auth: implement recover

auth/store.go

@@ -30,6 +30,8 @@ import (
 
 var (
 	enableFlagKey = []byte("authEnabled")
+	authEnabled   = []byte{1}
+	authDisabled  = []byte{0}
 
 	authBucketName      = []byte("auth")
 	authUsersBucketName = []byte("authUsers")
@@ -125,8 +127,6 @@ type authStore struct {
 }
 
 func (as *authStore) AuthEnable() error {
-	value := []byte{1}
-
 	b := as.be
 	tx := b.BatchTx()
 	tx.Lock()
@@ -144,7 +144,7 @@ func (as *authStore) AuthEnable() error {
 		return ErrRootRoleNotExist
 	}
 
-	tx.UnsafePut(authBucketName, enableFlagKey, value)
+	tx.UnsafePut(authBucketName, enableFlagKey, authEnabled)
 
 	as.enabledMu.Lock()
 	as.enabled = true
@@ -158,12 +158,10 @@ func (as *authStore) AuthEnable() error {
 }
 
 func (as *authStore) AuthDisable() {
-	value := []byte{0}
-
 	b := as.be
 	tx := b.BatchTx()
 	tx.Lock()
-	tx.UnsafePut(authBucketName, enableFlagKey, value)
+	tx.UnsafePut(authBucketName, enableFlagKey, authDisabled)
 	tx.Unlock()
 	b.ForceCommit()
 
@@ -207,8 +205,21 @@ func (as *authStore) Authenticate(name string, password string) (*pb.Authenticat
 }
 
 func (as *authStore) Recover(be backend.Backend) {
+	enabled := false
 	as.be = be
-	// TODO(mitake): recovery process
+	tx := be.BatchTx()
+	tx.Lock()
+	_, vs := tx.UnsafeRange(authBucketName, enableFlagKey, nil, 0)
+	if len(vs) == 1 {
+		if bytes.Equal(vs[0], authEnabled) {
+			enabled = true
+		}
+	}
+	tx.Unlock()
+
+	as.enabledMu.Lock()
+	as.enabled = enabled
+	as.enabledMu.Unlock()
 }
 
 func (as *authStore) UserAdd(r *pb.AuthUserAddRequest) (*pb.AuthUserAddResponse, error) {