diff --git a/conf/defaults.ini b/conf/defaults.ini index 891c04920e1..88218240bac 100644 --- a/conf/defaults.ini +++ b/conf/defaults.ini @@ -162,6 +162,13 @@ token_url = https://accounts.google.com/o/oauth2/token api_url = https://www.googleapis.com/oauth2/v1/userinfo allowed_domains = +#################################### Auth Proxy ########################## +[auth.proxy] +enabled = false; +header_name = X-WEBAUTH-USER +header_property = username +auto_sign_up = true + #################################### Logging ########################## [log] # Either "console", "file", default is "console" diff --git a/pkg/cmd/web.go b/pkg/cmd/web.go index 7b6014aeb7e..a95d2af2498 100644 --- a/pkg/cmd/web.go +++ b/pkg/cmd/web.go @@ -41,7 +41,7 @@ func newMacaron() *macaron.Macaron { })) m.Use(middleware.GetContextHandler()) - m.Use(middleware.Sessioner(setting.SessionOptions)) + m.Use(middleware.Sessioner(&setting.SessionOptions)) return m } diff --git a/pkg/middleware/middleware_test.go b/pkg/middleware/middleware_test.go new file mode 100644 index 00000000000..9be76121718 --- /dev/null +++ b/pkg/middleware/middleware_test.go @@ -0,0 +1,40 @@ +package middleware + +import ( + "net/http" + "net/http/httptest" + "testing" + + "github.com/Unknwon/macaron" + "github.com/macaron-contrib/session" + . "github.com/smartystreets/goconvey/convey" +) + +func TestMiddlewareContext(t *testing.T) { + + Convey("Given grafana context", t, func() { + m := macaron.New() + m.Use(GetContextHandler()) + m.Use(Sessioner(&session.Options{})) + + var context *Context + + m.Get("/", func(c *Context) { + context = c + }) + + resp := httptest.NewRecorder() + req, err := http.NewRequest("GET", "/", nil) + So(err, ShouldBeNil) + + m.ServeHTTP(resp, req) + + Convey("Should be able to get grafana context in handlers", func() { + So(context, ShouldNotBeNil) + }) + + Convey("should return 200", func() { + So(resp.Code, ShouldEqual, 200) + }) + }) +} diff --git a/pkg/middleware/session.go b/pkg/middleware/session.go index 71f87b343ff..c0a12cab781 100644 --- a/pkg/middleware/session.go +++ b/pkg/middleware/session.go @@ -16,17 +16,43 @@ const ( ) var sessionManager *session.Manager -var sessionOptions session.Options +var sessionOptions *session.Options func startSessionGC() { sessionManager.GC() time.AfterFunc(time.Duration(sessionOptions.Gclifetime)*time.Second, startSessionGC) } -func Sessioner(options session.Options) macaron.Handler { +func prepareOptions(opt *session.Options) *session.Options { + if len(opt.Provider) == 0 { + opt.Provider = "memory" + } + if len(opt.ProviderConfig) == 0 { + opt.ProviderConfig = "data/sessions" + } + if len(opt.CookieName) == 0 { + opt.CookieName = "grafana_sess" + } + if len(opt.CookiePath) == 0 { + opt.CookiePath = "/" + } + if opt.Gclifetime == 0 { + opt.Gclifetime = 3600 + } + if opt.Maxlifetime == 0 { + opt.Maxlifetime = opt.Gclifetime + } + if opt.IDLength == 0 { + opt.IDLength = 16 + } + + return opt +} + +func Sessioner(options *session.Options) macaron.Handler { var err error - sessionOptions = options - sessionManager, err = session.NewManager(options.Provider, options) + sessionOptions = prepareOptions(options) + sessionManager, err = session.NewManager(options.Provider, *options) if err != nil { panic(err) } diff --git a/pkg/setting/setting.go b/pkg/setting/setting.go index 520267fb871..b451aad634f 100644 --- a/pkg/setting/setting.go +++ b/pkg/setting/setting.go @@ -87,6 +87,12 @@ var ( AnonymousOrgName string AnonymousOrgRole string + // Auth proxy settings + AuthProxyEnabled bool + AuthProxyHeaderName string + AuthProxyHeaderProperty string + AuthProxyAutoSignUp bool + // Session settings. SessionOptions session.Options @@ -376,6 +382,13 @@ func NewConfigContext(args *CommandLineArgs) { AnonymousOrgName = Cfg.Section("auth.anonymous").Key("org_name").String() AnonymousOrgRole = Cfg.Section("auth.anonymous").Key("org_role").String() + // auth proxy + authProxy := Cfg.Section("auth.proxy") + AuthProxyEnabled = authProxy.Key("enabled").MustBool(false) + AuthProxyHeaderName = authProxy.Key("header_name").String() + AuthProxyHeaderProperty = authProxy.Key("header_property").String() + AuthProxyAutoSignUp = authProxy.Key("auto_sign_up").MustBool(true) + // PhantomJS rendering ImagesDir = filepath.Join(DataPath, "png") PhantomDir = filepath.Join(HomePath, "vendor/phantomjs")