禁止default用户登录 #8

Merged
zeekling merged 1 commits from ban_default_user into master 2023-05-28 14:44:46 +00:00
2 changed files with 20 additions and 7 deletions

View File

@ -62,7 +62,7 @@ void *AuthBlockThreadMain(void *arg) {
const char *pwd = RedisModule_StringPtrLen(targ[3], NULL); const char *pwd = RedisModule_StringPtrLen(targ[3], NULL);
void **replyarg = RedisModule_Alloc(sizeof(void *)); void **replyarg = RedisModule_Alloc(sizeof(void *));
int result = 2; int result = 2;
struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGetC(userDict, user, strlen(user), NULL); struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGetC(userDict, (void *)user, strlen(user), NULL);
if (!acl) { if (!acl) {
RedisModule_Log(ctx, LOG_LEVEL_WARNING, "auth failed"); RedisModule_Log(ctx, LOG_LEVEL_WARNING, "auth failed");
result = 0; result = 0;
@ -112,7 +112,7 @@ int moduleAuth(RedisModuleCtx *ctx, RedisModuleString *username,
RedisModuleString *password, RedisModuleString **err) { RedisModuleString *password, RedisModuleString **err) {
const char *user = RedisModule_StringPtrLen(username, NULL); const char *user = RedisModule_StringPtrLen(username, NULL);
const char *pwd = RedisModule_StringPtrLen(password, NULL); const char *pwd = RedisModule_StringPtrLen(password, NULL);
struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGetC(userDict, user, strlen(user), NULL); struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGetC(userDict, (void *)user, strlen(user), NULL);
if (!acl) { if (!acl) {
const char *err_msg = "Auth denied by Misc Module."; const char *err_msg = "Auth denied by Misc Module.";
*err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg)); *err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg));
@ -158,15 +158,26 @@ int initUsers(RedisModuleCtx *ctx, const char *user, const char *passwd) {
memset(acl, 0, sizeof(*acl)); memset(acl, 0, sizeof(*acl));
acl->username = RedisModule_CreateString(ctx, user, strlen(user)); acl->username = RedisModule_CreateString(ctx, user, strlen(user));
acl->password = RedisModule_CreateString(ctx, passwd, strlen(passwd)); acl->password = RedisModule_CreateString(ctx, passwd, strlen(passwd));
int result = RedisModule_DictSetC(userDict, user, strlen(user), acl); int result = RedisModule_DictSetC(userDict, (void *)user, strlen(user), acl);
if (result == REDISMODULE_OK) { if (result == REDISMODULE_OK) {
char *userModule = RedisModule_StringPtrLen(acl->username, NULL); const char *userModule = RedisModule_StringPtrLen(acl->username, NULL);
char *passwdModule = RedisModule_StringPtrLen(acl->password, NULL); RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user add success, username=%s", userModule);
RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user add success, username=%s, password=%s", userModule, passwdModule);
} }
return REDISMODULE_OK; return REDISMODULE_OK;
} }
int banDefaultUser(RedisModuleCtx *ctx) {
RedisModuleCallReply *reply = RedisModule_Call(ctx, "ACL", "ccc", "SETUSER", "default", "off");
if (reply == NULL) {
RedisModule_Log(ctx, LOG_LEVEL_WARNING, "Ban default user failed.");
return REDISMODULE_ERR;
}
size_t len;
const char *replyStr = RedisModule_CallReplyProto(reply, &len);
RedisModule_Log(ctx, "Ban default user success, reply=%s", replyStr);
return REDISMODULE_OK;
}
int RedisModule_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv, int RedisModule_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv,
int argc) { int argc) {
REDISMODULE_NOT_USED(argv); REDISMODULE_NOT_USED(argv);
@ -178,7 +189,7 @@ int RedisModule_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv,
RedisModule_RegisterAuthCallback(ctx, moduleBlockAuth); RedisModule_RegisterAuthCallback(ctx, moduleBlockAuth);
RedisModule_RegisterAuthCallback(ctx, moduleAuth); RedisModule_RegisterAuthCallback(ctx, moduleAuth);
banDefaultUser(ctx);
initUsers(ctx, "foo", "block_allow"); initUsers(ctx, "foo", "block_allow");
RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "init redis-auth success!"); RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "init redis-auth success!");

View File

@ -30,6 +30,8 @@ int moduleAuth(RedisModuleCtx *ctx, RedisModuleString *username, RedisModuleStri
void cronLoopCallBack(RedisModuleCtx *ctx, RedisModuleEvent *e, uint64_t sub, void *data); void cronLoopCallBack(RedisModuleCtx *ctx, RedisModuleEvent *e, uint64_t sub, void *data);
int banDefaultUser(RedisModuleCtx *ctx);
#endif // REDISAUTH_H #endif // REDISAUTH_H