This is a huge commit, it does following things: (#1942)
1. Remove ks-iam standalone binary, move it to ks-apiserver 2. Generate all devops apis inside kubesphere repository, no need to import s2ioperator. 3. Reorganize ldap code, make it more flexible to use.
This commit is contained in:
zryfish
44
pkg/api/iam/authenticate.go
Normal file
44
pkg/api/iam/authenticate.go
Normal file
@@ -0,0 +1,44 @@
|
||||
package iam
|
||||
|
||||
import (
|
||||
"github.com/spf13/pflag"
|
||||
"time"
|
||||
)
|
||||
|
||||
type AuthenticationOptions struct {
|
||||
// authenticate rate limit will
|
||||
AuthenticateRateLimiterMaxTries int
|
||||
AuthenticateRateLimiterDuration time.Duration
|
||||
|
||||
// maximum retries when authenticate failed
|
||||
MaxAuthenticateRetries int
|
||||
|
||||
// token validation duration, will refresh token expiration for each user request
|
||||
TokenExpiration time.Duration
|
||||
|
||||
// allow multiple users login at the same time
|
||||
MultipleLogin bool
|
||||
}
|
||||
|
||||
func NewAuthenticateOptions() *AuthenticationOptions {
|
||||
return &AuthenticationOptions{
|
||||
AuthenticateRateLimiterMaxTries: 5,
|
||||
AuthenticateRateLimiterDuration: time.Minute * 30,
|
||||
MaxAuthenticateRetries: 0,
|
||||
TokenExpiration: 0,
|
||||
MultipleLogin: false,
|
||||
}
|
||||
}
|
||||
|
||||
func (options *AuthenticationOptions) Validate() []error {
|
||||
var errs []error
|
||||
return errs
|
||||
}
|
||||
|
||||
func (options *AuthenticationOptions) AddFlags(fs *pflag.FlagSet, s *AuthenticationOptions) {
|
||||
fs.IntVar(&options.AuthenticateRateLimiterMaxTries, "authenticate-rate-limiter-max-retries", s.AuthenticateRateLimiterMaxTries, "")
|
||||
fs.DurationVar(&options.AuthenticateRateLimiterDuration, "authenticate-rate-limiter-duration", s.AuthenticateRateLimiterDuration, "")
|
||||
fs.IntVar(&options.MaxAuthenticateRetries, "authenticate-max-retries", s.MaxAuthenticateRetries, "")
|
||||
fs.DurationVar(&options.TokenExpiration, "token-expiration", s.TokenExpiration, "")
|
||||
fs.BoolVar(&options.MultipleLogin, "multiple-login", s.MultipleLogin, "")
|
||||
}
|
||||
40
pkg/api/iam/user.go
Normal file
40
pkg/api/iam/user.go
Normal file
@@ -0,0 +1,40 @@
|
||||
package iam
|
||||
|
||||
import (
|
||||
"kubesphere.io/kubesphere/pkg/server/errors"
|
||||
"time"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
Username string `json:"username"`
|
||||
Email string `json:"email"`
|
||||
Lang string `json:"lang,omitempty"`
|
||||
Description string `json:"description"`
|
||||
CreateTime time.Time `json:"create_time"`
|
||||
Groups []string `json:"groups,omitempty"`
|
||||
Password string `json:"password,omitempty"`
|
||||
}
|
||||
|
||||
func NewUser() *User {
|
||||
return &User{
|
||||
Username: "",
|
||||
Email: "",
|
||||
Lang: "",
|
||||
Description: "",
|
||||
CreateTime: time.Time{},
|
||||
Groups: nil,
|
||||
Password: "",
|
||||
}
|
||||
}
|
||||
|
||||
func (u *User) Validate() error {
|
||||
if u.Username == "" {
|
||||
return errors.New("username can not be empty")
|
||||
}
|
||||
|
||||
if u.Password == "" {
|
||||
return errors.New("password can not be empty")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
@@ -20,7 +20,7 @@ package v1alpha2
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"kubesphere.io/kubesphere/pkg/models/iam"
|
||||
"kubesphere.io/kubesphere/pkg/api/iam"
|
||||
"net/mail"
|
||||
)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user