grafana/pkg/middleware/render_auth.go

package middleware

import (
	"sync"

	m "github.com/grafana/grafana/pkg/models"
	"github.com/grafana/grafana/pkg/util"
)

var renderKeysLock sync.Mutex
var renderKeys map[string]*m.SignedInUser = make(map[string]*m.SignedInUser)

func initContextWithRenderAuth(ctx *m.ReqContext) bool {
	key := ctx.GetCookie("renderKey")
	if key == "" {
		return false
	}

	renderKeysLock.Lock()
	defer renderKeysLock.Unlock()

	renderUser, exists := renderKeys[key]
	if !exists {
		ctx.JsonApiErr(401, "Invalid Render Key", nil)
		return true
	}

	ctx.IsSignedIn = true
	ctx.SignedInUser = renderUser
	ctx.IsRenderCall = true
	return true
}

func AddRenderAuthKey(orgId int64, userId int64, orgRole m.RoleType) string {
	renderKeysLock.Lock()

	key := util.GetRandomString(32)

	renderKeys[key] = &m.SignedInUser{
		OrgId:   orgId,
		OrgRole: orgRole,
		UserId:  userId,
	}

	renderKeysLock.Unlock()

	return key
}

func RemoveRenderAuthKey(key string) {
	renderKeysLock.Lock()
	delete(renderKeys, key)
	renderKeysLock.Unlock()
}
fix(server side rendering): Fixed issues with server side rendering for alerting & for auth proxy scenarios, fixes #6115, fixes #5906 2016-09-23 05:29:53 -05:00			`package middleware`

			`import (`
			`"sync"`

			`m "github.com/grafana/grafana/pkg/models"`
			`"github.com/grafana/grafana/pkg/util"`
			`)`

			`var renderKeysLock sync.Mutex`
			`var renderKeys map[string]m.SignedInUser = make(map[string]m.SignedInUser)`

rename Context to ReqContext 2018-03-07 10:54:50 -06:00			`func initContextWithRenderAuth(ctx *m.ReqContext) bool {`
fix(server side rendering): Fixed issues with server side rendering for alerting & for auth proxy scenarios, fixes #6115, fixes #5906 2016-09-23 05:29:53 -05:00			`key := ctx.GetCookie("renderKey")`
			`if key == "" {`
			`return false`
			`}`

			`renderKeysLock.Lock()`
			`defer renderKeysLock.Unlock()`

Make golint happier 2018-03-22 16:13:46 -05:00			`renderUser, exists := renderKeys[key]`
			`if !exists {`
fix(server side rendering): Fixed issues with server side rendering for alerting & for auth proxy scenarios, fixes #6115, fixes #5906 2016-09-23 05:29:53 -05:00			`ctx.JsonApiErr(401, "Invalid Render Key", nil)`
			`return true`
			`}`
Make golint happier 2018-03-22 16:13:46 -05:00
			`ctx.IsSignedIn = true`
			`ctx.SignedInUser = renderUser`
			`ctx.IsRenderCall = true`
			`return true`
fix(server side rendering): Fixed issues with server side rendering for alerting & for auth proxy scenarios, fixes #6115, fixes #5906 2016-09-23 05:29:53 -05:00			`}`

dashfolders: security for png rendering 2017-06-21 18:23:36 -05:00			`func AddRenderAuthKey(orgId int64, userId int64, orgRole m.RoleType) string {`
fix(server side rendering): Fixed issues with server side rendering for alerting & for auth proxy scenarios, fixes #6115, fixes #5906 2016-09-23 05:29:53 -05:00			`renderKeysLock.Lock()`

			`key := util.GetRandomString(32)`

			`renderKeys[key] = &m.SignedInUser{`
			`OrgId: orgId,`
dashfolders: security for png rendering 2017-06-21 18:23:36 -05:00			`OrgRole: orgRole,`
			`UserId: userId,`
fix(server side rendering): Fixed issues with server side rendering for alerting & for auth proxy scenarios, fixes #6115, fixes #5906 2016-09-23 05:29:53 -05:00			`}`

			`renderKeysLock.Unlock()`

			`return key`
			`}`

			`func RemoveRenderAuthKey(key string) {`
			`renderKeysLock.Lock()`
			`delete(renderKeys, key)`
			`renderKeysLock.Unlock()`
			`}`