API: Support HTTP basic authentication for API. v6.0.4, v5.0.152 (#3458)

PICK 771ae0a1a6 Co-authored-by: winlin <winlin@vip.126.com> Co-authored-by: john <hondaxiao@tencent.com>
2025-03-09 15:49:59 +00:00 · 2023-04-01 12:45:29 +08:00 · 2023-04-01 12:45:29 +08:00 · 12f3a31175
commit 12f3a31175
parent 41decbae95
14 changed files with 658 additions and 49 deletions
--- a/trunk/src/app/srs_app_http_conn.cpp
+++ b/trunk/src/app/srs_app_http_conn.cpp
@ -54,7 +54,9 @@ ISrsHttpConnOwner::~ISrsHttpConnOwner()
 SrsHttpConn::SrsHttpConn(ISrsHttpConnOwner* handler, ISrsProtocolReadWriter* fd, ISrsHttpServeMux* m, string cip, int cport)
 {
    parser = new SrsHttpParser();
-    cors = new SrsHttpCorsMux();
+    auth = new SrsHttpAuthMux(m);
+    cors = new SrsHttpCorsMux(auth);
+
    http_mux = m;
    handler_ = handler;

@ -74,6 +76,7 @@ SrsHttpConn::~SrsHttpConn()

    srs_freep(parser);
    srs_freep(cors);
+    srs_freep(auth);

    srs_freep(delta_);
 }
@ -227,10 +230,10 @@ srs_error_t SrsHttpConn::process_request(ISrsHttpResponseWriter* w, ISrsHttpMess
    
    srs_trace("HTTP #%d %s:%d %s %s, content-length=%" PRId64 "", rid, ip.c_str(), port,
        r->method_str().c_str(), r->url().c_str(), r->content_length());
-    
-    // use cors server mux to serve http request, which will proxy to http_remux.
+
+    // proxy to cors-->auth-->http_remux.
    if ((err = cors->serve_http(w, r)) != srs_success) {
-        return srs_error_wrap(err, "mux serve");
+        return srs_error_wrap(err, "cors serve");
    }
    
    return err;
@ -256,14 +259,27 @@ srs_error_t SrsHttpConn::set_crossdomain_enabled(bool v)
 {
    srs_error_t err = srs_success;

-    // initialize the cors, which will proxy to mux.
-    if ((err = cors->initialize(http_mux, v)) != srs_success) {
+    if ((err = cors->initialize(v)) != srs_success) {
        return srs_error_wrap(err, "init cors");
    }

    return err;
 }

+srs_error_t SrsHttpConn::set_auth_enabled(bool auth_enabled)
+{
+    srs_error_t err = srs_success;
+
+    // initialize the auth, which will proxy to mux.
+    if ((err = auth->initialize(auth_enabled,
+                    _srs_config->get_http_api_auth_username(), 
+                    _srs_config->get_http_api_auth_password())) != srs_success) {
+        return srs_error_wrap(err, "init auth");
+    }
+
+    return err;
+}
+
 srs_error_t SrsHttpConn::set_jsonp(bool v)
 {
    parser->set_jsonp(v);
@ -451,6 +467,11 @@ srs_error_t SrsHttpxConn::start()
        return srs_error_wrap(err, "set cors=%d", v);
    }

+    bool auth_enabled = _srs_config->get_http_api_auth_enabled();
+    if ((err = conn->set_auth_enabled(auth_enabled)) != srs_success) {
+        return srs_error_wrap(err, "set auth");
+    }
+
    return conn->start();
 }