summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/rabbit_access_control.erl10
-rw-r--r--src/rabbit_auth_backend.erl3
-rw-r--r--src/rabbit_auth_backend_internal.erl19
-rw-r--r--src/rabbit_auth_mechanism_external.erl2
4 files changed, 24 insertions, 10 deletions
diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl
index f419ec11eb..e483637071 100644
--- a/src/rabbit_access_control.erl
+++ b/src/rabbit_access_control.erl
@@ -33,8 +33,9 @@
-include_lib("stdlib/include/qlc.hrl").
-include("rabbit.hrl").
--export([user_pass_login/2, check_user_pass_login/2, make_salt/0,
- check_password/2, check_vhost_access/2, check_resource_access/3]).
+-export([user_pass_login/2, check_user_pass_login/2, check_user_login/2,
+ make_salt/0, check_password/2, check_vhost_access/2,
+ check_resource_access/3]).
-export([add_user/2, delete_user/1, change_password/2, set_admin/1,
clear_admin/1, list_users/0, lookup_user/1]).
-export([change_password_hash/2]).
@@ -109,10 +110,13 @@ user_pass_login(User, Pass) ->
end.
check_user_pass_login(Username, Password) ->
+ check_user_login(Username, [{password, Password}]).
+
+check_user_login(Username, AuthProps) ->
{ok, Modules} = application:get_env(rabbit, auth_backends),
lists:foldl(
fun(Module, {refused, _}) ->
- Module:check_user_pass_login(Username, Password);
+ Module:check_user_login(Username, AuthProps);
(_, {ok, User}) ->
{ok, User}
end, {refused, Username}, Modules).
diff --git a/src/rabbit_auth_backend.erl b/src/rabbit_auth_backend.erl
index bafa069551..3fb5f1b604 100644
--- a/src/rabbit_auth_backend.erl
+++ b/src/rabbit_auth_backend.erl
@@ -38,8 +38,7 @@ behaviour_info(callbacks) ->
%% A description (TODO should this be here if we're not using registry?).
{description, 0},
- %% TODO should we abstract out username / password?
- {check_user_pass_login, 2},
+ {check_user_login, 2},
{check_vhost_access, 2},
diff --git a/src/rabbit_auth_backend_internal.erl b/src/rabbit_auth_backend_internal.erl
index 4be7d11e04..605ebc84dc 100644
--- a/src/rabbit_auth_backend_internal.erl
+++ b/src/rabbit_auth_backend_internal.erl
@@ -35,7 +35,7 @@
-behaviour(rabbit_auth_backend).
-export([description/0]).
--export([check_user_pass_login/2, check_vhost_access/2,
+-export([check_user_login/2, check_vhost_access/2,
check_resource_access/3]).
%%-include("rabbit_auth_backend_spec.hrl").
@@ -46,10 +46,21 @@ description() ->
[{name, <<"Internal">>},
{description, <<"Internal user / password database">>}].
-check_user_pass_login(Username, Password) ->
+check_user_login(Username, []) ->
+ internal_check_user_login(Username, fun() -> true end);
+check_user_login(Username, [{password, Password}]) ->
+ internal_check_user_login(
+ Username,
+ fun(#internal_user{password_hash = Hash}) ->
+ rabbit_access_control:check_password(Password, Hash)
+ end);
+check_user_login(Username, AuthProps) ->
+ exit({unknown_auth_props, Username, AuthProps}).
+
+internal_check_user_login(Username, Fun) ->
case rabbit_access_control:lookup_user(Username) of
- {ok, User = #internal_user{password_hash = Hash, is_admin = IsAdmin}} ->
- case rabbit_access_control:check_password(Password, Hash) of
+ {ok, User = #internal_user{is_admin = IsAdmin}} ->
+ case Fun(User) of
true -> {ok, #user{username = Username,
is_admin = IsAdmin,
auth_backend = ?MODULE,
diff --git a/src/rabbit_auth_mechanism_external.erl b/src/rabbit_auth_mechanism_external.erl
index a597726435..3367e81227 100644
--- a/src/rabbit_auth_mechanism_external.erl
+++ b/src/rabbit_auth_mechanism_external.erl
@@ -86,7 +86,7 @@ init(Sock) ->
handle_response(_Response, #state{username = Username}) ->
case Username of
not_found -> {refused, Username};
- _ -> case rabbit_access_control:lookup_user(Username) of
+ _ -> case rabbit_access_control:check_user_login(Username, []) of
{ok, User} -> {ok, User};
{error, not_found} -> {refused, Username}
end
View Lorry Controller Status