Commit dcc48860 by Bob Shannon

Fix formatting and remove enabled toggle

parent 362b3740
......@@ -454,14 +454,11 @@ Ex `filters = sqlstore:debug`
### enabled
Enable metrics reporting. defaults true. Available via HTTP API `/metrics`.
### basic_auth_enabled
Enables basic authentication on the metrics endpoint. Defaults to false.
### basic_auth_username
Username to use for basic authentication on the metrics endpoint.
If set configures the username to use for basic authentication on the metrics endpoint.
### basic_auth_password
Password to use for basic authentication on the metrics endpoint.
If set configures the password to use for basic authentication on the metrics endpoint.
### interval_seconds
......
......@@ -246,11 +246,11 @@ func (hs *HTTPServer) metricsEndpoint(ctx *macaron.Context) {
return
}
if hs.Cfg.MetricsEndpointBasicAuthEnabled {
if !util.BasicAuthenticatedRequest(ctx.Req, hs.Cfg.MetricsEndpointBasicAuthUsername, hs.Cfg.MetricsEndpointBasicAuthPassword) {
ctx.Resp.WriteHeader(http.StatusUnauthorized)
return
}
if hs.Cfg.MetricsEndpointBasicAuthUsername != "" &&
hs.Cfg.MetricsEndpointBasicAuthPassword != "" &&
!util.BasicAuthenticatedRequest(ctx.Req, hs.Cfg.MetricsEndpointBasicAuthUsername, hs.Cfg.MetricsEndpointBasicAuthPassword) {
ctx.Resp.WriteHeader(http.StatusUnauthorized)
return
}
promhttp.HandlerFor(prometheus.DefaultGatherer, promhttp.HandlerOpts{}).
......
......@@ -215,7 +215,6 @@ type Cfg struct {
DisableBruteForceLoginProtection bool
TempDataLifetime time.Duration
MetricsEndpointEnabled bool
MetricsEndpointBasicAuthEnabled bool
MetricsEndpointBasicAuthUsername string
MetricsEndpointBasicAuthPassword string
EnableAlphaPanels bool
......@@ -679,7 +678,6 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
cfg.PhantomDir = filepath.Join(HomePath, "tools/phantomjs")
cfg.TempDataLifetime = iniFile.Section("paths").Key("temp_data_lifetime").MustDuration(time.Second * 3600 * 24)
cfg.MetricsEndpointEnabled = iniFile.Section("metrics").Key("enabled").MustBool(true)
cfg.MetricsEndpointBasicAuthEnabled = iniFile.Section("metrics").Key("basic_auth_enabled").MustBool(true)
cfg.MetricsEndpointBasicAuthUsername = iniFile.Section("metrics").Key("basic_auth_username").String()
cfg.MetricsEndpointBasicAuthPassword = iniFile.Section("metrics").Key("basic_auth_password").String()
......
......@@ -11,7 +11,7 @@ import (
// Uses constant-time comparison in order to mitigate timing attacks.
func BasicAuthenticatedRequest(req macaron.Request, expectedUser, expectedPass string) bool {
user, pass, ok := req.BasicAuth()
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(expectedUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(expectedPass)) != 1 {
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(expectedUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(expectedPass)) != 1 {
return false
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment