Merge pull request #16 from reasonerjt/master

enable basic authentication for api
2024-09-29 05:47:31 +02:00 · 2016-03-08 12:24:11 +08:00 · 2016-03-08 12:24:11 +08:00 · c036d1b002
commit c036d1b002
parent 3b71580986 3e942e3db7
3 changed files with 15 additions and 21 deletions
--- a/api/base.go
+++ b/api/base.go
@ -17,8 +17,10 @@ package api

 import (
 	"encoding/json"
+	"log"
 	"net/http"

+	"github.com/vmware/harbor/auth"
 	"github.com/vmware/harbor/dao"
 	"github.com/vmware/harbor/models"

@ -52,6 +54,18 @@ func (b *BaseAPI) DecodeJSONReq(v interface{}) {
 // ValidateUser checks if the request triggered by a valid user
 func (b *BaseAPI) ValidateUser() int {

+	username, password, ok := b.Ctx.Request.BasicAuth()
+	if ok {
+		log.Printf("Requst with Basic Authentication header, username: %s", username)
+		user, err := auth.Login(models.AuthModel{username, password})
+		if err != nil {
+			log.Printf("Error while trying to login, username: %s, error: %v", username, err)
+			user = nil
+		}
+		if user != nil {
+			return user.UserID
+		}
+	}
 	sessionUserID := b.GetSession("userId")
 	if sessionUserID == nil {
 		beego.Warning("No user id in session, canceling request")
--- a/service/token.go
+++ b/service/token.go
@ -22,7 +22,6 @@ import (
 	"github.com/vmware/harbor/auth"
 	"github.com/vmware/harbor/models"
 	svc_utils "github.com/vmware/harbor/service/utils"
-	"github.com/vmware/harbor/utils"

 	"github.com/astaxie/beego"
 	"github.com/docker/distribution/registry/auth/token"
@ -39,13 +38,9 @@ type TokenHandler struct {
 func (a *TokenHandler) Get() {

 	request := a.Ctx.Request
-
 	log.Println("request url: " + request.URL.String())
-	authorization := request.Header["Authorization"]
-	log.Println("authorization:", authorization)
-	username, password := utils.ParseBasicAuth(authorization)
+	username, password, _ := request.BasicAuth()
 	authenticated := authenticate(username, password)
-
 	service := a.GetString("service")
 	scope := a.GetString("scope")

--- a/utils/utils.go
+++ b/utils/utils.go
@ -16,12 +16,9 @@
 package utils

 import (
-	"encoding/base64"
 	"strings"

 	"github.com/vmware/harbor/models"
-
-	"github.com/astaxie/beego"
 )

 // Repository holds information about repository
@ -29,18 +26,6 @@ type Repository struct {
 	Name string
 }

-// ParseBasicAuth parses the basic authorization
-func ParseBasicAuth(authorization []string) (username, password string) {
-	if authorization == nil || len(authorization) == 0 {
-		beego.Debug("Authorization header is not set.")
-		return "", ""
-	}
-	auth := strings.SplitN(authorization[0], " ", 2)
-	payload, _ := base64.StdEncoding.DecodeString(auth[1])
-	pair := strings.SplitN(string(payload), ":", 2)
-	return pair[0], pair[1]
-}
-
 // GetProject parses the repository and return the name of project.
 func (r *Repository) GetProject() string {
 	if !strings.ContainsRune(r.Name, '/') {