dashboard: Support configuration for disabling login (#997)

sentinel-dashboard/src/main/java/com/alibaba/csp/sentinel/dashboard/auth/SimpleWebAuthServiceImpl.java

@@ -15,6 +15,7 @@
  */
 package com.alibaba.csp.sentinel.dashboard.auth;
 
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Primary;
 import org.springframework.stereotype.Component;
 
@@ -25,8 +26,9 @@ import javax.servlet.http.HttpSession;
  * @author cdfive
  * @since 1.6.0
  */
-@Primary
 @Component
+@Primary
+@ConditionalOnProperty(name = "auth.enabled", matchIfMissing = true)
 public class SimpleWebAuthServiceImpl implements AuthService<HttpServletRequest> {
 
     public static final String WEB_SESSION_KEY = "session_sentinel_admin";

sentinel-dashboard/src/main/java/com/alibaba/csp/sentinel/dashboard/controller/AuthController.java

@@ -22,10 +22,10 @@ import com.alibaba.csp.sentinel.dashboard.domain.Result;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.servlet.http.HttpServletRequest;
@@ -46,6 +46,9 @@ public class AuthController {
     @Value("${auth.password:sentinel}")
     private String authPassword;
 
+    @Autowired
+    private AuthService<HttpServletRequest> authService;
+
     @PostMapping("/login")
     public Result<AuthService.AuthUser> login(HttpServletRequest request, String username, String password) {
         if (StringUtils.isNotBlank(DashboardConfig.getAuthUsername())) {
@@ -72,9 +75,18 @@ public class AuthController {
         return Result.ofSuccess(authUser);
     }
 
-    @RequestMapping(value = "/logout", method = RequestMethod.POST)
+    @PostMapping(value = "/logout")
     public Result<?> logout(HttpServletRequest request) {
         request.getSession().invalidate();
         return Result.ofSuccess(null);
     }
+
+    @PostMapping(value = "/check")
+    public Result<?> check(HttpServletRequest request) {
+        AuthService.AuthUser authUser = authService.getAuthUser(request);
+        if (authUser == null) {
+            return Result.ofFail(-1, "Not logged in");
+        }
+        return Result.ofSuccess(authUser);
+    }
 }

sentinel-dashboard/src/main/resources/application.properties

@@ -12,6 +12,7 @@ logging.pattern.file= %d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %
 #auth settings
 auth.filter.exclude-urls=/,/auth/login,/auth/logout,/registry/machine,/version
 auth.filter.exclude-url-suffixes=htm,html,js,css,map,ico,ttf,woff,png
+# If auth.enabled=false, Sentinel console disable login
 auth.username=sentinel
 auth.password=sentinel
 

sentinel-dashboard/src/main/webapp/resources/app/scripts/controllers/login.js

@@ -22,10 +22,7 @@ app.controller('LoginCtl', ['$scope', '$state', '$window', 'AuthService',
 
       AuthService.login(param).success(function (data) {
         if (data.code == 0) {
-          $window.localStorage.setItem('session_sentinel_admin', {
-            username: data.data
-          });
-
+          $window.localStorage.setItem('session_sentinel_admin', JSON.stringify(data.data));
           $state.go('dashboard');
         } else {
           alert(data.msg);

sentinel-dashboard/src/main/webapp/resources/app/scripts/directives/header/header.html

@@ -4,7 +4,7 @@
       <span style="color: #fff;font-size: 26px;">Sentinel 控制台</span>
     </div>
     <ul class="nav navbar-nav navbar-right">
-      <li>
+      <li ng-show="showLogout">
         <a href="javascript:void(0);" ng-click="logout()"
            style="margin: 3px 15px 0 0;"><span class="glyphicon glyphicon-log-out"></span>&nbsp;注销</a>
       </li>

sentinel-dashboard/src/main/webapp/resources/app/scripts/directives/header/header.js

@@ -11,8 +11,25 @@ angular.module('sentinelDashboardApp')
       restrict: 'E',
       replace: true,
       controller: function ($scope, $state, $window, AuthService) {
-        if (!$window.localStorage.getItem('session_sentinel_admin')) {
-          $state.go('login');
+        if (!$window.localStorage.getItem("session_sentinel_admin")) {
+          AuthService.check().success(function (data) {
+            if (data.code == 0) {
+              $window.localStorage.setItem('session_sentinel_admin', JSON.stringify(data.data));
+              handleLogout($scope, data.data.id)
+            } else {
+              $state.go('login');
+            }
+          });
+        } else {
+          handleLogout($scope, JSON.parse($window.localStorage.getItem("session_sentinel_admin")).id)
+        }
+
+        function handleLogout($scope, id) {
+          if (id == 'FAKE_EMP_ID') {
+            $scope.showLogout = false;
+          } else {
+            $scope.showLogout = true;
+          }
         }
 
         $scope.logout = function () {

sentinel-dashboard/src/main/webapp/resources/app/scripts/services/auth_service.js

@@ -1,6 +1,13 @@
 var app = angular.module('sentinelDashboardApp');
 
 app.service('AuthService', ['$http', function ($http) {
+  this.check = function () {
+    return $http({
+      url: '/auth/check',
+      method: 'POST'
+    });
+  };
+
   this.login = function (param) {
     return $http({
       url: '/auth/login',