diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 58648a9b..7e2489fa 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -393,14 +393,20 @@ location /__internal/do/not/use/accounts { content_by_lua_block { local json = require('cjson') - local accounts_enabled = require("skynet.account").accounts_enabled() - local is_auth_required = require("skynet.account").is_auth_required() - local is_authenticated = accounts_enabled and require("skynet.account").is_authenticated() + local skynet_account = require("skynet.account") + + local accounts_enabled = skynet_account.accounts_enabled() + local is_auth_required = skynet_account.is_auth_required() + local is_subscription_required = skynet_account.is_subscription_required() + local is_authenticated = skynet_account.is_authenticated() + local has_subscription = skynet_account.has_subscription() ngx.say(json.encode{ enabled = accounts_enabled, auth_required = is_auth_required, + subscription_required = is_subscription_required, authenticated = is_authenticated, + subscription = has_subscription, }) return ngx.exit(ngx.HTTP_OK) } diff --git a/docker/nginx/libs/skynet/account.lua b/docker/nginx/libs/skynet/account.lua index 83ea3ba7..48490dc2 100644 --- a/docker/nginx/libs/skynet/account.lua +++ b/docker/nginx/libs/skynet/account.lua @@ -1,13 +1,15 @@ local _M = {} -- fallback - remember to keep those updated -local anon_limits = { ["tierName"] = "anonymous", ["upload"] = 655360, ["download"] = 655360, ["maxUploadSize"] = 1073741824, ["registry"] = 250 } +local anon_limits = { ["tierID"] = 0, ["tierName"] = "anonymous", ["upload"] = 655360, ["download"] = 655360, ["maxUploadSize"] = 1073741824, ["registry"] = 250 } -- no limits applied -local no_limits = { ["tierName"] = "internal", ["upload"] = 0, ["download"] = 0, ["maxUploadSize"] = 0, ["registry"] = 0 } +local no_limits = { ["tierID"] = -1, ["tierName"] = "internal", ["upload"] = 0, ["download"] = 0, ["maxUploadSize"] = 0, ["registry"] = 0 } --- free tier name -local free_tier = "free" +-- constant tier ids +local tier_id_internal = -1 +local tier_id_anonymous = 0 +local tier_id_free = 1 -- handle request exit when access to portal should be restricted to authenticated users only function _M.exit_access_unauthorized(message) @@ -62,16 +64,18 @@ end -- detect whether current user is authenticated function _M.is_authenticated() + if not _M.accounts_enabled() then return false end + local limits = _M.get_account_limits() - return limits.tierName ~= anon_limits.tierName + return limits.tierID > tier_id_anonymous end -- detect whether current user has active subscription -function _M.is_subscription_account() +function _M.has_subscription() local limits = _M.get_account_limits() - return limits.tierName ~= anon_limits.tierName and limits.tierName ~= free_tier + return limits.tierID > tier_id_free end function _M.is_auth_required() @@ -101,7 +105,7 @@ function _M.is_access_forbidden() if is_access_always_allowed() then return false end -- check if active subscription is required and request is from user without it - return _M.is_subscription_required() and not _M.is_subscription_account() + return _M.is_subscription_required() and not _M.has_subscription() end return _M