diff --git a/backend/WebUI/api_webui.go b/backend/WebUI/api_webui.go index 01410334..3568a1b5 100644 --- a/backend/WebUI/api_webui.go +++ b/backend/WebUI/api_webui.go @@ -463,9 +463,11 @@ func Login(c *gin.Context) { userId := userData["userId"].(string) tenantId := userData["tenantId"].(string) - logger.ProcLog.Warnln("Login success", login.Username) - logger.ProcLog.Warnln("userid", userId) - logger.ProcLog.Warnln("tenantid", tenantId) + logger.ProcLog.Warnln("Login success {", + "username:", login.Username, + ", userid:", userId, + ", tenantid:", tenantId, + "}") token := JWT(login.Username, userId, tenantId) logger.ProcLog.Warnln("token", token) @@ -504,7 +506,9 @@ func ParseJWT(tokenStr string) (jwt.MapClaims, error) { // Check of admin user. This should be done with proper JWT token. func CheckAuth(c *gin.Context) bool { tokenStr := c.GetHeader("Token") - if tokenStr == "admin" { + claims, err := ParseJWT(tokenStr) + + if err == nil && claims["email"] == "admin" { return true } else { return false @@ -514,7 +518,7 @@ func CheckAuth(c *gin.Context) bool { // Tenant ID func GetTenantId(c *gin.Context) (string, error) { tokenStr := c.GetHeader("Token") - if tokenStr == "admin" { + if !CheckAuth(c) { return "", nil } claims, err := ParseJWT(tokenStr) @@ -530,7 +534,7 @@ func GetTenants(c *gin.Context) { setCorsHeader(c) if !CheckAuth(c) { - c.JSON(http.StatusNotFound, bson.M{}) + c.JSON(http.StatusNotFound, gin.H{"cause": "Illegal Token"}) return } @@ -932,12 +936,7 @@ func GetSubscribers(c *gin.Context) { logger.ProcLog.Infoln("Get All Subscribers List") tokenStr := c.GetHeader("Token") - - var claims jwt.MapClaims = nil - var err error = nil - if tokenStr != "admin" { - claims, err = ParseJWT(tokenStr) - } + claims, err := ParseJWT(tokenStr) if err != nil { logger.ProcLog.Errorln(err.Error()) c.JSON(http.StatusBadRequest, gin.H{ @@ -975,7 +974,7 @@ func GetSubscribers(c *gin.Context) { return } - if tokenStr == "admin" || tenantId == claims["tenantId"].(string) { + if claims["email"] == "admin" || tenantId == claims["tenantId"].(string) { tmp := SubsListIE{ PlmnID: servingPlmnId.(string), UeId: ueId.(string), @@ -1156,13 +1155,8 @@ func PostSubscriberByID(c *gin.Context) { setCorsHeader(c) logger.ProcLog.Infoln("Post One Subscriber Data") - var claims jwt.MapClaims = nil - var err error = nil tokenStr := c.GetHeader("Token") - - if tokenStr != "admin" { - claims, err = ParseJWT(tokenStr) - } + claims, err := ParseJWT(tokenStr) if err != nil { logger.ProcLog.Errorln(err.Error()) c.JSON(http.StatusBadRequest, gin.H{ @@ -1571,7 +1565,6 @@ func GetRegisteredUEContext(c *gin.Context) { webuiSelf.UpdateNfProfiles() supi, supiExists := c.Params.Get("supi") - // TODO: support fetching data from multiple AMFs if amfUris := webuiSelf.GetOamUris(models.NfType_AMF); amfUris != nil { var requestUri string diff --git a/backend/webui_service/webui_init.go b/backend/webui_service/webui_init.go index ce498ed6..24df117b 100644 --- a/backend/webui_service/webui_init.go +++ b/backend/webui_service/webui_init.go @@ -6,6 +6,8 @@ import ( "github.com/gin-contrib/cors" "github.com/sirupsen/logrus" + "go.mongodb.org/mongo-driver/bson" + "golang.org/x/crypto/bcrypt" "github.com/free5gc/util/mongoapi" "github.com/free5gc/webconsole/backend/WebUI" @@ -77,6 +79,29 @@ func (a *WebuiApp) Start(tlsKeyLogPath string) { return } + // Create admin account + filter := bson.M{"email": "admin"} + hash, err := bcrypt.GenerateFromPassword([]byte("free5gc"), 12) + if err != nil { + logger.InitLog.Errorf("GenerateFromPassword err: %+v", err) + } + + data := bson.M{ + "userId": "1", + "tenantId": "1", + "email": "admin", + "encryptedPassword": string(hash), + } + + existed, err := mongoapi.RestfulAPIPutOne("userData", filter, data) + if err != nil { + logger.InitLog.Errorf("RestfulAPIPutOne err: %+v", err) + } + + if existed { + logger.InitLog.Infof("Admin existed.") + } + logger.InitLog.Infoln("Server started") router := WebUI.NewRouter() diff --git a/frontend/src/components/SideBar/Nav.js b/frontend/src/components/SideBar/Nav.js index 1effbbe5..925fc599 100644 --- a/frontend/src/components/SideBar/Nav.js +++ b/frontend/src/components/SideBar/Nav.js @@ -9,7 +9,7 @@ class Nav extends Component { let {location} = this.props; let user = LocalStorageHelper.getUserInfo(); let childView = ""; - if (user.accessToken === "admin") { + if (user.username === "admin") { childView = (
  • diff --git a/frontend/src/pages/Auth/Login.js b/frontend/src/pages/Auth/Login.js index fc5f8ceb..5f5d7759 100644 --- a/frontend/src/pages/Auth/Login.js +++ b/frontend/src/pages/Auth/Login.js @@ -16,7 +16,7 @@ class Login extends Component { password: "", }; - conponentWillMount() { + componentWillMount() { this.setState({ submitDisabled: false, errorMsg: "", diff --git a/frontend/src/util/AuthHelper.js b/frontend/src/util/AuthHelper.js index 4f902d89..a86225b4 100644 --- a/frontend/src/util/AuthHelper.js +++ b/frontend/src/util/AuthHelper.js @@ -14,24 +14,20 @@ export default class AuthHelper { * @return {Promise<(boolean|string)>} true for success, string for error message */ static async login(username, password) { - if (username === config.USERNAME && password === config.PASSWORD) { - let user = new User(username, "System Administrator", "admin"); + let response = await ApiHelper.login({username: username, password: password}); + + if (response !== undefined && response.status === 200) { + var user = null + if (username == "admin") { + user = new User(username, "System Administrator", response.data.access_token); + } else { + user = new User(username, "User", response.data.access_token); + } LocalStorageHelper.setUserInfo(user); store.dispatch(authActions.setUser(user)); return true; } else { - let response = await ApiHelper.login({username: username, password: password}); - if (response === undefined) { - return false; - } - if (response.status === 200) { - let user = new User(username, "User", response.data.access_token); - LocalStorageHelper.setUserInfo(user); - store.dispatch(authActions.setUser(user)); - return true; - } else { - return false; - } + return false; } }