upgrade*: auth pkg change to public

internal/api/auth.go

@@ -32,9 +32,9 @@ import (
 	mycasbin "github.com/go-atomci/atomci/internal/middleware/casbin"
 	"github.com/go-atomci/atomci/internal/middleware/log"
 
-	"github.com/go-atomci/atomci/internal/core/auth"
-	"github.com/go-atomci/atomci/internal/core/auth/ldap"
-	"github.com/go-atomci/atomci/internal/core/auth/local"
+	"github.com/go-atomci/atomci/pkg/auth"
+	"github.com/go-atomci/atomci/pkg/auth/ldap"
+	"github.com/go-atomci/atomci/pkg/auth/local"
 )
 
 // AuthController .operations about login/logout
@@ -68,9 +68,27 @@ func (a *AuthController) Authenticate() {
 	var loginProvider auth.Provider
 	switch req.LoginType {
 	case models.LocalAuth:
-		loginProvider = local.NewProvider()
+		userModel, err := dao.GetUser(req.Username)
+		if err != nil {
+			log.Log.Error("get user error: " + err.Error())
+			a.CustomAbort(http.StatusBadRequest, "用户不存在或密码错误")
+		}
+		loginProvider = local.NewProvider(
+			local.Name(userModel.Name),
+			local.Email(userModel.Email),
+			local.User(userModel.User),
+			local.Password(userModel.Password),
+		)
 	case models.LDAPAuth:
-		loginProvider = ldap.NewProvider()
+		port, _ := beego.AppConfig.Int("ldap::port")
+		loginProvider = ldap.NewProvider(
+			ldap.BaseDN(beego.AppConfig.String("ldap::baseDN")),
+			ldap.Host(beego.AppConfig.String("ldap::host")),
+			ldap.Port(port),
+			ldap.BindDN(beego.AppConfig.String("ldap::bindDN")),
+			ldap.BindPassword(beego.AppConfig.String("ldap::bindPassword")),
+			ldap.UserFilter(beego.AppConfig.String("ldap::userFilter")),
+		)
 	default:
 		log.Log.Error("login_type is %v, not support", req.LoginType)
 		http.Error(a.Ctx.ResponseWriter, "不支持此类型的登录，请联系管理员", http.StatusInternalServerError)

internal/core/auth/ldap/ldap.go → pkg/auth/ldap/ldap.go

@@ -19,20 +19,31 @@ package ldap
 import (
 	"fmt"
 
-	"github.com/go-atomci/atomci/internal/core/auth"
 	"github.com/go-atomci/atomci/internal/middleware/log"
+	"github.com/go-atomci/atomci/pkg/auth"
 
 	"github.com/astaxie/beego"
 	ldap "github.com/colynn/go-ldap-client/v3"
 )
 
 // Provider a ldap authentication provider.
 // TODO: support configuration later
-type Provider struct{}
+type Provider struct {
+	baseDN       string
+	host         string
+	port         int
+	bindDN       string
+	bindPassword string
+	userFilter   string
+}
 
 // NewProvider creates a new ldap authentication provider.
-func NewProvider() auth.Provider {
-	return &Provider{}
+func NewProvider(opts ...Option) auth.Provider {
+	provider := &Provider{}
+	for _, opt := range opts {
+		opt(provider)
+	}
+	return provider
 }
 
 // Authenticate ..
@@ -53,9 +64,8 @@ func (p *Provider) Authenticate(user, password string) (*auth.ExternalAccount, e
 	}
 	defer client.Close()
 
-	resp := map[string]string{}
 	authVerify, resp, err := client.Authenticate(user, password)
-	if authVerify == false {
+	if !authVerify {
 		if err != nil {
 			log.Log.Error("authVerify error: %s", err.Error())
 		}

pkg/auth/ldap/options.go

@@ -0,0 +1,39 @@
+package ldap
+
+type Option func(*Provider)
+
+func BaseDN(baseDN string) Option {
+	return func(p *Provider) {
+		p.baseDN = baseDN
+	}
+}
+
+func Host(host string) Option {
+	return func(p *Provider) {
+		p.host = host
+	}
+}
+
+func Port(port int) Option {
+	return func(p *Provider) {
+		p.port = port
+	}
+}
+
+func BindDN(bindDN string) Option {
+	return func(p *Provider) {
+		p.bindDN = bindDN
+	}
+}
+
+func BindPassword(bindPassword string) Option {
+	return func(p *Provider) {
+		p.bindPassword = bindPassword
+	}
+}
+
+func UserFilter(userFilter string) Option {
+	return func(p *Provider) {
+		p.userFilter = userFilter
+	}
+}

internal/core/auth/local/local.go → pkg/auth/local/local.go

@@ -19,39 +19,41 @@ package local
 import (
 	"fmt"
 
-	"github.com/go-atomci/atomci/internal/core/auth"
-	"github.com/go-atomci/atomci/internal/dao"
 	"github.com/go-atomci/atomci/internal/middleware/log"
+	"github.com/go-atomci/atomci/pkg/auth"
 
 	"golang.org/x/crypto/bcrypt"
 )
 
 // Provider a local authentication provider.
 // TODO: support configuration later
-type Provider struct{}
+type Provider struct {
+	name     string
+	email    string
+	user     string
+	password string
+}
 
 // NewProvider creates a new local authentication provider.
-func NewProvider() auth.Provider {
-	return &Provider{}
+func NewProvider(opts ...Option) auth.Provider {
+	provider := &Provider{}
+	for _, opt := range opts {
+		opt(provider)
+	}
+	return provider
 }
 
 // Authenticate ..
 func (p *Provider) Authenticate(loginUser, password string) (*auth.ExternalAccount, error) {
-	userModel, err := dao.GetUser(loginUser)
-	if err != nil {
-		log.Log.Error("get user error: %v", err.Error())
-		return nil, fmt.Errorf("用户不存在或密码错误")
-	}
-
-	_, err = CompareHashAndPassword(userModel.Password, password)
+	_, err := CompareHashAndPassword(p.password, password)
 	if err != nil {
 		log.Log.Error("comparehas password, error: %v", err.Error())
 		return nil, fmt.Errorf("用户不存在或密码错误")
 	}
 	return &auth.ExternalAccount{
-		Name:  userModel.Name,
-		Email: userModel.Email,
-		User:  userModel.User,
+		Name:  p.name,
+		Email: p.email,
+		User:  p.user,
 	}, nil
 
 }

pkg/auth/local/options.go

@@ -0,0 +1,27 @@
+package local
+
+type Option func(*Provider)
+
+func Name(name string) Option {
+	return func(p *Provider) {
+		p.name = name
+	}
+}
+
+func Email(email string) Option {
+	return func(p *Provider) {
+		p.email = email
+	}
+}
+
+func User(user string) Option {
+	return func(p *Provider) {
+		p.user = user
+	}
+}
+
+func Password(password string) Option {
+	return func(p *Provider) {
+		p.password = password
+	}
+}