IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Api Key role is now correcty added do middleware context

Browse Source
This commit is contained in:
Torkel Ödegaard 2015-01-16 16:15:35 +01:00
parent 507bff8b59
commit 2b05dac071
6 changed files with 54 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/api/token.go
View File

@ -9,12 +9,12 @@ import (
func GetTokens(c *middleware.Context) { func GetTokens(c *middleware.Context) {
query := m.GetTokensQuery{AccountId: c.AccountId} query := m.GetTokensQuery{AccountId: c.AccountId}
err := bus.Dispatch(&query)
if err != nil { if err := bus.Dispatch(&query); err != nil {
c.JsonApiErr(500, "Failed to list tokens", err) c.JsonApiErr(500, "Failed to list tokens", err)
return return
} }
result := make([]*m.TokenDTO, len(query.Result)) result := make([]*m.TokenDTO, len(query.Result))
for i, t := range query.Result { for i, t := range query.Result {
result[i] = &m.TokenDTO{ result[i] = &m.TokenDTO{

24
pkg/middleware/auth.go
View File

@ -1,13 +1,11 @@
package middleware package middleware
import ( import (
"errors"
"strconv" "strconv"
"strings" "strings"
"github.com/Unknwon/macaron" "github.com/Unknwon/macaron"
"github.com/torkelo/grafana-pro/pkg/bus"
m "github.com/torkelo/grafana-pro/pkg/models" m "github.com/torkelo/grafana-pro/pkg/models"
"github.com/torkelo/grafana-pro/pkg/setting" "github.com/torkelo/grafana-pro/pkg/setting"
) )
@ -17,11 +15,11 @@ type AuthOptions struct {
ReqSignedIn bool ReqSignedIn bool
} }
func getRequestAccountId(c *Context) (int64, error) { func getRequestAccountId(c *Context) int64 {
accountId := c.Session.Get("accountId") accountId := c.Session.Get("accountId")
if accountId != nil { if accountId != nil {
return accountId.(int64), nil return accountId.(int64)
} }
// localhost render query // localhost render query
@ -32,24 +30,18 @@ func getRequestAccountId(c *Context) (int64, error) {
accountId = accId accountId = accId
} }
// check api token return 0
}
func getApiToken(c *Context) string {
header := c.Req.Header.Get("Authorization") header := c.Req.Header.Get("Authorization")
parts := strings.SplitN(header, " ", 2) parts := strings.SplitN(header, " ", 2)
if len(parts) == 2 || parts[0] == "Bearer" { if len(parts) == 2 || parts[0] == "Bearer" {
token := parts[1] token := parts[1]
userQuery := m.GetAccountByTokenQuery{Token: token} return token
if err := bus.Dispatch(&userQuery); err != nil {
return -1, err
}
return userQuery.Result.Id, nil
} }
// anonymous gues user return ""
if setting.Anonymous {
return setting.AnonymousAccountId, nil
}
return -1, errors.New("Auth: session account id not found")
} }
func authDenied(c *Context) { func authDenied(c *Context) {

24
pkg/middleware/middleware.go
View File

@ -31,7 +31,7 @@ func GetContextHandler() macaron.Handler {
} }
// try get account id from request // try get account id from request
if accountId, err := getRequestAccountId(ctx); err == nil { if accountId := getRequestAccountId(ctx); accountId != 0 {
query := m.GetSignedInUserQuery{AccountId: accountId} query := m.GetSignedInUserQuery{AccountId: accountId}
if err := bus.Dispatch(&query); err != nil { if err := bus.Dispatch(&query); err != nil {
log.Error(3, "Failed to get user by id, %v, %v", accountId, err) log.Error(3, "Failed to get user by id, %v, %v", accountId, err)
@ -39,6 +39,28 @@ func GetContextHandler() macaron.Handler {
ctx.IsSignedIn = true ctx.IsSignedIn = true
ctx.SignInUser = query.Result ctx.SignInUser = query.Result
} }
} else if token := getApiToken(ctx); token != "" {
// Try API Key auth
tokenQuery := m.GetTokenByTokenQuery{Token: token}
if err := bus.Dispatch(&tokenQuery); err != nil {
ctx.JsonApiErr(401, "Invalid token", err)
return
} else {
tokenInfo := tokenQuery.Result
query := m.GetSignedInUserQuery{AccountId: tokenInfo.AccountId}
if err := bus.Dispatch(&query); err != nil {
ctx.JsonApiErr(401, "Invalid token", err)
return
}
ctx.IsSignedIn = true
ctx.SignInUser = query.Result
// api key role
ctx.SignInUser.UserRole = tokenInfo.Role
ctx.SignInUser.UsingAccountId = ctx.SignInUser.AccountId
ctx.SignInUser.UsingAccountName = ctx.SignInUser.UserName
}
} }
c.Map(ctx) c.Map(ctx)

7
pkg/models/token.go
View File

@ -1,9 +1,12 @@
package models package models
import ( import (
"errors"
"time" "time"
) )
var ErrInvalidToken = errors.New("Invalid token")
type Token struct { type Token struct {
Id int64 Id int64
AccountId int64 `xorm:"not null unique(uix_account_id_name)"` AccountId int64 `xorm:"not null unique(uix_account_id_name)"`
@ -47,9 +50,9 @@ type GetTokensQuery struct {
Result []*Token Result []*Token
} }
type GetAccountByTokenQuery struct { type GetTokenByTokenQuery struct {
Token string Token string
Result *Account Result *Token
} }
// ------------------------ // ------------------------

25
pkg/services/sqlstore/accounts.go
View File

@ -17,7 +17,6 @@ func init() {
bus.AddHandler("sql", SetUsingAccount) bus.AddHandler("sql", SetUsingAccount)
bus.AddHandler("sql", GetAccountById) bus.AddHandler("sql", GetAccountById)
bus.AddHandler("sql", GetAccountByLogin) bus.AddHandler("sql", GetAccountByLogin)
bus.AddHandler("sql", GetAccountByToken)
bus.AddHandler("sql", SearchAccounts) bus.AddHandler("sql", SearchAccounts)
bus.AddHandler("sql", UpdateAccount) bus.AddHandler("sql", UpdateAccount)
bus.AddHandler("sql", GetSignedInUser) bus.AddHandler("sql", GetSignedInUser)
@ -111,30 +110,6 @@ func GetAccountById(query *m.GetAccountByIdQuery) error {
return nil return nil
} }
func GetAccountByToken(query *m.GetAccountByTokenQuery) error {
var err error
var account m.Account
sess := x.Join("INNER", "token", "token.account_id = account.id")
sess.Omit("token.id", "token.account_id", "token.name", "token.token",
"token.role", "token.updated", "token.created")
has, err := sess.Where("token.token=?", query.Token).Get(&account)
if err != nil {
return err
} else if has == false {
return m.ErrAccountNotFound
}
if account.UsingAccountId == 0 {
account.UsingAccountId = account.Id
}
query.Result = &account
return nil
}
func GetAccountByLogin(query *m.GetAccountByLoginQuery) error { func GetAccountByLogin(query *m.GetAccountByLoginQuery) error {
if query.LoginOrEmail == "" { if query.LoginOrEmail == "" {
return m.ErrAccountNotFound return m.ErrAccountNotFound

17
pkg/services/sqlstore/tokens.go
View File

@ -10,9 +10,10 @@ import (
func init() { func init() {
bus.AddHandler("sql", GetTokens) bus.AddHandler("sql", GetTokens)
bus.AddHandler("sql", AddToken) bus.AddHandler("sql", GetTokenByToken)
bus.AddHandler("sql", UpdateToken) bus.AddHandler("sql", UpdateToken)
bus.AddHandler("sql", DeleteToken) bus.AddHandler("sql", DeleteToken)
bus.AddHandler("sql", DeleteToken)
} }
func GetTokens(query *m.GetTokensQuery) error { func GetTokens(query *m.GetTokensQuery) error {
@ -64,3 +65,17 @@ func UpdateToken(cmd *m.UpdateTokenCommand) error {
return err return err
}) })
} }
func GetTokenByToken(query *m.GetTokenByTokenQuery) error {
var token m.Token
has, err := x.Where("token=?", query.Token).Get(&token)
if err != nil {
return err
} else if has == false {
return m.ErrInvalidToken
}
query.Result = &token
return nil
}