Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware

conf/defaults.ini

@@ -162,6 +162,13 @@ token_url = https://accounts.google.com/o/oauth2/token
 api_url = https://www.googleapis.com/oauth2/v1/userinfo
 allowed_domains =
 
+#################################### Auth Proxy ##########################
+[auth.proxy]
+enabled = false;
+header_name = X-WEBAUTH-USER
+header_property = username
+auto_sign_up = true
+
 #################################### Logging ##########################
 [log]
 # Either "console", "file", default is "console"

pkg/cmd/web.go

@@ -41,7 +41,7 @@ func newMacaron() *macaron.Macaron {
 	}))
 
 	m.Use(middleware.GetContextHandler())
-	m.Use(middleware.Sessioner(setting.SessionOptions))
+	m.Use(middleware.Sessioner(&setting.SessionOptions))
 
 	return m
 }

pkg/middleware/middleware_test.go

@@ -0,0 +1,40 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/Unknwon/macaron"
+	"github.com/macaron-contrib/session"
+	. "github.com/smartystreets/goconvey/convey"
+)
+
+func TestMiddlewareContext(t *testing.T) {
+
+	Convey("Given grafana context", t, func() {
+		m := macaron.New()
+		m.Use(GetContextHandler())
+		m.Use(Sessioner(&session.Options{}))
+
+		var context *Context
+
+		m.Get("/", func(c *Context) {
+			context = c
+		})
+
+		resp := httptest.NewRecorder()
+		req, err := http.NewRequest("GET", "/", nil)
+		So(err, ShouldBeNil)
+
+		m.ServeHTTP(resp, req)
+
+		Convey("Should be able to get grafana context in handlers", func() {
+			So(context, ShouldNotBeNil)
+		})
+
+		Convey("should return 200", func() {
+			So(resp.Code, ShouldEqual, 200)
+		})
+	})
+}

pkg/middleware/session.go

@@ -16,17 +16,43 @@ const (
 )
 
 var sessionManager *session.Manager
-var sessionOptions session.Options
+var sessionOptions *session.Options
 
 func startSessionGC() {
 	sessionManager.GC()
 	time.AfterFunc(time.Duration(sessionOptions.Gclifetime)*time.Second, startSessionGC)
 }
 
-func Sessioner(options session.Options) macaron.Handler {
+func prepareOptions(opt *session.Options) *session.Options {
+	if len(opt.Provider) == 0 {
+		opt.Provider = "memory"
+	}
+	if len(opt.ProviderConfig) == 0 {
+		opt.ProviderConfig = "data/sessions"
+	}
+	if len(opt.CookieName) == 0 {
+		opt.CookieName = "grafana_sess"
+	}
+	if len(opt.CookiePath) == 0 {
+		opt.CookiePath = "/"
+	}
+	if opt.Gclifetime == 0 {
+		opt.Gclifetime = 3600
+	}
+	if opt.Maxlifetime == 0 {
+		opt.Maxlifetime = opt.Gclifetime
+	}
+	if opt.IDLength == 0 {
+		opt.IDLength = 16
+	}
+
+	return opt
+}
+
+func Sessioner(options *session.Options) macaron.Handler {
 	var err error
-	sessionOptions = options
-	sessionManager, err = session.NewManager(options.Provider, options)
+	sessionOptions = prepareOptions(options)
+	sessionManager, err = session.NewManager(options.Provider, *options)
 	if err != nil {
 		panic(err)
 	}

pkg/setting/setting.go

@@ -87,6 +87,12 @@ var (
 	AnonymousOrgName string
 	AnonymousOrgRole string
 
+	// Auth proxy settings
+	AuthProxyEnabled        bool
+	AuthProxyHeaderName     string
+	AuthProxyHeaderProperty string
+	AuthProxyAutoSignUp     bool
+
 	// Session settings.
 	SessionOptions session.Options
 
@@ -376,6 +382,13 @@ func NewConfigContext(args *CommandLineArgs) {
 	AnonymousOrgName = Cfg.Section("auth.anonymous").Key("org_name").String()
 	AnonymousOrgRole = Cfg.Section("auth.anonymous").Key("org_role").String()
 
+	// auth proxy
+	authProxy := Cfg.Section("auth.proxy")
+	AuthProxyEnabled = authProxy.Key("enabled").MustBool(false)
+	AuthProxyHeaderName = authProxy.Key("header_name").String()
+	AuthProxyHeaderProperty = authProxy.Key("header_property").String()
+	AuthProxyAutoSignUp = authProxy.Key("auto_sign_up").MustBool(true)
+
 	// PhantomJS rendering
 	ImagesDir = filepath.Join(DataPath, "png")
 	PhantomDir = filepath.Join(HomePath, "vendor/phantomjs")