标签:CUBESTORE S3 dalongrong driver auth cubestore user config
昨天有说明关于mysql协议支持auth的,今天说明下driver支持auth 的方法(已经支持了,只是代码处理需要调整下)
cubestore 源码修改
- 添加auth支持
基于环境变量进行是否进行auth支持的判断 CUBESTORE_AUTH_ENABLE=1 使用,默认没有配置的就不使用
#[async_trait]
impl SqlAuthService for SqlAuthDefaultImpl {
async fn authenticate(&self, _user: Option<String>) -> Result<Option<String>, CubeError> {
let enable_auth = env_bool("CUBESTORE_AUTH_ENABLE", false);
if enable_auth==true {
info!("cubestore enable auth check");
let user = match _user {
None => {
info!("{}", "user is null");
Err(CubeError {
message: "error".to_string(),
cause: CubeErrorCauseType::User,
})
},
Some(user) => {
info!("auth user {}", user);
if user == env::var("CUBESTORE_USERNAME").ok().unwrap() {
Ok(None)
} else {
Err(CubeError {
message: "error".to_string(),
cause: CubeErrorCauseType::User,
})
}
}
};
user
}else{
Ok(None)
}
}
}
cubestore driver 支持
实际上还是依赖了ws 客户端(支持基于header 的数据传递),同时默认cubestore 支持基于basic auth 的websocket 连接处理
所以我们就可以直接使用
- 需要修改的代码
src/WebSocketConnection.ts src/CubeStoreDriver.ts
// 支持header
private options: any;
public constructor(url: string,options:{}) {
this.url = url;
this.messageCounter = 1;
this.options = options;
}
protected async initWebSocket() {
if (!this.webSocket) {
const webSocket: any = new WebSocket(this.url,this.options);
// 支持websocket带header的连接
public constructor(config?: Partial<ConnectionConfig>) {
super();
this.config = {
...config,
host: config?.host || getEnv('cubeStoreHost'),
port: config?.port || getEnv('cubeStorePort'),
user: config?.user || getEnv('cubeStoreUser'),
password: config?.password || getEnv('cubeStorePass'),
};
this.baseUrl = (this.config.url || `ws://${this.config.host || 'localhost'}:${this.config.port || '3030'}/`).replace(/\/ws$/, '/').replace(/\/$/, '');
var authHeader: any = {}
if (this.config.user && this.config.password) {
var base64Str = Buffer.from(`${this.config.user}:${this.config.password}`).toString('base64');
authHeader = {
headers: {
'Authorization': `Basic ${base64Str}`
}
};
}
this.connection = new WebSocketConnection(`${this.baseUrl}/ws`, authHeader);
}
参考使用
- docker-compose
version: "3"
services:
postgres:
image: postgres:12.2
environment:
- POSTGRES_PASSWORD=dalong
ports:
- 5432:5432
minio:
image: minio/minio
command: server /data
environment:
- MINIO_ACCESS_KEY=dalongrong
- MINIO_SECRET_KEY=dalongrong
ports:
- 9000:9000
cubestore_router:
restart: always
image: dalongrong/cubestore:v2
environment:
- CUBESTORE_LOG_LEVEL=trace
- CUBESTORE_SERVER_NAME=cubestore_router:9999
- CUBESTORE_META_PORT=9999
- CUBESTORE_S3_BUCKET=test
- CUBESTORE_S3_ENDPOINT=http://minio:9000
- CUBESTORE_S3_REGION=us-east-1
- CUBESTORE_S3_PATH_STYLE=1
- CUBESTORE_AUTH_ENABLE=1
- CUBESTORE_USERNAME=dalong
- CUBESTORE_AWS_ACCESS_KEY_ID=dalongrong
- CUBESTORE_AWS_SECRET_ACCESS_KEY=dalongrong
- CUBESTORE_WORKERS=cubestore_worker_1:9001,cubestore_worker_2:9001
- CUBESTORE_REMOTE_DIR=/cube/data
ports:
- "9999:9999"
- "3030:3030"
- "3306:3306"
expose:
- 9999 # This exposes the Metastore endpoint
- 3030 # This exposes the HTTP endpoint for CubeJS
- 3306
cubestore_worker_1:
restart: always
image: dalongrong/cubestore:v2
environment:
- CUBESTORE_SERVER_NAME=cubestore_worker_1:9001
- CUBESTORE_WORKER_PORT=9001
- CUBESTORE_S3_BUCKET=test
- CUBESTORE_S3_ENDPOINT=http://minio:9000
- CUBESTORE_S3_REGION=us-east-1
- CUBESTORE_S3_PATH_STYLE=1
- CUBESTORE_AUTH_ENABLE=1
- CUBESTORE_USERNAME=dalong
- CUBESTORE_AWS_ACCESS_KEY_ID=dalongrong
- CUBESTORE_AWS_SECRET_ACCESS_KEY=dalongrong
- CUBESTORE_META_ADDR=cubestore_router:9999
- CUBESTORE_REMOTE_DIR=/cube/data
depends_on:
- cubestore_router
expose:
- 9001
cubestore_worker_2:
restart: always
image: dalongrong/cubestore:v2
environment:
- CUBESTORE_SERVER_NAME=cubestore_worker_2:9001
- CUBESTORE_WORKER_PORT=9001
- CUBESTORE_S3_BUCKET=test
- CUBESTORE_S3_ENDPOINT=http://minio:9000
- CUBESTORE_S3_REGION=us-east-1
- CUBESTORE_S3_PATH_STYLE=1
- CUBESTORE_AUTH_ENABLE=1
- CUBESTORE_USERNAME=dalong
- CUBESTORE_AWS_ACCESS_KEY_ID=dalongrong
- CUBESTORE_AWS_SECRET_ACCESS_KEY=dalongrong
- CUBESTORE_META_ADDR=cubestore_router:9999
- CUBESTORE_REMOTE_DIR=/cube/data
depends_on:
- cubestore_router
expose:
- 9001
- cube.js app
cube.js 文件
// Cube.js configuration options: https://cube.dev/docs/config
const {CubeStoreDriver,CubeStoreQuery } = require("@dalongrong/cubestore-driver")
module.exports = {
externalDialectFactory: (dataSource) => {
console.log("externalDialectFactory",dataSource)
return CubeStoreQuery
},
telemetry: false,
externalDbType:({ dataSource } = {}) => {
return "cubestore"
},
externalDriverFactory: () => {
return new CubeStoreDriver({
host:"localhost",
port:3030,
user:"dalong",
password:"dalong"
})
}
};
- 效果
说明:输错账户会提示403如下: 
正常的 
参考资料
https://github.com/rongfengliang/cubestore-driver
标签:CUBESTORE,S3,dalongrong,driver,auth,cubestore,user,config 来源: https://www.cnblogs.com/rongfengliang/p/14743128.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。