mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-22 02:05:41 +01:00
Reactor backend api for authrization
1. Change backend api 2. Change frontend api 3. Change the proxy config file Signed-off-by: Qian Deng <dengq@vmware.com>
This commit is contained in:
Qian Deng
parent
f49ae02a1a
commit
88bb461314
@ -46,6 +46,19 @@ http {
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
location /c/ {
|
||||
proxy_pass http://core/c/;
|
||||
proxy_set_header Host $$host;
|
||||
proxy_set_header X-Real-IP $$remote_addr;
|
||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||
|
||||
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
|
||||
proxy_set_header X-Forwarded-Proto $$scheme;
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
location /api/ {
|
||||
proxy_pass http://core/api/;
|
||||
proxy_set_header Host $$host;
|
||||
@ -59,8 +72,8 @@ http {
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) {
|
||||
proxy_pass http://core/;
|
||||
location /chartrepo/ {
|
||||
proxy_pass http://core/chartrepo/;
|
||||
proxy_set_header Host $$host;
|
||||
proxy_set_header X-Real-IP $$remote_addr;
|
||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||
|
||||
@ -65,6 +65,19 @@ http {
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
location /c/ {
|
||||
proxy_pass http://core/c/;
|
||||
proxy_set_header Host $$host;
|
||||
proxy_set_header X-Real-IP $$remote_addr;
|
||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||
|
||||
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
|
||||
proxy_set_header X-Forwarded-Proto $$scheme;
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
location /api/ {
|
||||
proxy_pass http://core/api/;
|
||||
@ -79,8 +92,8 @@ http {
|
||||
proxy_request_buffering off;
|
||||
}
|
||||
|
||||
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) {
|
||||
proxy_pass http://core;
|
||||
location /chartrepo/ {
|
||||
proxy_pass http://core/chartrepo/;
|
||||
proxy_set_header Host $$host;
|
||||
proxy_set_header X-Real-IP $$remote_addr;
|
||||
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
|
||||
|
||||
@ -58,11 +58,11 @@ func init() {
|
||||
|
||||
beego.Router("/", &IndexController{})
|
||||
|
||||
beego.Router("/login", &CommonController{}, "post:Login")
|
||||
beego.Router("/log_out", &CommonController{}, "get:LogOut")
|
||||
beego.Router("/reset", &CommonController{}, "post:ResetPassword")
|
||||
beego.Router("/userExists", &CommonController{}, "post:UserExists")
|
||||
beego.Router("/sendEmail", &CommonController{}, "get:SendResetEmail")
|
||||
beego.Router("/c/login", &CommonController{}, "post:Login")
|
||||
beego.Router("/c/log_out", &CommonController{}, "get:LogOut")
|
||||
beego.Router("/c/reset", &CommonController{}, "post:ResetPassword")
|
||||
beego.Router("/c/userExists", &CommonController{}, "post:UserExists")
|
||||
beego.Router("/c/sendEmail", &CommonController{}, "get:SendResetEmail")
|
||||
beego.Router("/v2/*", &RegistryProxy{}, "*:Handle")
|
||||
}
|
||||
|
||||
@ -143,31 +143,31 @@ func TestAll(t *testing.T) {
|
||||
// v.Set("principal", "admin")
|
||||
// v.Add("password", "Harbor12345")
|
||||
|
||||
r, _ := http.NewRequest("POST", "/login", nil)
|
||||
r, _ := http.NewRequest("POST", "/c/login", nil)
|
||||
w := httptest.NewRecorder()
|
||||
beego.BeeApp.Handlers.ServeHTTP(w, r)
|
||||
assert.Equal(int(401), w.Code, "'/login' httpStatusCode should be 401")
|
||||
assert.Equal(int(401), w.Code, "'/c/login' httpStatusCode should be 401")
|
||||
|
||||
r, _ = http.NewRequest("GET", "/log_out", nil)
|
||||
r, _ = http.NewRequest("GET", "/c/log_out", nil)
|
||||
w = httptest.NewRecorder()
|
||||
beego.BeeApp.Handlers.ServeHTTP(w, r)
|
||||
assert.Equal(int(200), w.Code, "'/log_out' httpStatusCode should be 200")
|
||||
assert.Equal(int(200), w.Code, "'/c/log_out' httpStatusCode should be 200")
|
||||
assert.Equal(true, strings.Contains(fmt.Sprintf("%s", w.Body), ""), "http respond should be empty")
|
||||
|
||||
r, _ = http.NewRequest("POST", "/reset", nil)
|
||||
r, _ = http.NewRequest("POST", "/c/reset", nil)
|
||||
w = httptest.NewRecorder()
|
||||
beego.BeeApp.Handlers.ServeHTTP(w, r)
|
||||
assert.Equal(int(400), w.Code, "'/reset' httpStatusCode should be 400")
|
||||
assert.Equal(int(400), w.Code, "'/c/reset' httpStatusCode should be 400")
|
||||
|
||||
r, _ = http.NewRequest("POST", "/userExists", nil)
|
||||
r, _ = http.NewRequest("POST", "/c/userExists", nil)
|
||||
w = httptest.NewRecorder()
|
||||
beego.BeeApp.Handlers.ServeHTTP(w, r)
|
||||
assert.Equal(int(500), w.Code, "'/userExists' httpStatusCode should be 500")
|
||||
assert.Equal(int(500), w.Code, "'/c/userExists' httpStatusCode should be 500")
|
||||
|
||||
r, _ = http.NewRequest("GET", "/sendEmail", nil)
|
||||
r, _ = http.NewRequest("GET", "/c/sendEmail", nil)
|
||||
w = httptest.NewRecorder()
|
||||
beego.BeeApp.Handlers.ServeHTTP(w, r)
|
||||
assert.Equal(int(400), w.Code, "'/sendEmail' httpStatusCode should be 400")
|
||||
assert.Equal(int(400), w.Code, "'/c/sendEmail' httpStatusCode should be 400")
|
||||
|
||||
r, _ = http.NewRequest("GET", "/v2/", nil)
|
||||
w = httptest.NewRecorder()
|
||||
|
||||
@ -29,16 +29,14 @@ import (
|
||||
|
||||
func initRouters() {
|
||||
|
||||
beego.Router("/reset_password", &controllers.IndexController{})
|
||||
|
||||
// standalone
|
||||
if !config.WithAdmiral() {
|
||||
// Controller API:
|
||||
beego.Router("/login", &controllers.CommonController{}, "post:Login")
|
||||
beego.Router("/log_out", &controllers.CommonController{}, "get:LogOut")
|
||||
beego.Router("/reset", &controllers.CommonController{}, "post:ResetPassword")
|
||||
beego.Router("/userExists", &controllers.CommonController{}, "post:UserExists")
|
||||
beego.Router("/sendEmail", &controllers.CommonController{}, "get:SendResetEmail")
|
||||
beego.Router("/c/login", &controllers.CommonController{}, "post:Login")
|
||||
beego.Router("/c/log_out", &controllers.CommonController{}, "get:LogOut")
|
||||
beego.Router("/c/reset", &controllers.CommonController{}, "post:ResetPassword")
|
||||
beego.Router("/c/userExists", &controllers.CommonController{}, "post:UserExists")
|
||||
beego.Router("/c/sendEmail", &controllers.CommonController{}, "get:SendResetEmail")
|
||||
|
||||
// API:
|
||||
beego.Router("/api/projects/:pid([0-9]+)/members/?:pmid([0-9]+)", &api.ProjectMemberAPI{})
|
||||
|
||||
@ -19,8 +19,8 @@ import { PasswordSetting } from './password-setting';
|
||||
import {HTTP_FORM_OPTIONS, HTTP_JSON_OPTIONS, HTTP_GET_OPTIONS} from "../../shared/shared.utils";
|
||||
|
||||
const passwordChangeEndpoint = "/api/users/:user_id/password";
|
||||
const sendEmailEndpoint = "/sendEmail";
|
||||
const resetPasswordEndpoint = "/reset";
|
||||
const sendEmailEndpoint = "/c/sendEmail";
|
||||
const resetPasswordEndpoint = "/c/reset";
|
||||
|
||||
@Injectable()
|
||||
export class PasswordSettingService {
|
||||
|
||||
@ -18,7 +18,7 @@ import 'rxjs/add/operator/toPromise';
|
||||
import { SignInCredential } from '../../shared/sign-in-credential';
|
||||
import {HTTP_FORM_OPTIONS} from "../../shared/shared.utils";
|
||||
|
||||
const signInUrl = '/login';
|
||||
const signInUrl = '/c/login';
|
||||
/**
|
||||
*
|
||||
* Define a service to provide sign in methods
|
||||
|
||||
@ -22,13 +22,13 @@ import { SignInCredential } from './sign-in-credential';
|
||||
import { enLang } from '../shared/shared.const';
|
||||
import {HTTP_FORM_OPTIONS, HTTP_JSON_OPTIONS, HTTP_GET_OPTIONS} from "./shared.utils";
|
||||
|
||||
const signInUrl = '/login';
|
||||
const signInUrl = '/c/login';
|
||||
const currentUserEndpint = "/api/users/current";
|
||||
const signOffEndpoint = "/log_out";
|
||||
const signOffEndpoint = "/c/log_out";
|
||||
const accountEndpoint = "/api/users/:id";
|
||||
const langEndpoint = "/language";
|
||||
const userExistsEndpoint = "/userExists";
|
||||
const renameAdminEndpoint = 'api/internal/renameadmin';
|
||||
const userExistsEndpoint = "/c/userExists";
|
||||
const renameAdminEndpoint = '/api/internal/renameadmin';
|
||||
const langMap = {
|
||||
"zh": "zh-CN",
|
||||
"en": "en-US"
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
|
||||
set +e
|
||||
|
||||
STATUS_LOGIN=$(curl --insecure -w '%{http_code}' -d "principal=$1&password=$2" https://localhost/login)
|
||||
if [ $STATUS_LOGIN -eq 200 ]; then
|
||||
STATUS_LOGIN=$(curl --insecure -w '%{http_code}' -d "principal=$1&password=$2" https://localhost/c/login)
|
||||
if [ $STATUS_LOGIN -eq 200 ]; then
|
||||
echo "Login Harbor success."
|
||||
else
|
||||
echo "Login Harbor fail."
|
||||
@ -11,7 +11,7 @@ else
|
||||
fi
|
||||
|
||||
|
||||
STATUS_LOGOUT=$(curl --insecure -s -o /dev/null -w '%{http_code}' https://localhost/log_out)
|
||||
STATUS_LOGOUT=$(curl --insecure -s -o /dev/null -w '%{http_code}' https://localhost/c/log_out)
|
||||
if [ $STATUS_LOGOUT -eq 200 ]; then
|
||||
echo "Logout Harbor success."
|
||||
else
|
||||
|
||||
Loading…
Reference in New Issue
Block a user