Hi folks,
The most commonly used HTTP authentication scheme is HTTP Basic
authentication.
I want to add a basic auth plugin to apisix apache, It should have the
following functions:
1. API for users to dynamically add and query basic authorization
information.
function _M.api()
return {
{
methods = { "GET" },
uri = "/apisix/plugin/basic-auth/get",
handler = get_auth,
},
{
methods = { "POST", "PUT" },
uri = "/apisix/plugin/basic-auth/set",
handler = set_auth,
}
}
end
2. Verify basic authrization during the access phase.
function _M.access(conf, ctx)
core.log.info("plugin access phase, conf: ", core.json.delay_encode(conf))
-- 0. check conf enable
if not conf.enable then
return
end
-- 1. extract username and password from basic_auth header
local headers = ngx.req.get_headers()
if not headers.Authorization then
return 401, { message = "authorization is required" }
end
local username, password, err = extract_auth_header(headers.Authorization)
if err then
return 401, { message = err }
end
-- 2. get user info from etcd
local res = authorizations_etcd:get(username)
if res == nil then
return 401, { message = "failed to find authorization from etcd" }
end
-- 3. check if user exists
if not res.value or not res.value.id then
return 401, { message = "user is not found" }
end
local value = res.value
-- 4. check if password correct
if value.password ~= password then
return 401, { message = "password is error" }
end
end
Can anyone give some advice? Is this is needed for your scenarios?
