Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
N
nexpie-grafana-theme
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kornkitt Poolsup
nexpie-grafana-theme
Commits
d3ec8e1c
Commit
d3ec8e1c
authored
Jan 22, 2019
by
bergquist
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
creates new config section for login settings
parent
59d0c19b
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
43 additions
and
6 deletions
+43
-6
conf/defaults.ini
+17
-0
pkg/services/auth/auth_token.go
+13
-5
pkg/setting/setting.go
+13
-1
No files found.
conf/defaults.ini
View file @
d3ec8e1c
...
@@ -106,6 +106,22 @@ path = grafana.db
...
@@ -106,6 +106,22 @@ path = grafana.db
# For "sqlite3" only. cache mode setting used for connecting to the database
# For "sqlite3" only. cache mode setting used for connecting to the database
cache_mode
=
private
cache_mode
=
private
#################################### Login ###############################
[login]
# login cookie name
cookie_name
=
grafana_session
# If you want login cookies to be https only. default is false
cookie_secure
=
false
# logged in user name
cookie_username
=
grafana_user
# how many days an session can be unused before we inactivate it
login_remember_days
=
7
#################################### Session #############################
#################################### Session #############################
[session]
[session]
# Either "memory", "file", "redis", "mysql", "postgres", "memcache", default is "file"
# Either "memory", "file", "redis", "mysql", "postgres", "memcache", default is "file"
...
@@ -124,6 +140,7 @@ provider = file
...
@@ -124,6 +140,7 @@ provider = file
provider_config
=
sessions
provider_config
=
sessions
# Session cookie name
# Session cookie name
cookie_name
=
grafana_sess
cookie_name
=
grafana_sess
...
...
pkg/services/auth/auth_token.go
View file @
d3ec8e1c
...
@@ -38,6 +38,7 @@ type UserAuthTokenService interface {
...
@@ -38,6 +38,7 @@ type UserAuthTokenService interface {
type
UserAuthTokenServiceImpl
struct
{
type
UserAuthTokenServiceImpl
struct
{
SQLStore
*
sqlstore
.
SqlStore
`inject:""`
SQLStore
*
sqlstore
.
SqlStore
`inject:""`
ServerLockService
*
serverlock
.
ServerLockService
`inject:""`
ServerLockService
*
serverlock
.
ServerLockService
`inject:""`
Cfg
*
setting
.
Cfg
`inject:""`
log
log
.
Logger
log
log
.
Logger
}
}
...
@@ -49,7 +50,7 @@ func (s *UserAuthTokenServiceImpl) Init() error {
...
@@ -49,7 +50,7 @@ func (s *UserAuthTokenServiceImpl) Init() error {
func
(
s
*
UserAuthTokenServiceImpl
)
InitContextWithToken
(
ctx
*
models
.
ReqContext
,
orgID
int64
)
bool
{
func
(
s
*
UserAuthTokenServiceImpl
)
InitContextWithToken
(
ctx
*
models
.
ReqContext
,
orgID
int64
)
bool
{
//auth User
//auth User
unhashedToken
:=
ctx
.
GetCookie
(
s
etting
.
SessionOptions
.
CookieName
)
unhashedToken
:=
ctx
.
GetCookie
(
s
.
Cfg
.
Login
CookieName
)
if
unhashedToken
==
""
{
if
unhashedToken
==
""
{
return
false
return
false
}
}
...
@@ -84,16 +85,19 @@ func (s *UserAuthTokenServiceImpl) InitContextWithToken(ctx *models.ReqContext,
...
@@ -84,16 +85,19 @@ func (s *UserAuthTokenServiceImpl) InitContextWithToken(ctx *models.ReqContext,
}
}
func
(
s
*
UserAuthTokenServiceImpl
)
writeSessionCookie
(
ctx
*
models
.
ReqContext
,
value
string
,
maxAge
int
)
{
func
(
s
*
UserAuthTokenServiceImpl
)
writeSessionCookie
(
ctx
*
models
.
ReqContext
,
value
string
,
maxAge
int
)
{
ctx
.
Logger
.
Info
(
"new token"
,
"unhashed token"
,
value
)
if
setting
.
Env
==
setting
.
DEV
{
ctx
.
Logger
.
Info
(
"new token"
,
"unhashed token"
,
value
,
"cookieName"
,
s
.
Cfg
.
LoginCookieName
,
"secure"
,
s
.
Cfg
.
LoginCookieSecure
)
}
ctx
.
Resp
.
Header
()
.
Del
(
"Set-Cookie"
)
ctx
.
Resp
.
Header
()
.
Del
(
"Set-Cookie"
)
cookie
:=
http
.
Cookie
{
cookie
:=
http
.
Cookie
{
Name
:
s
etting
.
SessionOptions
.
CookieName
,
Name
:
s
.
Cfg
.
Login
CookieName
,
Value
:
url
.
QueryEscape
(
value
),
Value
:
url
.
QueryEscape
(
value
),
HttpOnly
:
true
,
HttpOnly
:
true
,
Domain
:
setting
.
Domain
,
Domain
:
setting
.
Domain
,
Path
:
setting
.
AppSubUrl
+
"/"
,
Path
:
setting
.
AppSubUrl
+
"/"
,
Secure
:
setting
.
SessionOptions
.
Secure
,
Secure
:
s
.
Cfg
.
LoginCookieSecure
,
MaxAge
:
maxAge
,
}
}
http
.
SetCookie
(
ctx
.
Resp
,
&
cookie
)
http
.
SetCookie
(
ctx
.
Resp
,
&
cookie
)
...
@@ -148,7 +152,11 @@ func (s *UserAuthTokenServiceImpl) CreateToken(userId int64, clientIP, userAgent
...
@@ -148,7 +152,11 @@ func (s *UserAuthTokenServiceImpl) CreateToken(userId int64, clientIP, userAgent
func
(
s
*
UserAuthTokenServiceImpl
)
LookupToken
(
unhashedToken
string
)
(
*
userAuthToken
,
error
)
{
func
(
s
*
UserAuthTokenServiceImpl
)
LookupToken
(
unhashedToken
string
)
(
*
userAuthToken
,
error
)
{
hashedToken
:=
hashToken
(
unhashedToken
)
hashedToken
:=
hashToken
(
unhashedToken
)
expireBefore
:=
getTime
()
.
Add
(
time
.
Duration
(
-
86400
*
setting
.
LogInRememberDays
)
*
time
.
Second
)
.
Unix
()
if
setting
.
Env
==
setting
.
DEV
{
s
.
log
.
Info
(
"looking up token"
,
"unhashed"
,
unhashedToken
,
"hashed"
,
hashedToken
)
}
expireBefore
:=
getTime
()
.
Add
(
time
.
Duration
(
-
86400
*
s
.
Cfg
.
LoginCookieMaxDays
)
*
time
.
Second
)
.
Unix
()
var
userToken
userAuthToken
var
userToken
userAuthToken
exists
,
err
:=
s
.
SQLStore
.
NewSession
()
.
Where
(
"(auth_token = ? OR prev_auth_token = ?) AND created_at > ?"
,
hashedToken
,
hashedToken
,
expireBefore
)
.
Get
(
&
userToken
)
exists
,
err
:=
s
.
SQLStore
.
NewSession
()
.
Where
(
"(auth_token = ? OR prev_auth_token = ?) AND created_at > ?"
,
hashedToken
,
hashedToken
,
expireBefore
)
.
Get
(
&
userToken
)
...
...
pkg/setting/setting.go
View file @
d3ec8e1c
...
@@ -18,7 +18,7 @@ import (
...
@@ -18,7 +18,7 @@ import (
"github.com/go-macaron/session"
"github.com/go-macaron/session"
"github.com/grafana/grafana/pkg/log"
"github.com/grafana/grafana/pkg/log"
"github.com/grafana/grafana/pkg/util"
"github.com/grafana/grafana/pkg/util"
"gopkg.in/ini.v1"
ini
"gopkg.in/ini.v1"
)
)
type
Scheme
string
type
Scheme
string
...
@@ -223,6 +223,11 @@ type Cfg struct {
...
@@ -223,6 +223,11 @@ type Cfg struct {
MetricsEndpointBasicAuthPassword
string
MetricsEndpointBasicAuthPassword
string
EnableAlphaPanels
bool
EnableAlphaPanels
bool
EnterpriseLicensePath
string
EnterpriseLicensePath
string
LoginCookieName
string
LoginCookieUsername
string
LoginCookieSecure
bool
LoginCookieMaxDays
int
}
}
type
CommandLineArgs
struct
{
type
CommandLineArgs
struct
{
...
@@ -546,6 +551,13 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
...
@@ -546,6 +551,13 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
ApplicationName
=
APP_NAME_ENTERPRISE
ApplicationName
=
APP_NAME_ENTERPRISE
}
}
//login
login
:=
iniFile
.
Section
(
"login"
)
cfg
.
LoginCookieName
=
login
.
Key
(
"cookie_name"
)
.
String
()
cfg
.
LoginCookieMaxDays
=
login
.
Key
(
"login_remember_days"
)
.
MustInt
()
cfg
.
LoginCookieSecure
=
login
.
Key
(
"cookie_secure"
)
.
MustBool
(
false
)
cfg
.
LoginCookieUsername
=
login
.
Key
(
"cookie_username"
)
.
String
()
Env
=
iniFile
.
Section
(
""
)
.
Key
(
"app_mode"
)
.
MustString
(
"development"
)
Env
=
iniFile
.
Section
(
""
)
.
Key
(
"app_mode"
)
.
MustString
(
"development"
)
InstanceName
=
iniFile
.
Section
(
""
)
.
Key
(
"instance_name"
)
.
MustString
(
"unknown_instance_name"
)
InstanceName
=
iniFile
.
Section
(
""
)
.
Key
(
"instance_name"
)
.
MustString
(
"unknown_instance_name"
)
PluginsPath
=
makeAbsolute
(
iniFile
.
Section
(
"paths"
)
.
Key
(
"plugins"
)
.
String
(),
HomePath
)
PluginsPath
=
makeAbsolute
(
iniFile
.
Section
(
"paths"
)
.
Key
(
"plugins"
)
.
String
(),
HomePath
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment