From f87a41a54ffdb643628042091ab3fab8e738036c Mon Sep 17 00:00:00 2001 From: DDDHuang <44492639+DDDHuang@users.noreply.github.com> Date: Wed, 8 Sep 2021 19:58:04 +0800 Subject: [PATCH] fix: api support basic auth (#5687) --- apps/emqx_dashboard/src/emqx_dashboard.erl | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/apps/emqx_dashboard/src/emqx_dashboard.erl b/apps/emqx_dashboard/src/emqx_dashboard.erl index 603d8009b..d109dd445 100644 --- a/apps/emqx_dashboard/src/emqx_dashboard.erl +++ b/apps/emqx_dashboard/src/emqx_dashboard.erl @@ -127,6 +127,16 @@ listener_name(Protocol, Port) -> authorize_appid(Req) -> case cowboy_req:parse_header(<<"authorization">>, Req) of + {basic, Username, Password} -> + case emqx_dashboard_admin:check(Username, Password) of + ok -> + ok; + {error, _} -> + {401, #{<<"WWW-Authenticate">> => + <<"Basic Realm=\"minirest-server\"">>}, + #{code => <<"ERROR_USERNAME_OR_PWD">>, + message => <<"Check your username and password">>}} + end; {bearer, Token} -> case emqx_dashboard_admin:verify_token(Token) of ok -> @@ -135,8 +145,7 @@ authorize_appid(Req) -> {401, #{<<"WWW-Authenticate">> => <<"Bearer Realm=\"minirest-server\"">>}, #{code => <<"TOKEN_TIME_OUT">>, - message => <<"POST '/login', get your new token">>} - }; + message => <<"POST '/login', get your new token">>}}; {error, not_found} -> {401, #{<<"WWW-Authenticate">> => <<"Bearer Realm=\"minirest-server\"">>}, @@ -145,7 +154,7 @@ authorize_appid(Req) -> end; _ -> {401, #{<<"WWW-Authenticate">> => - <<"Bearer Realm=\"minirest-server\"">>}, - #{code => <<"UNAUTHORIZED">>, - message => <<"POST '/login'">>}} + <<"Basic Realm=\"minirest-server\"">>}, + #{code => <<"ERROR_USERNAME_OR_PWD">>, + message => <<"Check your username and password">>}} end.