Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921

2025-02-25 18:55:37 -06:00 · 2015-05-02 12:06:58 +02:00
parent ba883d25fe
commit be589d81c7
7 changed files with 182 additions and 13 deletions
--- a/pkg/middleware/auth_test.go
+++ b/pkg/middleware/auth_test.go
@@ -0,0 +1,35 @@
+package middleware
+
+import (
+	"testing"
+
+	. "github.com/smartystreets/goconvey/convey"
+)
+
+func TestMiddlewareAuth(t *testing.T) {
+
+	Convey("Given the grafana middleware", t, func() {
+		reqSignIn := Auth(&AuthOptions{ReqSignedIn: true})
+
+		middlewareScenario("ReqSignIn true and unauthenticated request", func(sc *scenarioContext) {
+			sc.m.Get("/secure", reqSignIn, sc.defaultHandler)
+
+			sc.fakeReq("GET", "/secure").exec()
+
+			Convey("Should redirect to login", func() {
+				So(sc.resp.Code, ShouldEqual, 302)
+			})
+		})
+
+		middlewareScenario("ReqSignIn true and unauthenticated API request", func(sc *scenarioContext) {
+			sc.m.Get("/api/secure", reqSignIn, sc.defaultHandler)
+
+			sc.fakeReq("GET", "/api/secure").exec()
+
+			Convey("Should return 401", func() {
+				So(sc.resp.Code, ShouldEqual, 401)
+			})
+		})
+
+	})
+}