Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-22 10:15:35 +01:00
Code Issues Projects Releases Wiki Activity

Reactor backend api for authrization

Browse Source 
1. Change backend api
2. Change frontend api
3. Change the proxy config file

Signed-off-by: Qian Deng <dengq@vmware.com>
This commit is contained in:
Qian Deng 2018-09-19 10:17:07 +08:00
parent f49ae02a1a
commit 88bb461314
8 changed files with 60 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
make/common/templates/nginx/nginx.http.conf
View File

@ -46,6 +46,19 @@ http {
proxy_request_buffering off; proxy_request_buffering off;
} }
location /c/ {
proxy_pass http://core/c/;
proxy_set_header Host $$host;
proxy_set_header X-Real-IP $$remote_addr;
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
proxy_set_header X-Forwarded-Proto $$scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /api/ { location /api/ {
proxy_pass http://core/api/; proxy_pass http://core/api/;
proxy_set_header Host $$host; proxy_set_header Host $$host;
@ -59,8 +72,8 @@ http {
proxy_request_buffering off; proxy_request_buffering off;
} }
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) { location /chartrepo/ {
proxy_pass http://core/; proxy_pass http://core/chartrepo/;
proxy_set_header Host $$host; proxy_set_header Host $$host;
proxy_set_header X-Real-IP $$remote_addr; proxy_set_header X-Real-IP $$remote_addr;
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;

17
make/common/templates/nginx/nginx.https.conf
View File

@ -65,6 +65,19 @@ http {
proxy_buffering off; proxy_buffering off;
proxy_request_buffering off; proxy_request_buffering off;
} }
location /c/ {
proxy_pass http://core/c/;
proxy_set_header Host $$host;
proxy_set_header X-Real-IP $$remote_addr;
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
proxy_set_header X-Forwarded-Proto $$scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /api/ { location /api/ {
proxy_pass http://core/api/; proxy_pass http://core/api/;
@ -79,8 +92,8 @@ http {
proxy_request_buffering off; proxy_request_buffering off;
} }
location ~ ^/(login|log_out|sendEmail|language|reset|userExists|reset_password|chartrepo) { location /chartrepo/ {
proxy_pass http://core; proxy_pass http://core/chartrepo/;
proxy_set_header Host $$host; proxy_set_header Host $$host;
proxy_set_header X-Real-IP $$remote_addr; proxy_set_header X-Real-IP $$remote_addr;
proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;

30
src/core/controllers/controllers_test.go
View File

@ -58,11 +58,11 @@ func init() {
beego.Router("/", &IndexController{}) beego.Router("/", &IndexController{})
beego.Router("/login", &CommonController{}, "post:Login") beego.Router("/c/login", &CommonController{}, "post:Login")
beego.Router("/log_out", &CommonController{}, "get:LogOut") beego.Router("/c/log_out", &CommonController{}, "get:LogOut")
beego.Router("/reset", &CommonController{}, "post:ResetPassword") beego.Router("/c/reset", &CommonController{}, "post:ResetPassword")
beego.Router("/userExists", &CommonController{}, "post:UserExists") beego.Router("/c/userExists", &CommonController{}, "post:UserExists")
beego.Router("/sendEmail", &CommonController{}, "get:SendResetEmail") beego.Router("/c/sendEmail", &CommonController{}, "get:SendResetEmail")
beego.Router("/v2/*", &RegistryProxy{}, "*:Handle") beego.Router("/v2/*", &RegistryProxy{}, "*:Handle")
} }
@ -143,31 +143,31 @@ func TestAll(t *testing.T) {
// v.Set("principal", "admin") // v.Set("principal", "admin")
// v.Add("password", "Harbor12345") // v.Add("password", "Harbor12345")
r, _ := http.NewRequest("POST", "/login", nil) r, _ := http.NewRequest("POST", "/c/login", nil)
w := httptest.NewRecorder() w := httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r) beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(401), w.Code, "'/login' httpStatusCode should be 401") assert.Equal(int(401), w.Code, "'/c/login' httpStatusCode should be 401")
r, _ = http.NewRequest("GET", "/log_out", nil) r, _ = http.NewRequest("GET", "/c/log_out", nil)
w = httptest.NewRecorder() w = httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r) beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(200), w.Code, "'/log_out' httpStatusCode should be 200") assert.Equal(int(200), w.Code, "'/c/log_out' httpStatusCode should be 200")
assert.Equal(true, strings.Contains(fmt.Sprintf("%s", w.Body), ""), "http respond should be empty") assert.Equal(true, strings.Contains(fmt.Sprintf("%s", w.Body), ""), "http respond should be empty")
r, _ = http.NewRequest("POST", "/reset", nil) r, _ = http.NewRequest("POST", "/c/reset", nil)
w = httptest.NewRecorder() w = httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r) beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(400), w.Code, "'/reset' httpStatusCode should be 400") assert.Equal(int(400), w.Code, "'/c/reset' httpStatusCode should be 400")
r, _ = http.NewRequest("POST", "/userExists", nil) r, _ = http.NewRequest("POST", "/c/userExists", nil)
w = httptest.NewRecorder() w = httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r) beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(500), w.Code, "'/userExists' httpStatusCode should be 500") assert.Equal(int(500), w.Code, "'/c/userExists' httpStatusCode should be 500")
r, _ = http.NewRequest("GET", "/sendEmail", nil) r, _ = http.NewRequest("GET", "/c/sendEmail", nil)
w = httptest.NewRecorder() w = httptest.NewRecorder()
beego.BeeApp.Handlers.ServeHTTP(w, r) beego.BeeApp.Handlers.ServeHTTP(w, r)
assert.Equal(int(400), w.Code, "'/sendEmail' httpStatusCode should be 400") assert.Equal(int(400), w.Code, "'/c/sendEmail' httpStatusCode should be 400")
r, _ = http.NewRequest("GET", "/v2/", nil) r, _ = http.NewRequest("GET", "/v2/", nil)
w = httptest.NewRecorder() w = httptest.NewRecorder()

12
src/core/router.go
View File

@ -29,16 +29,14 @@ import (
func initRouters() { func initRouters() {
beego.Router("/reset_password", &controllers.IndexController{})
// standalone // standalone
if !config.WithAdmiral() { if !config.WithAdmiral() {
// Controller API: // Controller API:
beego.Router("/login", &controllers.CommonController{}, "post:Login") beego.Router("/c/login", &controllers.CommonController{}, "post:Login")
beego.Router("/log_out", &controllers.CommonController{}, "get:LogOut") beego.Router("/c/log_out", &controllers.CommonController{}, "get:LogOut")
beego.Router("/reset", &controllers.CommonController{}, "post:ResetPassword") beego.Router("/c/reset", &controllers.CommonController{}, "post:ResetPassword")
beego.Router("/userExists", &controllers.CommonController{}, "post:UserExists") beego.Router("/c/userExists", &controllers.CommonController{}, "post:UserExists")
beego.Router("/sendEmail", &controllers.CommonController{}, "get:SendResetEmail") beego.Router("/c/sendEmail", &controllers.CommonController{}, "get:SendResetEmail")
// API: // API:
beego.Router("/api/projects/:pid([0-9]+)/members/?:pmid([0-9]+)", &api.ProjectMemberAPI{}) beego.Router("/api/projects/:pid([0-9]+)/members/?:pmid([0-9]+)", &api.ProjectMemberAPI{})

4
src/portal/src/app/account/password-setting/password-setting.service.ts
View File

@ -19,8 +19,8 @@ import { PasswordSetting } from './password-setting';
import {HTTP_FORM_OPTIONS, HTTP_JSON_OPTIONS, HTTP_GET_OPTIONS} from "../../shared/shared.utils"; import {HTTP_FORM_OPTIONS, HTTP_JSON_OPTIONS, HTTP_GET_OPTIONS} from "../../shared/shared.utils";
const passwordChangeEndpoint = "/api/users/:user_id/password"; const passwordChangeEndpoint = "/api/users/:user_id/password";
const sendEmailEndpoint = "/sendEmail"; const sendEmailEndpoint = "/c/sendEmail";
const resetPasswordEndpoint = "/reset"; const resetPasswordEndpoint = "/c/reset";
@Injectable() @Injectable()
export class PasswordSettingService { export class PasswordSettingService {

2
src/portal/src/app/account/sign-in/sign-in.service.ts
View File

@ -18,7 +18,7 @@ import 'rxjs/add/operator/toPromise';
import { SignInCredential } from '../../shared/sign-in-credential'; import { SignInCredential } from '../../shared/sign-in-credential';
import {HTTP_FORM_OPTIONS} from "../../shared/shared.utils"; import {HTTP_FORM_OPTIONS} from "../../shared/shared.utils";
const signInUrl = '/login'; const signInUrl = '/c/login';
/** /**
* *
* Define a service to provide sign in methods * Define a service to provide sign in methods

8
src/portal/src/app/shared/session.service.ts
View File

@ -22,13 +22,13 @@ import { SignInCredential } from './sign-in-credential';
import { enLang } from '../shared/shared.const'; import { enLang } from '../shared/shared.const';
import {HTTP_FORM_OPTIONS, HTTP_JSON_OPTIONS, HTTP_GET_OPTIONS} from "./shared.utils"; import {HTTP_FORM_OPTIONS, HTTP_JSON_OPTIONS, HTTP_GET_OPTIONS} from "./shared.utils";
const signInUrl = '/login'; const signInUrl = '/c/login';
const currentUserEndpint = "/api/users/current"; const currentUserEndpint = "/api/users/current";
const signOffEndpoint = "/log_out"; const signOffEndpoint = "/c/log_out";
const accountEndpoint = "/api/users/:id"; const accountEndpoint = "/api/users/:id";
const langEndpoint = "/language"; const langEndpoint = "/language";
const userExistsEndpoint = "/userExists"; const userExistsEndpoint = "/c/userExists";
const renameAdminEndpoint = 'api/internal/renameadmin'; const renameAdminEndpoint = '/api/internal/renameadmin';
const langMap = { const langMap = {
"zh": "zh-CN", "zh": "zh-CN",
"en": "en-US" "en": "en-US"

6
tests/userlogintest.sh
View File

@ -2,8 +2,8 @@
set +e set +e
STATUS_LOGIN=$(curl --insecure -w '%{http_code}' -d "principal=$1&password=$2" https://localhost/login) STATUS_LOGIN=$(curl --insecure -w '%{http_code}' -d "principal=$1&password=$2" https://localhost/c/login)
if [ $STATUS_LOGIN -eq 200 ]; then if [ $STATUS_LOGIN -eq 200 ]; then
echo "Login Harbor success." echo "Login Harbor success."
else else
echo "Login Harbor fail." echo "Login Harbor fail."
@ -11,7 +11,7 @@ else
fi fi
STATUS_LOGOUT=$(curl --insecure -s -o /dev/null -w '%{http_code}' https://localhost/log_out) STATUS_LOGOUT=$(curl --insecure -s -o /dev/null -w '%{http_code}' https://localhost/c/log_out)
if [ $STATUS_LOGOUT -eq 200 ]; then if [ $STATUS_LOGOUT -eq 200 ]; then
echo "Logout Harbor success." echo "Logout Harbor success."
else else