Commit Graph

66 Commits

Author SHA1 Message Date
Zaiming (Stone) Shi 14ba75502f chore: update copyright year 2023-01-02 14:54:38 +01:00
zhongwencool 3248cb92e8 Merge branch 'main-v4.3' into sync-4.3-to-4.4 2022-07-19 11:02:11 +08:00
Zaiming (Stone) Shi 820d981b4d
docs: fix typo in code comment
Co-authored-by: Ilya Averyanov <av@rubybox.ru>
2022-07-06 13:33:52 +02:00
Zaiming (Stone) Shi 998f79070d feat: add a quick deny option to allow_anonymous config
prior to this change, allow_anonymous is only true | false
when set to 'false', even if the client is connected without
a username, the auth backends will be invoked.

this commit introduced a new config value `false_quick_deny`
to deny access immediately without involving auth backends
2022-07-06 11:40:24 +02:00
Shawn ca842aa869 fix: merge main-v4.3 to main-v4.4 2022-05-23 11:23:27 +08:00
JimMoen 9435fe0bb9 refactor(metrics): more understandable auth metrics
`client.auth.success`/`client.auth.failure`
`client.auth.success.anonymous`
2022-05-20 17:48:41 +08:00
JimMoen 6168745f90 chore: update copyright 2022-04-14 11:23:25 +08:00
JianBo He c56be7dcd7 refactor(metrics): more clear for acl metrics
For clarity in the meaning of metrics, we put `client.acl.allow`,
`client.acl.deny` into emqx_metrics and increased after a acl checking
returned.
2022-01-21 11:21:25 +08:00
Zaiming Shi 6354e75626 chore: update copyrights 2021-04-23 20:43:00 +02:00
turtleDeng d49f4118fe
Mgmt emqx modules (#3376) 2020-04-10 19:55:21 +08:00
JianBo He 3f6f0eca40
Add an option to allow client bypass auth plugins 2020-02-21 09:42:26 +08:00
zhouzb 7ea75f4289 Update copyright 2020-01-03 18:31:08 +08:00
Feng Lee 12c6d5fe2c Add more metrics for client's lifecircle
- client.connect
- client.connack
- client.connected
- client.authenticate
- client.check_acl
- client.subscribe
- client.unsubscribe
- client.disconnected
2019-12-30 09:28:55 +08:00
Feng Lee b7ca3905a6 Breaking Change: Add new hooks for client and session lifecircle (#3138) 2019-12-27 16:31:06 +08:00
JianBo He b3eed9123f Fix typo 2019-12-21 10:39:02 +08:00
Feng Lee 578355442b Add more metrics and improve the 'channel', 'session' modules (#3128) 2019-12-20 21:47:32 +08:00
Feng Lee 9c3273a2c6 Improve the process of handling MQTT control packets (#3079) 2019-12-06 19:51:06 +08:00
Feng Lee 20ddd498fc Rename the 'client_id' field to 'clientid' 2019-09-24 17:06:25 +08:00
Feng Lee 98b7e3d948 Rename the type 'client()' to 'client_info()'
- Rename tye type 'client()' to 'client_info()'
- Rename the 'client' field of channel to 'client_info'
- Fix the function specs
2019-09-21 15:27:05 +08:00
turtled a93f8c6788 Fix auth fail 2019-08-09 17:37:55 +08:00
Feng Lee d99c9daf76 Replace credentials with client 2019-07-27 23:22:02 +08:00
Feng Lee f32a415a83 Merge branch 'channel3' 2019-06-25 15:55:31 +08:00
tigercl 37eef7b72a Add 'auth.mqtt.anonymous' metric (#2631)
* Add 'auth.mqtt.anonymous' metric
2019-06-21 19:21:26 +08:00
Feng Lee 21162f88b8 Update copyright 2019-06-18 14:27:06 +08:00
HeeeJianBo caa582a028 Revert the PR #2355
- Add anonymous field for credentials
2019-05-15 15:04:27 +08:00
turtled c5524e99c6 Rm emqx_rate_limiter module 2019-04-25 14:29:20 +08:00
JianBo He 8d92d58b6c Fix allow_anonymous behavoir error (#2355)
EMQ should allow the anonymous connection if the allow_anonymous option is true, although it has one or more auth plugins started.
2019-03-26 10:25:51 +08:00
HeeeJianBo fc2df9aff5 Adapt to new export style 2019-03-22 14:58:24 +08:00
JianBo He 513d2bcaaa Fix reload ACL failed (#2344)
The original `reload_acl` function only parse the ACL file, not compile and rehook to 'client.check_acl'
2019-03-22 10:21:16 +08:00
terry-xiaoyu b79bf13ae7 Rename result -> auth_result 2019-03-22 00:03:34 +08:00
terry-xiaoyu a7adb79f17 Allow empty zone in credentials 2019-03-16 12:25:39 +08:00
Shawn 02fe8560e2
Improve emqx_hooks and credentials (#2309)
* Improve emqx_hooks and credentials

1. Modify the return modes of emqx hooks.

Change the return value of hook functions to:
- ok: stop the hook chain and return ok
- {error, Reason}: stop the hook chain and return error
- continue: continue the hook chain

And the return value of emqx_hooks:run/2 is changed to:
- ok
- {error, Reason}

And the return value of emqx_hooks:run/3:
- {ok, Acc}
- {error, Reason, Acc}

2. Treat password as a member of credentials.

Password should be wrapped in the `credentials` data-structure, as the
username/password pair together consists of an authentication method.
There can be some methods using some other credential data (e.g.
a JWT token), and these credential data should also be wrapped in the
the `credentials` data-structure.

An event `client.authenticate` is triggered when an user logs in:
```erlang
emqx_hooks:run('client.authenticate', [], Credentials)
```

A `default callback` that deny/allow any user (according to the
`allow_anonymous` config) should be appended to the end of the
callback chain.

The `credentails` is passed through all of the callbacks, and
can be changed over in this process.

* Refactor emqx hooks return mode

* Remove password from PState
2019-03-16 10:43:53 +08:00
Gilbert c3e6f3c3b2 Improve try catch syntax (#2263)
* Replace case catch.. with try ... catch
Prior to this change, case catch ... would cost a lot of performance
because it would retrieve the whole stacktrace. However, try...catch
will not retrieve the whole stacktrace. So try...catch syntax is better.
2019-02-28 09:54:28 +08:00
turtled 31e95b56c4 Update Copyright to 2019 2019-01-29 10:43:25 +08:00
turtled 7d3357e0f3 Merge emqx32 2018-12-21 16:01:32 +08:00
tigercl 938d30268a Remove extra case...of (#2082)
* Remove extra case...of
2018-12-20 21:42:14 +08:00
tigercl 97474171d0 Better report errors in acl.conf (#2065) 2018-12-19 23:06:48 +08:00
Feng Lee 36e7d63d66 Implement subscription sharding.
1. Improve the design router, broker and shared_sub
2. New ets tables' design for subscription sharding
2018-12-07 18:20:09 +08:00
Feng Lee d99d0a22d0 Rename 'ignore' to 'ignored' 2018-09-06 17:54:32 +08:00
Feng Lee 96122cf966 Rename 'already_existed' to 'already_exists' 2018-09-04 19:14:25 +08:00
Feng Lee 3045ec10ab Add banned feature 2018-08-31 14:04:26 +08:00
Gilbert Wong 748826bdee update access sutie and access control 2018-08-31 01:16:54 +08:00
Feng Lee 567aeb274f Define types in emqx_types, emqx_mqtt_types modules 2018-08-29 23:08:55 +08:00
terry-xiaoyu c92eba4a5e bug fixes during UT 2018-08-28 00:27:45 +08:00
Feng Lee dca292f538 Replace 'Client' with 'Credentials' map 2018-08-27 15:54:41 +08:00
Feng Lee 5f65335835
Merge branch 'emqx30' into emqx_30_acl_cache_v2 2018-08-27 09:42:42 +08:00
terry-xiaoyu 9d29dd0e10 use config enable_acl_cache 2018-08-26 18:25:17 +08:00
Feng Lee 0e3728c940 Add emqx_types module and 'credentials' type 2018-08-26 16:24:51 +08:00
terry-xiaoyu 9717f9b83e add module emqx_acl_cache 2018-08-26 15:46:22 +08:00
terry-xiaoyu 8cd20744be improve cache datastruct using keys-queue 2018-08-26 13:33:00 +08:00