This is an automated email from the ASF dual-hosted git repository.
haonan pushed a commit to branch rel/0.13
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/rel/0.13 by this push:
new 32d1ffdd53 add login interceptor (#6519)
32d1ffdd53 is described below
commit 32d1ffdd53add38ab1e21f4a41402deae56f30df
Author: CloudWise-Lukemiao
<[email protected]>
AuthorDate: Wed Jun 29 21:12:17 2022 +0800
add login interceptor (#6519)
---
.../iotdb/web/grafana/conf/MyConfiguration.java | 15 +++++-
.../web/grafana/interceptor/LoginInterceptor.java | 61 ++++++++++++++++++++++
2 files changed, 75 insertions(+), 1 deletion(-)
diff --git
a/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/conf/MyConfiguration.java
b/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/conf/MyConfiguration.java
index 12dc1a9738..3eb407c78b 100644
---
a/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/conf/MyConfiguration.java
+++
b/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/conf/MyConfiguration.java
@@ -18,15 +18,18 @@
*/
package org.apache.iotdb.web.grafana.conf;
+import org.apache.iotdb.web.grafana.interceptor.LoginInterceptor;
+
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import
org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/** Created by dell on 2017/7/18. */
@Configuration
-public class MyConfiguration {
+public class MyConfiguration extends WebMvcConfigurerAdapter {
/** return WebMvcConfigurer. */
@Bean
@@ -38,4 +41,14 @@ public class MyConfiguration {
}
};
}
+
+ @Bean
+ public LoginInterceptor loginInterceptor() {
+ return new LoginInterceptor();
+ }
+
+ @Override
+ public void addInterceptors(InterceptorRegistry registry) {
+ registry.addInterceptor(loginInterceptor()).addPathPatterns("/**");
+ }
}
diff --git
a/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/interceptor/LoginInterceptor.java
b/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/interceptor/LoginInterceptor.java
new file mode 100644
index 0000000000..b1f411e43d
--- /dev/null
+++
b/grafana-connector/src/main/java/org/apache/iotdb/web/grafana/interceptor/LoginInterceptor.java
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.iotdb.web.grafana.interceptor;
+
+import org.osgi.service.component.annotations.Component;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.util.Base64Utils;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import java.nio.charset.StandardCharsets;
+
+@Component
+public class LoginInterceptor extends HandlerInterceptorAdapter {
+
+ @Value("${spring.datasource.username}")
+ private String username;
+
+ @Value("${spring.datasource.password}")
+ private String password;
+
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse
response, Object handler)
+ throws Exception {
+ String authorization = request.getHeader("authorization");
+ if (authorization != null) {
+ authorization =
+ new String(
+ Base64Utils.decode(
+ authorization.replace("Basic ",
"").getBytes(StandardCharsets.UTF_8)));
+ String[] authorizationHeader = authorization.split(":");
+ if (authorizationHeader.length != 2
+ || !authorizationHeader[0].equals(username)
+ || !authorizationHeader[1].equals(password)) {
+ response.sendError(HttpStatus.UNAUTHORIZED.value(), "Username or
password incorrect");
+ return false;
+ }
+ }
+ return true;
+ }
+}
