Merge branch 'develop' into feature_multi_tenant
This commit is contained in:
commit
e9811c84c6
@ -0,0 +1,42 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.config.server.model;
|
||||
|
||||
/**
|
||||
* user info
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
public class User {
|
||||
private String username;
|
||||
private String password;
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
}
|
@ -33,6 +33,7 @@ import java.util.Map.Entry;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
|
||||
import com.alibaba.nacos.config.server.model.*;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.dao.DataAccessException;
|
||||
@ -53,19 +54,6 @@ import org.springframework.transaction.TransactionSystemException;
|
||||
import org.springframework.transaction.support.TransactionCallback;
|
||||
import org.springframework.transaction.support.TransactionTemplate;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import com.alibaba.nacos.config.server.model.ConfigAdvanceInfo;
|
||||
import com.alibaba.nacos.config.server.model.ConfigAllInfo;
|
||||
import com.alibaba.nacos.config.server.model.ConfigHistoryInfo;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfo;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfo4Beta;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfo4Tag;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfoAggr;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfoBase;
|
||||
import com.alibaba.nacos.config.server.model.ConfigInfoChanged;
|
||||
import com.alibaba.nacos.config.server.model.ConfigKey;
|
||||
import com.alibaba.nacos.config.server.model.Page;
|
||||
import com.alibaba.nacos.config.server.model.SubInfo;
|
||||
import com.alibaba.nacos.config.server.model.TenantInfo;
|
||||
import com.alibaba.nacos.config.server.utils.LogUtil;
|
||||
import com.alibaba.nacos.config.server.utils.MD5;
|
||||
import com.alibaba.nacos.config.server.utils.PaginationHelper;
|
||||
@ -455,6 +443,15 @@ public class PersistService {
|
||||
}
|
||||
}
|
||||
|
||||
static final class UserRowMapper implements RowMapper<User> {
|
||||
public User mapRow(ResultSet rs, int rowNum) throws SQLException {
|
||||
User user = new User();
|
||||
user.setUsername(rs.getString("username"));
|
||||
user.setPassword(rs.getString("password"));
|
||||
return user;
|
||||
}
|
||||
}
|
||||
|
||||
public synchronized void reload() throws IOException {
|
||||
this.dataSourceService.reload();
|
||||
}
|
||||
@ -3113,6 +3110,22 @@ public class PersistService {
|
||||
}
|
||||
}
|
||||
|
||||
public User findUserByUsername(String username) {
|
||||
String sql = "SELECT username,password FROM users WHERE username=? ";
|
||||
try {
|
||||
return this.jt.queryForObject(sql, new Object[] {username}, USER_ROW_MAPPER);
|
||||
} catch (CannotGetJdbcConnectionException e) {
|
||||
fatalLog.error("[db-error] " + e.toString(), e);
|
||||
throw e;
|
||||
} catch (EmptyResultDataAccessException e) {
|
||||
return null;
|
||||
} catch (Exception e) {
|
||||
fatalLog.error("[db-other-error]" + e.getMessage(), e);
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private List<ConfigInfo> convertDeletedConfig(List<Map<String, Object>> list) {
|
||||
List<ConfigInfo> configs = new ArrayList<ConfigInfo>();
|
||||
for (Map<String, Object> map : list) {
|
||||
@ -3265,6 +3278,8 @@ public class PersistService {
|
||||
|
||||
static final TenantInfoRowMapper TENANT_INFO_ROW_MAPPER = new TenantInfoRowMapper();
|
||||
|
||||
static final UserRowMapper USER_ROW_MAPPER = new UserRowMapper();
|
||||
|
||||
static final ConfigInfoWrapperRowMapper CONFIG_INFO_WRAPPER_ROW_MAPPER = new ConfigInfoWrapperRowMapper();
|
||||
|
||||
static final ConfigKeyRowMapper CONFIG_KEY_ROW_MAPPER = new ConfigKeyRowMapper();
|
||||
|
@ -177,3 +177,18 @@ CREATE TABLE `tenant_info` (
|
||||
UNIQUE KEY `uk_tenant_info_kptenantid` (`kp`,`tenant_id`),
|
||||
KEY `idx_tenant_id` (`tenant_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='tenant_info';
|
||||
|
||||
CREATE TABLE users (
|
||||
username varchar(50) NOT NULL PRIMARY KEY,
|
||||
password varchar(500) NOT NULL,
|
||||
enabled boolean NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE roles (
|
||||
username varchar(50) NOT NULL,
|
||||
role varchar(50) NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO users (username, password, enabled) VALUES ('admin', '$2a$10$HxtJtd59imujvbux.i55zOGewhnJiLVXX8D9AETDMV.XtBLDGOXtW', TRUE);
|
||||
|
||||
INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_ADMIN');
|
||||
|
@ -173,3 +173,17 @@ CREATE TABLE tenant_info (
|
||||
CREATE INDEX tenant_info_tenant_id_idx ON tenant_info(tenant_id);
|
||||
|
||||
|
||||
CREATE TABLE users (
|
||||
username varchar(50) NOT NULL PRIMARY KEY,
|
||||
password varchar(500) NOT NULL,
|
||||
enabled boolean NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE roles (
|
||||
username varchar(50) NOT NULL,
|
||||
role varchar(50) NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO users (username, password, enabled) VALUES ('admin', '$2a$10$HxtJtd59imujvbux.i55zOGewhnJiLVXX8D9AETDMV.XtBLDGOXtW', TRUE);
|
||||
|
||||
INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_ADMIN');
|
||||
|
@ -65,10 +65,29 @@
|
||||
<artifactId>mockito-core</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-security</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.jsonwebtoken</groupId>
|
||||
<artifactId>jjwt</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<finalName>nacos-server</finalName>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<artifactId>maven-jar-plugin</artifactId>
|
||||
<configuration>
|
||||
<archive>
|
||||
<manifest>
|
||||
<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
|
||||
<addDefaultSpecificationEntries>true</addDefaultSpecificationEntries>
|
||||
</manifest>
|
||||
</archive>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-maven-plugin</artifactId>
|
||||
|
@ -0,0 +1,107 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.config;
|
||||
|
||||
import com.alibaba.nacos.console.filter.JwtAuthenticationTokenFilter;
|
||||
import com.alibaba.nacos.console.security.CustomUserDetailsServiceImpl;
|
||||
import com.alibaba.nacos.console.security.JwtAuthenticationEntryPoint;
|
||||
import com.alibaba.nacos.console.utils.JwtTokenUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.BeanIds;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
/**
|
||||
* Spring security config
|
||||
*
|
||||
* @author Nacos
|
||||
*/
|
||||
@Configuration
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
public static final String AUTHORIZATION_HEADER = "Authorization";
|
||||
|
||||
public static final String AUTHORIZATION_TOKEN = "access_token";
|
||||
|
||||
public static final String SECURITY_IGNORE_URLS_SPILT_CHAR = ",";
|
||||
|
||||
@Autowired
|
||||
private CustomUserDetailsServiceImpl userDetailsService;
|
||||
|
||||
@Autowired
|
||||
private JwtAuthenticationEntryPoint unauthorizedHandler;
|
||||
|
||||
@Autowired
|
||||
private JwtTokenUtils tokenProvider;
|
||||
|
||||
@Autowired
|
||||
private Environment env;
|
||||
|
||||
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
|
||||
@Override
|
||||
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||
return super.authenticationManagerBean();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(WebSecurity web) {
|
||||
String ignoreURLs = env.getProperty("nacos.security.ignore.urls", "/**");
|
||||
for (String ignoreURL : ignoreURLs.trim().split(SECURITY_IGNORE_URLS_SPILT_CHAR)) {
|
||||
web.ignoring().antMatchers(ignoreURL.trim());
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.anyRequest().authenticated().and()
|
||||
// custom token authorize exception handler
|
||||
.exceptionHandling()
|
||||
.authenticationEntryPoint(unauthorizedHandler).and()
|
||||
// since we use jwt, session is not necessary
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
|
||||
// since we use jwt, csrf is not necessary
|
||||
.csrf().disable();
|
||||
http.addFilterBefore(new JwtAuthenticationTokenFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
// disable cache
|
||||
http.headers().cacheControl();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,82 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.controller;
|
||||
|
||||
import com.alibaba.nacos.console.config.WebSecurityConfig;
|
||||
import com.alibaba.nacos.config.server.model.RestResult;
|
||||
import com.alibaba.nacos.console.utils.JwtTokenUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
/**
|
||||
* auth
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
@RestController("auth")
|
||||
@RequestMapping("/v1/auth")
|
||||
public class AuthController {
|
||||
|
||||
@Autowired
|
||||
private JwtTokenUtils jwtTokenUtils;
|
||||
@Autowired
|
||||
private AuthenticationManager authenticationManager;
|
||||
|
||||
/**
|
||||
* Whether the Nacos is in broken states or not, and cannot recover except by being restarted
|
||||
*
|
||||
* @return HTTP code equal to 200 indicates that Nacos is in right states. HTTP code equal to 500 indicates that
|
||||
* Nacos is in broken states.
|
||||
*/
|
||||
|
||||
@ResponseBody
|
||||
@RequestMapping(value = "login", method = RequestMethod.POST)
|
||||
public RestResult<String> login(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
String username = request.getParameter("username");
|
||||
String password = request.getParameter("password");
|
||||
|
||||
// 通过用户名和密码创建一个 Authentication 认证对象,实现类为 UsernamePasswordAuthenticationToken
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
|
||||
RestResult<String> rr = new RestResult<String>();
|
||||
|
||||
try {
|
||||
//通过 AuthenticationManager(默认实现为ProviderManager)的authenticate方法验证 Authentication 对象
|
||||
Authentication authentication = authenticationManager.authenticate(authenticationToken);
|
||||
//将 Authentication 绑定到 SecurityContext
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
//生成Token
|
||||
String token = jwtTokenUtils.createToken(authentication);
|
||||
//将Token写入到Http头部
|
||||
response.addHeader(WebSecurityConfig.AUTHORIZATION_HEADER, "Bearer " + token);
|
||||
rr.setCode(200);
|
||||
rr.setData("Bearer " + token);
|
||||
return rr;
|
||||
} catch (BadCredentialsException authentication) {
|
||||
rr.setCode(401);
|
||||
rr.setMessage("Login failed");
|
||||
return rr;
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,80 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.filter;
|
||||
|
||||
import com.alibaba.nacos.console.config.WebSecurityConfig;
|
||||
import com.alibaba.nacos.console.utils.JwtTokenUtils;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* jwt auth token filter
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
|
||||
private static final String TOKEN_PREFIX = "Bearer ";
|
||||
|
||||
private JwtTokenUtils tokenProvider;
|
||||
|
||||
public JwtAuthenticationTokenFilter(JwtTokenUtils tokenProvider) {
|
||||
this.tokenProvider = tokenProvider;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
String jwt = resolveToken(request);
|
||||
|
||||
if (!StringUtils.isEmpty(jwt.trim()) && SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
if (this.tokenProvider.validateToken(jwt)) {
|
||||
/**
|
||||
* get auth info
|
||||
*/
|
||||
Authentication authentication = this.tokenProvider.getAuthentication(jwt);
|
||||
/**
|
||||
* save user info to securityContext
|
||||
*/
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
}
|
||||
}
|
||||
|
||||
chain.doFilter(request, response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get token from header
|
||||
*/
|
||||
private String resolveToken(HttpServletRequest request) {
|
||||
String bearerToken = request.getHeader(WebSecurityConfig.AUTHORIZATION_HEADER);
|
||||
if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(TOKEN_PREFIX)) {
|
||||
return bearerToken.substring(7, bearerToken.length());
|
||||
}
|
||||
String jwt = request.getParameter(WebSecurityConfig.AUTHORIZATION_TOKEN);
|
||||
if (StringUtils.hasText(jwt)) {
|
||||
return jwt;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
@ -0,0 +1,55 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.security;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* auth provider
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
@Component
|
||||
public class CustomAuthenticationProvider implements AuthenticationProvider {
|
||||
|
||||
@Autowired
|
||||
private CustomUserDetailsServiceImpl userDetailsService;
|
||||
|
||||
@Override
|
||||
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
|
||||
|
||||
String username = (String) authentication.getPrincipal();
|
||||
String password = (String) authentication.getCredentials();
|
||||
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
|
||||
|
||||
if (!password.equals(userDetails.getPassword())) {
|
||||
return new UsernamePasswordAuthenticationToken(username, null, null);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
return aClass.equals(UsernamePasswordAuthenticationToken.class);
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,73 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.security;
|
||||
|
||||
import com.alibaba.nacos.config.server.model.User;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* custem user
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
public class CustomUserDetails implements UserDetails {
|
||||
|
||||
private User user;
|
||||
|
||||
public CustomUserDetails(User user) {
|
||||
this.user = user;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
// TODO: get authorities
|
||||
return AuthorityUtils.commaSeparatedStringToAuthorityList("");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getPassword() {
|
||||
return user.getPassword();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUsername() {
|
||||
return user.getUsername();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAccountNonExpired() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAccountNonLocked() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,46 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.security;
|
||||
|
||||
|
||||
import com.alibaba.nacos.config.server.model.User;
|
||||
import com.alibaba.nacos.config.server.service.PersistService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
/**
|
||||
* Custem user service
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
@Service
|
||||
public class CustomUserDetailsServiceImpl implements UserDetailsService {
|
||||
|
||||
@Autowired
|
||||
private transient PersistService persistService;
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
|
||||
User user = persistService.findUserByUsername(userName);
|
||||
if (user == null) {
|
||||
throw new UsernameNotFoundException(userName);
|
||||
}
|
||||
return new CustomUserDetails(user);
|
||||
}
|
||||
}
|
@ -0,0 +1,46 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.security;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* jwt auth fail point
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
@Component
|
||||
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(JwtAuthenticationEntryPoint.class);
|
||||
|
||||
@Override
|
||||
public void commence(HttpServletRequest httpServletRequest,
|
||||
HttpServletResponse httpServletResponse,
|
||||
AuthenticationException e) throws IOException, ServletException {
|
||||
logger.error("Responding with unauthorized error. Message - {}", e.getMessage());
|
||||
httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
|
||||
}
|
||||
}
|
@ -0,0 +1,139 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package com.alibaba.nacos.console.utils;
|
||||
|
||||
import io.jsonwebtoken.*;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
|
||||
/**
|
||||
* Jwt token tool
|
||||
*
|
||||
* @author wfnuser
|
||||
*/
|
||||
@Component
|
||||
public class JwtTokenUtils {
|
||||
|
||||
private final Logger log = LoggerFactory.getLogger(JwtTokenUtils.class);
|
||||
|
||||
private static final String AUTHORITIES_KEY = "auth";
|
||||
|
||||
/**
|
||||
* secret key
|
||||
*/
|
||||
private String secretKey;
|
||||
|
||||
/**
|
||||
* Token validity time(ms)
|
||||
*/
|
||||
private long tokenValidityInMilliseconds;
|
||||
|
||||
@PostConstruct
|
||||
public void init() {
|
||||
this.secretKey = "SecretKey";
|
||||
this.tokenValidityInMilliseconds = 1000 * 60 * 30L;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create token
|
||||
*
|
||||
* @param authentication auth info
|
||||
* @return token
|
||||
*/
|
||||
public String createToken(Authentication authentication) {
|
||||
/**
|
||||
* Current time
|
||||
*/
|
||||
long now = (new Date()).getTime();
|
||||
/**
|
||||
* Validity date
|
||||
*/
|
||||
Date validity;
|
||||
validity = new Date(now + this.tokenValidityInMilliseconds);
|
||||
|
||||
/**
|
||||
* create token
|
||||
*/
|
||||
return Jwts.builder()
|
||||
.setSubject(authentication.getName())
|
||||
.claim(AUTHORITIES_KEY, "")
|
||||
.setExpiration(validity)
|
||||
.signWith(SignatureAlgorithm.HS512, secretKey)
|
||||
.compact();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get auth Info
|
||||
*
|
||||
* @param token token
|
||||
* @return auth info
|
||||
*/
|
||||
public Authentication getAuthentication(String token) {
|
||||
/**
|
||||
* parse the payload of token
|
||||
*/
|
||||
Claims claims = Jwts.parser()
|
||||
.setSigningKey(secretKey)
|
||||
.parseClaimsJws(token)
|
||||
.getBody();
|
||||
|
||||
List<GrantedAuthority> authorities = AuthorityUtils.commaSeparatedStringToAuthorityList((String) claims.get(AUTHORITIES_KEY));
|
||||
|
||||
|
||||
User principal = new User(claims.getSubject(), "", authorities);
|
||||
return new UsernamePasswordAuthenticationToken(principal, "", authorities);
|
||||
}
|
||||
|
||||
/**
|
||||
* validate token
|
||||
*
|
||||
* @param token token
|
||||
* @return whether valid
|
||||
*/
|
||||
public boolean validateToken(String token) {
|
||||
try {
|
||||
Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
|
||||
return true;
|
||||
} catch (SignatureException e) {
|
||||
log.info("Invalid JWT signature.");
|
||||
log.trace("Invalid JWT signature trace: {}", e);
|
||||
} catch (MalformedJwtException e) {
|
||||
log.info("Invalid JWT token.");
|
||||
log.trace("Invalid JWT token trace: {}", e);
|
||||
} catch (ExpiredJwtException e) {
|
||||
log.info("Expired JWT token.");
|
||||
log.trace("Expired JWT token trace: {}", e);
|
||||
} catch (UnsupportedJwtException e) {
|
||||
log.info("Unsupported JWT token.");
|
||||
log.trace("Unsupported JWT token trace: {}", e);
|
||||
} catch (IllegalArgumentException e) {
|
||||
log.info("JWT token compact of handler are invalid.");
|
||||
log.trace("JWT token compact of handler are invalid trace: {}", e);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
@ -41,8 +41,8 @@ db.url.1=jdbc:mysql://11.163.152.91:3306/diamond_devtest?characterEncoding=utf8&
|
||||
db.user=diamond_devtest
|
||||
db.password=4b9622f3f70c7677835ac5a6719e7caf
|
||||
|
||||
|
||||
|
||||
|
||||
enableAccessControl=false
|
||||
|
||||
#spring.security.enabled=false
|
||||
#management.security=false
|
||||
#security.basic.enabled=false
|
||||
#nacos.security.ignore.urls=/**
|
||||
nacos.security.ignore.urls=/,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-fe/public/**,/v1/auth/login,/v1/console/health,/v1/cs/**,/v1/ns/**,/v1/cmdb/**
|
||||
|
@ -171,3 +171,19 @@ CREATE TABLE tenant_info (
|
||||
constraint tenant_info_id_key PRIMARY KEY (id),
|
||||
constraint uk_tenant_info_kptenantid UNIQUE (kp,tenant_id));
|
||||
CREATE INDEX tenant_info_tenant_id_idx ON tenant_info(tenant_id);
|
||||
|
||||
|
||||
CREATE TABLE users (
|
||||
username varchar(50) NOT NULL PRIMARY KEY,
|
||||
password varchar(500) NOT NULL,
|
||||
enabled boolean NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE roles (
|
||||
username varchar(50) NOT NULL,
|
||||
role varchar(50) NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO users (username, password, enabled) VALUES ('admin', '$2a$10$HxtJtd59imujvbux.i55zOGewhnJiLVXX8D9AETDMV.XtBLDGOXtW', TRUE);
|
||||
|
||||
INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_ADMIN');
|
||||
|
@ -26,7 +26,7 @@ module.exports = Object.assign({}, base, {
|
||||
context: ['/'],
|
||||
changeOrigin: true,
|
||||
secure: false,
|
||||
target: 'http://console.nacos.io',
|
||||
target: 'http://localhost:8848',
|
||||
pathRewrite: {'^/v1' : '/nacos/v1'}
|
||||
}],
|
||||
disableHostCheck: true,
|
||||
|
Binary file not shown.
After Width: | Height: | Size: 114 B |
Binary file not shown.
After Width: | Height: | Size: 3.5 KiB |
@ -603,7 +603,22 @@ const request = (function(_global) {
|
||||
beforeSend(xhr) {
|
||||
config.beforeSend && config.beforeSend(xhr);
|
||||
},
|
||||
headers: {
|
||||
Authorization: localStorage.getItem('token'),
|
||||
},
|
||||
})
|
||||
).then(
|
||||
success => {},
|
||||
error => {
|
||||
// 处理403 forbidden
|
||||
if (error && (error.status === 403 || error.status === 401)) {
|
||||
// 跳转至login页
|
||||
// TODO: 用 react-router 重写,改造成本比较高,这里先hack
|
||||
const url = window.location.href;
|
||||
const base_url = url.split('#')[0];
|
||||
window.location = `${base_url}#/login`;
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
// 暴露方法
|
||||
|
@ -30,6 +30,7 @@ import Layout from './layouts/MainLayout';
|
||||
import CookieHelp from './utils/cookie';
|
||||
import { LANGUAGE_KEY, REDUX_DEVTOOLS } from './constants';
|
||||
|
||||
import Login from './pages/Login';
|
||||
import Namespace from './pages/NameSpace';
|
||||
import Newconfig from './pages/ConfigurationManagement/NewConfig';
|
||||
import Configsync from './pages/ConfigurationManagement/ConfigSync';
|
||||
@ -111,13 +112,15 @@ class App extends React.Component {
|
||||
get router() {
|
||||
return (
|
||||
<HashRouter>
|
||||
<Layout navList={_menu.data}>
|
||||
<Switch>
|
||||
<Switch>
|
||||
<Route path="/login" component={Login} />
|
||||
|
||||
<Layout navList={_menu.data}>
|
||||
{MENU.map(item => (
|
||||
<Route key={item.path} {...item} />
|
||||
))}
|
||||
</Switch>
|
||||
</Layout>
|
||||
</Layout>
|
||||
</Switch>
|
||||
</HashRouter>
|
||||
);
|
||||
}
|
||||
|
@ -12,14 +12,16 @@
|
||||
*/
|
||||
|
||||
import React from 'react';
|
||||
import { withRouter } from 'react-router-dom';
|
||||
import PropTypes from 'prop-types';
|
||||
import { connect } from 'react-redux';
|
||||
import { ConfigProvider } from '@alifd/next';
|
||||
import { ConfigProvider, Dropdown, Menu } from '@alifd/next';
|
||||
import siteConfig from '../config';
|
||||
import { changeLanguage } from '@/reducers/locale';
|
||||
|
||||
import './index.scss';
|
||||
|
||||
@withRouter
|
||||
@connect(
|
||||
state => ({ ...state.locale }),
|
||||
{ changeLanguage }
|
||||
@ -40,8 +42,29 @@ class Header extends React.Component {
|
||||
changeLanguage(currentLanguage);
|
||||
};
|
||||
|
||||
logout = () => {
|
||||
window.localStorage.clear();
|
||||
this.props.history.push('/login');
|
||||
};
|
||||
|
||||
getUsername = () => {
|
||||
const token = window.localStorage.getItem('token');
|
||||
if (token) {
|
||||
const base64Url = token.split('.')[1];
|
||||
const base64 = base64Url.replace('-', '+').replace('_', '/');
|
||||
const parsedToken = JSON.parse(window.atob(base64));
|
||||
console.log(parsedToken);
|
||||
return parsedToken.sub;
|
||||
}
|
||||
return '';
|
||||
};
|
||||
|
||||
render() {
|
||||
const { locale = {}, language = 'en-US' } = this.props;
|
||||
const {
|
||||
locale = {},
|
||||
language = 'en-us',
|
||||
location: { pathname },
|
||||
} = this.props;
|
||||
const { home, docs, blog, community, languageSwitchButton } = locale;
|
||||
const BASE_URL = `https://nacos.io/${language.toLocaleLowerCase()}/`;
|
||||
const NAV_MENU = [
|
||||
@ -65,6 +88,14 @@ class Header extends React.Component {
|
||||
title={siteConfig.name}
|
||||
/>
|
||||
</a>
|
||||
{/* if is login page, we will show logout */}
|
||||
{pathname !== '/login' && (
|
||||
<Dropdown trigger={<div className="logout">{this.getUsername()}</div>}>
|
||||
<Menu>
|
||||
<Menu.Item onClick={this.logout}>{locale.logout}</Menu.Item>
|
||||
</Menu>
|
||||
</Dropdown>
|
||||
)}
|
||||
<span className="language-switch language-switch-primary" onClick={this.switchLang}>
|
||||
{languageSwitchButton}
|
||||
</span>
|
||||
|
@ -18,7 +18,6 @@
|
||||
width: 100%;
|
||||
z-index: 1000;
|
||||
background-color: #fff;
|
||||
border-bottom: 1px solid #eee;
|
||||
}
|
||||
.header-container-primary {
|
||||
background: #252a2f;
|
||||
@ -99,6 +98,13 @@
|
||||
font-size: 14px;
|
||||
opacity: 0.6;
|
||||
}
|
||||
.header-container .header-body .logout {
|
||||
float: right;
|
||||
color: #fff;
|
||||
opacity: 0.6;
|
||||
font-family: Avenir-Medium;
|
||||
margin-right: 40px;
|
||||
}
|
||||
.header-container .header-body .language-switch:hover {
|
||||
opacity: 1;
|
||||
}
|
||||
|
@ -18,6 +18,16 @@ const I18N_CONF = {
|
||||
blog: 'BLOG',
|
||||
community: 'COMMUNITY',
|
||||
languageSwitchButton: '中',
|
||||
logout: 'logout',
|
||||
passwordRequired: 'password should not be empty',
|
||||
usernameRequired: 'username should not be empty',
|
||||
},
|
||||
Login: {
|
||||
login: 'Login',
|
||||
submit: 'Submit',
|
||||
pleaseInputUsername: 'Please input username',
|
||||
pleaseInputPassword: 'Please input password',
|
||||
invalidUsernameOrPassword: 'invalid username or password',
|
||||
},
|
||||
MainLayout: {
|
||||
nacosName: 'NACOS',
|
||||
|
@ -18,6 +18,16 @@ const I18N_CONF = {
|
||||
blog: '博客',
|
||||
community: '社区',
|
||||
languageSwitchButton: 'En',
|
||||
logout: '登出',
|
||||
},
|
||||
Login: {
|
||||
login: '登录',
|
||||
submit: '提交',
|
||||
pleaseInputUsername: '请输入用户名',
|
||||
pleaseInputPassword: '请输入密码',
|
||||
invalidUsernameOrPassword: '用户名或密码错误',
|
||||
passwordRequired: '密码不能为空',
|
||||
usernameRequired: '用户名不能为空',
|
||||
},
|
||||
MainLayout: {
|
||||
nacosName: 'NACOS',
|
||||
|
@ -0,0 +1,120 @@
|
||||
import React from 'react';
|
||||
import { Card, Form, Input, Message, ConfigProvider, Field } from '@alifd/next';
|
||||
import { withRouter } from 'react-router-dom';
|
||||
|
||||
import './index.scss';
|
||||
import Header from '../../layouts/Header';
|
||||
import { request } from '../../globalLib';
|
||||
|
||||
const FormItem = Form.Item;
|
||||
|
||||
@withRouter
|
||||
@ConfigProvider.config
|
||||
class Login extends React.Component {
|
||||
static displayName = 'Login';
|
||||
|
||||
constructor(props) {
|
||||
super(props);
|
||||
this.field = new Field(this);
|
||||
}
|
||||
|
||||
handleSubmit = () => {
|
||||
const { locale = {} } = this.props;
|
||||
this.field.validate((errors, values) => {
|
||||
if (errors) {
|
||||
return;
|
||||
}
|
||||
request({
|
||||
type: 'post',
|
||||
url: 'v1/auth/login',
|
||||
data: values,
|
||||
success: res => {
|
||||
if (res.code === 200) {
|
||||
const data = res.data;
|
||||
// TODO: 封装一个方法存储、读取token
|
||||
localStorage.setItem('token', data);
|
||||
// TODO: 使用react router
|
||||
this.props.history.push('/');
|
||||
}
|
||||
if (res.code === 401) {
|
||||
Message.error({
|
||||
content: locale.invalidUsernameOrPassword,
|
||||
});
|
||||
}
|
||||
},
|
||||
error: () => {
|
||||
Message.error({
|
||||
content: locale.invalidUsernameOrPassword,
|
||||
});
|
||||
},
|
||||
});
|
||||
});
|
||||
};
|
||||
|
||||
render() {
|
||||
const { locale = {} } = this.props;
|
||||
|
||||
return (
|
||||
<div className="home-page">
|
||||
<Header />
|
||||
<section
|
||||
className="top-section"
|
||||
style={{
|
||||
background: 'url(img/black_dot.png) repeat',
|
||||
backgroundSize: '14px 14px',
|
||||
}}
|
||||
>
|
||||
<div className="vertical-middle product-area">
|
||||
<img className="product-logo" src="img/nacos.png" />
|
||||
<p className="product-desc">
|
||||
an easy-to-use dynamic service discovery, configuration and service management
|
||||
platform for building cloud native applications
|
||||
</p>
|
||||
</div>
|
||||
<div className="animation animation1" />
|
||||
<div className="animation animation2" />
|
||||
<div className="animation animation3" />
|
||||
<div className="animation animation4" />
|
||||
<div className="animation animation5" />
|
||||
<Card className="login-panel" contentHeight="auto">
|
||||
<div className="login-header">{locale.login}</div>
|
||||
<Form className="login-form" field={this.field}>
|
||||
<FormItem>
|
||||
<Input
|
||||
{...this.field.init('username', {
|
||||
rules: [
|
||||
{
|
||||
required: true,
|
||||
message: locale.usernameRequired,
|
||||
},
|
||||
],
|
||||
})}
|
||||
placeholder={locale.pleaseInputUsername}
|
||||
/>
|
||||
</FormItem>
|
||||
<FormItem>
|
||||
<Input
|
||||
htmlType="password"
|
||||
placeholder={locale.pleaseInputPassword}
|
||||
{...this.field.init('password', {
|
||||
rules: [
|
||||
{
|
||||
required: true,
|
||||
message: locale.passwordRequired,
|
||||
},
|
||||
],
|
||||
})}
|
||||
/>
|
||||
</FormItem>
|
||||
<FormItem label=" ">
|
||||
<Form.Submit onClick={this.handleSubmit}>{locale.submit}</Form.Submit>
|
||||
</FormItem>
|
||||
</Form>
|
||||
</Card>
|
||||
</section>
|
||||
</div>
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
export default Login;
|
@ -0,0 +1,16 @@
|
||||
/*
|
||||
* Copyright 1999-2018 Alibaba Group Holding Ltd.
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
import Login from './Login';
|
||||
|
||||
export default Login;
|
@ -0,0 +1,108 @@
|
||||
$animationDuration: 2s;
|
||||
|
||||
// 品牌色
|
||||
$brandColor: #2e3034;
|
||||
$mobileWidth: 640px;
|
||||
// 页面主体最大宽度
|
||||
$contentWidth: 1280px;
|
||||
|
||||
@keyframes slashStar {
|
||||
0% {
|
||||
opacity: 1;
|
||||
}
|
||||
|
||||
100% {
|
||||
opacity: 0;
|
||||
}
|
||||
}
|
||||
|
||||
.home-page {
|
||||
.top-section {
|
||||
position: relative;
|
||||
height: 100vh;
|
||||
.login-panel {
|
||||
position: absolute;
|
||||
right: 40px;
|
||||
width: 480px;
|
||||
height: 540px;
|
||||
top: 90px;
|
||||
.login-header {
|
||||
width: 100%;
|
||||
line-height: 45px;
|
||||
font-size: 32px;
|
||||
margin-top: 58px;
|
||||
text-align: center;
|
||||
}
|
||||
.login-form {
|
||||
width: 360px;
|
||||
margin: 80px auto auto auto;
|
||||
input {
|
||||
height: 60px;
|
||||
}
|
||||
button {
|
||||
width: 100%;
|
||||
height: 60px;
|
||||
background: #4190ff 100%;
|
||||
color: white;
|
||||
}
|
||||
}
|
||||
}
|
||||
.animation {
|
||||
position: absolute;
|
||||
width: 6px;
|
||||
height: 6px;
|
||||
border-radius: 50%;
|
||||
background-color: #1be1f6;
|
||||
&1 {
|
||||
left: 15%;
|
||||
top: 70%;
|
||||
animation: slashStar $animationDuration ease-in-out 0.3s infinite;
|
||||
}
|
||||
&2 {
|
||||
left: 34%;
|
||||
top: 35%;
|
||||
animation: slashStar $animationDuration ease-in-out 1.2s infinite;
|
||||
}
|
||||
&3 {
|
||||
left: 53%;
|
||||
top: 20%;
|
||||
animation: slashStar $animationDuration ease-in-out 0.5s infinite;
|
||||
}
|
||||
&4 {
|
||||
left: 72%;
|
||||
top: 64%;
|
||||
animation: slashStar $animationDuration ease-in-out 0.8s infinite;
|
||||
}
|
||||
&5 {
|
||||
left: 87%;
|
||||
top: 30%;
|
||||
animation: slashStar $animationDuration ease-in-out 1.5s infinite;
|
||||
}
|
||||
}
|
||||
.vertical-middle {
|
||||
position: absolute;
|
||||
left: 0;
|
||||
top: 50%;
|
||||
transform: translateY(-50%);
|
||||
}
|
||||
.product-area {
|
||||
width: 431px;
|
||||
margin-left: 40px;
|
||||
}
|
||||
.product-logo {
|
||||
display: block;
|
||||
width: 257px;
|
||||
height: 50px;
|
||||
margin: 0;
|
||||
}
|
||||
.product-desc {
|
||||
opacity: 0.8;
|
||||
font-family: Avenir-Medium;
|
||||
font-size: 24px;
|
||||
color: #fff;
|
||||
max-width: 780px;
|
||||
margin: 12px auto 30px;
|
||||
text-align: left;
|
||||
}
|
||||
}
|
||||
}
|
File diff suppressed because one or more lines are too long
BIN
console/src/main/resources/static/img/black_dot.png
Normal file
BIN
console/src/main/resources/static/img/black_dot.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 114 B |
BIN
console/src/main/resources/static/img/nacos.png
Normal file
BIN
console/src/main/resources/static/img/nacos.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 3.5 KiB |
File diff suppressed because one or more lines are too long
27
console/src/main/resources/static/login.html
Normal file
27
console/src/main/resources/static/login.html
Normal file
@ -0,0 +1,27 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>登录</title>
|
||||
</head>
|
||||
<body>
|
||||
<h3>登录</h3>
|
||||
<form action="/nacos/login" method="post">
|
||||
<table>
|
||||
<tr>
|
||||
<td>用户名:</td>
|
||||
<td><input type="text" name="username"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>密码:</td>
|
||||
<td><input type="password" name="password"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2">
|
||||
<button type="submit">登录</button>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</body>
|
||||
</html>
|
@ -1,7 +1,7 @@
|
||||
|
||||
,--.
|
||||
,--.'|
|
||||
,--,: : | Nacos 0.7.0
|
||||
,--,: : | Nacos ${application.version}
|
||||
,`--.'`| ' : ,---. Running in ${nacos.mode} mode
|
||||
| : : | | ' ,'\ .--.--. Port: ${server.port}
|
||||
: | \ | : ,--.--. ,---. / / | / / ' Pid: ${pid}
|
||||
|
@ -177,3 +177,18 @@ CREATE TABLE `tenant_info` (
|
||||
UNIQUE KEY `uk_tenant_info_kptenantid` (`kp`,`tenant_id`),
|
||||
KEY `idx_tenant_id` (`tenant_id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='tenant_info';
|
||||
|
||||
CREATE TABLE users (
|
||||
username varchar(50) NOT NULL PRIMARY KEY,
|
||||
password varchar(500) NOT NULL,
|
||||
enabled boolean NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE roles (
|
||||
username varchar(50) NOT NULL,
|
||||
role varchar(50) NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO users (username, password, enabled) VALUES ('admin', '$2a$10$HxtJtd59imujvbux.i55zOGewhnJiLVXX8D9AETDMV.XtBLDGOXtW', TRUE);
|
||||
|
||||
INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_ADMIN');
|
||||
|
@ -171,3 +171,18 @@ CREATE TABLE tenant_info (
|
||||
constraint tenant_info_id_key PRIMARY KEY (id),
|
||||
constraint uk_tenant_info_kptenantid UNIQUE (kp,tenant_id));
|
||||
CREATE INDEX tenant_info_tenant_id_idx ON tenant_info(tenant_id);
|
||||
|
||||
CREATE TABLE users (
|
||||
username varchar(50) NOT NULL PRIMARY KEY,
|
||||
password varchar(500) NOT NULL,
|
||||
enabled boolean NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE roles (
|
||||
username varchar(50) NOT NULL,
|
||||
role varchar(50) NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO users (username, password, enabled) VALUES ('admin', '$2a$10$HxtJtd59imujvbux.i55zOGewhnJiLVXX8D9AETDMV.XtBLDGOXtW', TRUE);
|
||||
|
||||
INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_ADMIN');
|
||||
|
21
pom.xml
21
pom.xml
@ -235,18 +235,8 @@
|
||||
<exclude>REPORTING-BUGS.md</exclude>
|
||||
<exclude>README.md</exclude>
|
||||
<exclude>.github/**/*</exclude>
|
||||
<exclude>src/main/resources/*/*/*</exclude>
|
||||
<exclude>src/main/resources/*/*</exclude>
|
||||
<exclude>src/main/resources/*</exclude>
|
||||
<exclude>src/test/resources/*</exclude>
|
||||
<exclude>src/main/resources/static/**/*.js</exclude>
|
||||
<exclude>src/main/resources/**/*.svg</exclude>
|
||||
<exclude>src/main/resources/static/css/*</exclude>
|
||||
<exclude>src/main/resources/static/js/*</exclude>
|
||||
<exclude>src/main/resources/static/console-fe/public/css/console1412.css</exclude>
|
||||
<exclude>src/main/resources/static/console-fe/public/js/vs/editor/editor.main.css</exclude>
|
||||
<exclude>src/main/resources/static/console-fe/dist/js/vs/editor/editor.main.css</exclude>
|
||||
<exclude>src/main/resources/static/console-fe/dist/*/*</exclude>
|
||||
<exclude>src/main/resources/**</exclude>
|
||||
<exclude>src/test/**</exclude>
|
||||
<exclude>bin/*</exclude>
|
||||
<exclude>conf/*</exclude>
|
||||
<exclude>derby.log</exclude>
|
||||
@ -707,6 +697,12 @@
|
||||
<version>3.1.3</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>io.jsonwebtoken</groupId>
|
||||
<artifactId>jjwt</artifactId>
|
||||
<version>0.9.1</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-all</artifactId>
|
||||
@ -731,6 +727,7 @@
|
||||
<version>1.2</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
</project>
|
||||
|
@ -159,3 +159,17 @@ CREATE TABLE tenant_capacity (
|
||||
constraint tenant_capacity_id_key PRIMARY KEY (id),
|
||||
constraint uk_tenant_id UNIQUE (tenant_id));
|
||||
|
||||
CREATE TABLE users (
|
||||
username varchar(50) NOT NULL PRIMARY KEY,
|
||||
password varchar(500) NOT NULL,
|
||||
enabled boolean NOT NULL
|
||||
);
|
||||
|
||||
CREATE TABLE roles (
|
||||
username varchar(50) NOT NULL,
|
||||
role varchar(50) NOT NULL
|
||||
);
|
||||
|
||||
INSERT INTO users (username, password, enabled) VALUES ('admin', '$2a$10$HxtJtd59imujvbux.i55zOGewhnJiLVXX8D9AETDMV.XtBLDGOXtW', TRUE);
|
||||
|
||||
INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_ADMIN');
|
||||
|
Loading…
Reference in New Issue
Block a user