2018-11-04 21:20:00 -06:00
|
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
2022-11-27 12:20:29 -06:00
|
|
|
// SPDX-License-Identifier: MIT
|
2018-11-04 21:20:00 -06:00
|
|
|
|
2021-06-08 18:33:54 -05:00
|
|
|
package web
|
2018-11-04 21:20:00 -06:00
|
|
|
|
|
|
|
import (
|
2019-07-06 12:03:13 -05:00
|
|
|
"crypto/subtle"
|
2020-11-17 14:50:06 -06:00
|
|
|
"net/http"
|
2019-07-06 12:03:13 -05:00
|
|
|
|
2018-11-04 21:20:00 -06:00
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2019-08-23 11:40:30 -05:00
|
|
|
|
|
|
|
"github.com/prometheus/client_golang/prometheus/promhttp"
|
2018-11-04 21:20:00 -06:00
|
|
|
)
|
|
|
|
|
|
|
|
// Metrics validate auth token and render prometheus metrics
|
2020-11-17 14:50:06 -06:00
|
|
|
func Metrics(resp http.ResponseWriter, req *http.Request) {
|
2018-11-04 21:20:00 -06:00
|
|
|
if setting.Metrics.Token == "" {
|
2020-11-17 14:50:06 -06:00
|
|
|
promhttp.Handler().ServeHTTP(resp, req)
|
2018-11-04 21:20:00 -06:00
|
|
|
return
|
|
|
|
}
|
2020-11-17 14:50:06 -06:00
|
|
|
header := req.Header.Get("Authorization")
|
2018-11-04 21:20:00 -06:00
|
|
|
if header == "" {
|
2022-03-22 23:54:07 -05:00
|
|
|
http.Error(resp, "", http.StatusUnauthorized)
|
2018-11-04 21:20:00 -06:00
|
|
|
return
|
|
|
|
}
|
2019-07-06 12:03:13 -05:00
|
|
|
got := []byte(header)
|
|
|
|
want := []byte("Bearer " + setting.Metrics.Token)
|
|
|
|
if subtle.ConstantTimeCompare(got, want) != 1 {
|
2022-03-22 23:54:07 -05:00
|
|
|
http.Error(resp, "", http.StatusUnauthorized)
|
2018-11-04 21:20:00 -06:00
|
|
|
return
|
|
|
|
}
|
2020-11-17 14:50:06 -06:00
|
|
|
promhttp.Handler().ServeHTTP(resp, req)
|
2018-11-04 21:20:00 -06:00
|
|
|
}
|