTID_TAB, ClientId}]).
 %%--------------------------------------------------------------------
 %% emqttd_auth_mod callbacks
 %%--------------------------------------------------------------------
 init(Opts) ->
    mnesia:create_table(?AUTH_CLIENTID_TAB, [
            {ram_copies, [node()]},
            {attributes, record_info(fields, ?AUTH_CLIENTID_TAB)}]),
    mnesia:add_table_copy(?AUTH_CLIENTID_TAB, node(), ram_copies),
    Clients = load_client_from(proplists:get_value(config, Opts)),
    mnesia:transaction(fun() -> [mnesia:write(C) || C<- Clients] end),
    {ok, Opts}.
 check(#mqtt_client{client_id = undefined}, _Password, _Opts) ->
    {error, clientid_undefined};
 check(#mqtt_client{client_id = ClientId, peername = {IpAddress, _}}, _Password, []) ->
    check_clientid_only(ClientId, IpAddress);
 check(#mqtt_client{client_id = ClientId, peername = {IpAddress, _}}, _Password, [{password, no}|_]) ->
    check_clientid_only(ClientId, IpAddress);
 check(_Client, undefined, [{password, yes}|_]) ->
    {error, password_undefined};
 check(#mqtt_client{client_id = ClientId}, Password, [{password, yes}|_]) ->
    case mnesia:dirty_read(?AUTH_CLIENTID_TAB, ClientId) of
        [] -> {error, clientid_not_found};
        [#?AUTH_CLIENTID_TAB{password = Password}]  -> ok; %% TODO: plaintext??
        _ -> {error, password_error}
    end.
 description() -> "ClientId authentication module".
 %%--------------------------------------------------------------------
 %% Internal functions
 %%--------------------------------------------------------------------
 load_client_from(undefined) ->
    ok;
 load_client_from(File) ->
    {ok, Clients} = file:consult(File),
    [client(Client) || Client <- Clients].
 client(ClientId) when is_list(ClientId) ->
    #mqtt_auth_clientid{client_id = list_to_binary(ClientId)};
 client({ClientId, IpAddr}) when is_list(ClientId) ->
    #mqtt_auth_clientid{client_id = iolist_to_binary(ClientId),
                        ipaddr    = esockd_cidr:parse(IpAddr, true)}.
 check_clientid_only(ClientId, IpAddr) ->
    case mnesia:dirty_read(?AUTH_CLIENTID_TAB, ClientId) of
        [] ->
            {error, clientid_not_found};
        [#?AUTH_CLIENTID_TAB{ipaddr = undefined}] ->
            ok;
        [#?AUTH_CLIENTID_TAB{ipaddr = CIDR}] ->
            case esockd_cidr:match(IpAddr, CIDR) of
                true  -> ok;
                false -> {error, wrong_ipaddr}
            end
    end.