opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-08-01 09:21:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

add Token authentication support

Browse Source 
Added CRUD methods for Tokens.
Extend Auth Handler to check for the presence of a Bearer Authorization
header to authenticate against. If there is no header, or the token is not
valid, the Auth Handler falls back to looking for a Session.
This commit is contained in:
woodsaj
2015-01-14 16:33:34 +08:00
parent e58cd91487
commit 7b17e38f5d
8 changed files with 311 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
pkg/middleware/auth.go
View File

@ -2,10 +2,10 @@ package middleware
import (
"errors"
"strconv"
"github.com/Unknwon/macaron"
"github.com/macaron-contrib/session"
"strconv"
"strings"
"github.com/torkelo/grafana-pro/pkg/bus"
m "github.com/torkelo/grafana-pro/pkg/models"
@ -39,30 +39,60 @@ func authDenied(c *Context) {
c.Redirect(setting.AppSubUrl + "/login")
}
func authByToken(c *Context) {
header := c.Req.Header.Get("Authorization")
parts := strings.SplitN(header, " ", 2)
if len(parts) != 2 || parts[0] != "Bearer" {
return
}
token := parts[1]
userQuery := m.GetAccountByTokenQuery{Token: token}
err := bus.Dispatch(&userQuery)
if err != nil {
return
}
usingQuery := m.GetAccountByIdQuery{Id: userQuery.Result.UsingAccountId}
err = bus.Dispatch(&usingQuery)
if err != nil {
return
}
c.UserAccount = userQuery.Result
c.Account = usingQuery.Result
}
func authBySession(c *Context, sess session.Store) {
accountId, err := authGetRequestAccountId(c, sess)
if err != nil && c.Req.URL.Path != "/login" {
authDenied(c)
return
}
userQuery := m.GetAccountByIdQuery{Id: accountId}
err = bus.Dispatch(&userQuery)
if err != nil {
authDenied(c)
return
}
usingQuery := m.GetAccountByIdQuery{Id: userQuery.Result.UsingAccountId}
err = bus.Dispatch(&usingQuery)
if err != nil {
authDenied(c)
return
}
c.UserAccount = userQuery.Result
c.Account = usingQuery.Result
}
func Auth() macaron.Handler {
return func(c *Context, sess session.Store) {
accountId, err := authGetRequestAccountId(c, sess)
if err != nil && c.Req.URL.Path != "/login" {
authDenied(c)
return
authByToken(c)
if c.UserAccount == nil {
authBySession(c, sess)
}
userQuery := m.GetAccountByIdQuery{Id: accountId}
err = bus.Dispatch(&userQuery)
if err != nil {
authDenied(c)
return
}
usingQuery := m.GetAccountByIdQuery{Id: userQuery.Result.UsingAccountId}
err = bus.Dispatch(&usingQuery)
if err != nil {
authDenied(c)
return
}
c.UserAccount = userQuery.Result
c.Account = usingQuery.Result
}
}