VKRB/rabbitmq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
DeOwl
2026-03-16 23:07:48 +03:00
commit da0892e7fe
7 changed files with 106 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
auth_backend/Dockerfile Executable file
View File

@@ -0,0 +1,10 @@
FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY server.py .
EXPOSE 8080
CMD ["uvicorn", "server:app", "--host", "0.0.0.0", "--port", "8080"]

3
auth_backend/requirements.txt Executable file
View File

@@ -0,0 +1,3 @@
fastapi
uvicorn
python-multipart

46
auth_backend/server.py Executable file
View File

@@ -0,0 +1,46 @@
from fastapi import FastAPI, Request, Form
from fastapi.responses import PlainTextResponse
app = FastAPI()
USERS = {
"admin": {"password": "secret", "tags": ["administrator", "management"]},
"user1": {"password": "password123", "tags": ["management"]},
}
@app.post("/rabbit/auth/user")
async def auth_user(username: str = Form(...), password: str = Form(...)):
user = USERS.get(username)
if user and user["password"] == password:
return PlainTextResponse("allow " + ", ".join(user["tags"]))
return PlainTextResponse("deny", status_code=403)
@app.post("/rabbit/auth/vhost")
async def auth_vhost(username: str = Form(...), vhost: str = Form(...), ip: str = Form(...)):
if username in USERS:
return PlainTextResponse("allow")
return PlainTextResponse("deny", status_code=403)
@app.post("/rabbit/auth/resource")
async def auth_resource(username: str = Form(...), vhost: str = Form(...), resource: str = Form(...), name: str = Form(...), permission: str = Form(...)):
if username == "admin":
return PlainTextResponse("allow")
if username == "user1" and resource == "queue" and name.startswith("public_"):
if permission in ["read", "configure"]:
return PlainTextResponse("allow")
return PlainTextResponse("deny", status_code=403)
@app.post("/rabbit/auth/topic")
async def auth_topic(username: str = Form(...),
vhost: str = Form(...),
resource: str = Form(...),
name: str = Form(...),
permission: str = Form(...),
topic_path: str = Form(...),
):
if username == "admin" or (username == "user1" and routing_key.startswith("logs.")):
return PlainTextResponse("allow")
return PlainTextResponse("deny", status_code=403)