f2f2722bb1
chore: avoid aliasing models in middleware ( #22484 )
2020-02-28 12:50:58 +01:00
0e2d874ecf
API: Fix redirect issue when configured to use a subpath ( #21652 )
...
* request uri will contain the subpath
2020-02-14 14:51:35 +01:00
c5f906f472
Security: refactor 'redirect_to' cookie to use 'Secure' flag ( #19787 )
...
* Refactor redirect_to cookie with secure flag in middleware
* Refactor redirect_to cookie with secure flag in api/login
* Refactor redirect_to cookie with secure flag in api/login_oauth
* Removed the deletion of 'Set-Cookie' header to prevent logout
* Removed the deletion of 'Set-Cookie' at top of api/login.go
* Add HttpOnly flag on redirect_to cookies where missing
* Refactor duplicated code
* Add tests
* Refactor cookie options
* Replace local function for deleting cookie
* Delete redundant calls
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-01-10 15:55:30 +02:00
964c2e722f
Snapshot: Fix http api ( #18830 )
...
(cherry picked from commit be2e2330f5c1f92082841d7eb13c5583143963a4)
2019-09-02 15:15:46 +02:00
6589a4e55f
teams: better names for api permissions.
2019-03-19 14:01:20 +01:00
782b5b6a3a
teams: viewers and editors can view teams
2019-03-19 14:01:14 +01:00
22e098b830
teams: editors can work with teams.
2019-03-19 13:57:22 +01:00
a81d5486b0
Viewers with viewers_can_edit should be able to access /explore ( #15787 )
...
* fix: Viewers with viewers_can_edit should be able to access /explore #15773
* refactoring initial PR a bit to simplify function and reduce duplication
2019-03-05 12:41:01 +01:00
5998646da5
restrict session usage to auth_proxy
2019-01-23 14:56:48 +01:00
3056d9a80e
support passing api token in Basic auth password ( #12416 )
2018-06-28 03:08:32 -07:00
7aab6a8887
Make golint happier
2018-03-22 12:40:21 +01:00
c0ecdee375
rename Context to ReqContext
2018-03-07 11:54:50 -05:00
338655dd37
move Context and session out of middleware
2018-03-06 18:16:49 -05:00
0ab0343995
mark redirect_to cookie as http only
...
closes #10829
2018-02-15 10:56:29 +01:00
f97be541af
redirect "permission denied" requests to "/" ( #10773 )
2018-02-05 18:17:47 +01:00
4fe72ebf69
feat(macaron): upgrades macaron version
2016-01-13 15:11:23 +01:00
fdcb4473af
fix(api auth): return 401 for authentication errors and 403 for access denied errors, fixes #2693
2015-09-08 10:46:31 +02:00
1f330d7753
Basic auth: Fixed issue when using basic auth proxy infront of Grafana, Fixes #1673
2015-04-01 15:23:26 +02:00
b83367063e
Small improvement to dashboard loading error handling
2015-03-31 14:03:01 +02:00
7010df0fe8
fixes #1619 Secure PhantomJS Png rendering
...
removes auth hack to allow phantomjs to query pages as a user
without auth. Instead we pass phantomjs the session cookie,
which it then includes in the request.
2015-03-21 07:14:13 +08:00
477e035f2e
Fixed anonymous access mode, Closes #1586
2015-03-11 17:34:11 +01:00
26e4809e2e
Big Backend Refatoring: Renamed Account -> Org
2015-02-23 20:07:49 +01:00
10820f31c2
Changed go package path
2015-02-05 10:37:13 +01:00
1d6413bfae
More work on backend for user favorites
2015-01-29 12:10:34 +01:00
1cff564483
Fontend handling of account role to hide user actions and links that the user does not have access to
2015-01-28 11:33:50 +01:00
a5e450a0dd
Worked on anonymous access
2015-01-27 15:45:27 +01:00
257519490a
Worked on login remember cookie, and redirect after login
2015-01-27 12:05:23 +01:00
951ce0a102
API token -> API key rename
2015-01-27 08:26:11 +01:00
90925273a0
User / Account model split, User and account now seperate entities, collaborators are now AccountUsers
2015-01-19 18:01:04 +01:00
1532eb4278
Fixed png rendering
2015-01-16 17:00:31 +01:00
2b05dac071
Api Key role is now correcty added do middleware context
2015-01-16 16:15:35 +01:00
3912ed5023
Role checking when saving dashboard, making sure that the user has owner or editor role
2015-01-16 15:28:44 +01:00
22156fe309
Big refactoring for context.User, and how current user info is fetching, now included collaborator role
2015-01-16 14:32:18 +01:00
5ec07db143
Refactoring of auth middleware, and starting work on account admin
2015-01-15 12:16:54 +01:00
5e18afe916
Refactoring of api routes
2015-01-14 14:25:12 +01:00
ced5e5500e
mini code cleanup of in auth
2015-01-14 10:14:07 +01:00
7b17e38f5d
add Token authentication support
...
Added CRUD methods for Tokens.
Extend Auth Handler to check for the presence of a Bearer Authorization
header to authenticate against. If there is no header, or the token is not
valid, the Auth Handler falls back to looking for a Session.
2015-01-14 16:33:34 +08:00
35326e1d92
Worked a little on anonymous access, needs more work
2015-01-07 16:37:24 +01:00
f25a415a9e
Work on making grafana work in sub url
2015-01-04 21:03:40 +01:00
22bf20a135
Refactoring get account by id and by login to queries
2014-12-19 13:40:02 +01:00
90ae59ccaf
Fixed png rending
2014-12-01 13:25:57 -08:00
4eefa73441
Progress on account and dashboard save/load
2014-11-20 15:19:44 +01:00
eb2c078898
Progres on move to sql from rethinkdb
2014-11-20 12:11:07 +01:00
222319d924
macaron transition progress
2014-10-05 21:13:07 +02:00
