Re: [DISCUSS]]Add Basic authentication plugin

Sun, 05 Jan 2020 20:36:38 -0800 

Great plugin, looking forward to PR.

YuanSheng Wang <membp...@gmail.com> 于2020年1月6日周一 上午10:58写道:

> Hi Kowloon:
>
> Looking forward to this PR. ^_^
>
> On Sun, Jan 5, 2020 at 10:42 PM Kowloon Zh <kowloo...@gmail.com> wrote:
>
> > Hi folks,
> >
> > The most commonly used HTTP authentication scheme is HTTP Basic
> > authentication.
> >
> > I want to add a basic auth plugin to apisix apache, It should have the
> > following functions:
> >
> > 1. API for users to dynamically add and query basic authorization
> > information.
> >
> > function _M.api()
> >     return {
> >         {
> >             methods = { "GET" },
> >             uri = "/apisix/plugin/basic-auth/get",
> >             handler = get_auth,
> >         },
> >         {
> >             methods = { "POST", "PUT" },
> >             uri = "/apisix/plugin/basic-auth/set",
> >             handler = set_auth,
> >         }
> >     }
> > end
> >
> > 2. Verify basic authrization during the access phase.
> >
> > function _M.access(conf, ctx)
> >     core.log.info("plugin access phase, conf: ",
> > core.json.delay_encode(conf))
> >
> >     -- 0. check conf enable
> >     if not conf.enable then
> >         return
> >     end
> >
> >     -- 1. extract username and password from basic_auth header
> >     local headers = ngx.req.get_headers()
> >     if not headers.Authorization then
> >         return 401, { message = "authorization is required" }
> >     end
> >
> >     local username, password, err =
> > extract_auth_header(headers.Authorization)
> >     if err then
> >         return 401, { message = err }
> >     end
> >
> >     -- 2. get user info from etcd
> >     local res = authorizations_etcd:get(username)
> >     if res == nil then
> >         return 401, { message = "failed to find authorization from etcd"
> }
> >     end
> >
> >     -- 3. check if user exists
> >     if not res.value or not res.value.id then
> >         return 401, { message = "user is not found" }
> >     end
> >
> >     local value = res.value
> >
> >     -- 4. check if password correct
> >     if value.password ~= password then
> >         return 401, { message = "password is error" }
> >     end
> > end
> >
> >
> > Can anyone give some advice? Is this is needed for your scenarios?
> >
>
>
> --
>
> *MembPhis*
> My github: https://github.com/membphis
> Apache APISIX: https://github.com/apache/incubator-apisix
>


-- 
Thanks,
Janko

Reply via email to