IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-21 22:13:38 -06:00
Code Issues Packages Projects Releases Wiki Activity
21,601 Commits 5,323 Branches 546 Tags 1.9 GiB
2d7fc55df7
Commit Graph

49 Commits

Author SHA1 Message Date
Marcus Efraimsson
8029e48588
support get user tokens/revoke all user tokens in UserTokenService 2019-03-08 15:15:17 +01:00
bergquist
7754c37a1f reduce loglevel to debug 2019-02-19 08:22:33 +01:00
bergquist
e163aadfe4 use authtoken for session quota restrictions 
closes #15360
 2019-02-12 15:10:55 +01:00
bergquist
170783c292 make hourly cleanup the default behavior 2019-02-07 10:51:35 +01:00
Marcus Efraimsson
1a140ee199
run token cleanup job when grafana starts, then each hour 2019-02-06 22:27:08 +01:00
Marcus Efraimsson
8ae066ab5d
move authtoken package into auth package 2019-02-06 17:02:57 +01:00
Marcus Efraimsson
8678620730
move UserToken and UserTokenService to models package 2019-02-06 16:55:12 +01:00
Marcus Efraimsson
a60124a88c
change UserToken from interface to struct 2019-02-06 16:30:50 +01:00
Marcus Efraimsson
d8658a765c
enhanced expiration logic for lookup token 
tokens are not expired if created_at > now - LoginMaxLifetimeDays and
rotated_at > now - LoginMaxInactiveLifetimeDays
 2019-02-06 08:30:14 +01:00
Marcus Efraimsson
9483506590
auth token clean up job now runs on schedule and deletes all expired tokens 
delete tokens having created_at <= LoginMaxLifetimeDays or
rotated_at <= LoginMaxInactiveLifetimeDays
 2019-02-05 21:20:11 +01:00
Marcus Efraimsson
0915f931ae
change configuration settings in auth package 2019-02-05 21:12:30 +01:00
Marcus Efraimsson
7cd3cd6cd4
auth package refactoring 
moving middleware/hooks away from package
exposing public struct UserToken accessible from other packages
fix debug log lines so the same order and naming are used
 2019-02-05 00:10:56 +01:00
Marcus Efraimsson
fb3c510178
Merge branch 'master' into delete_session_on_logout 2019-02-04 20:23:05 +01:00
bergquist
a6bd2c73a0 introduce samesite setting for login cookie 
ref #15067
 2019-02-01 11:47:21 +01:00
bergquist
a1b3986532 always delete session cookie even if db delete fails 2019-02-01 09:59:53 +01:00
bergquist
91bd908e03 adds more tests signing out session 2019-01-31 22:24:04 +01:00
bergquist
11c4967bdc changes some info logging to debug 2019-01-31 21:51:14 +01:00
bergquist
88ca54eba9 renames signout function 2019-01-31 16:26:36 +01:00
bergquist
43ac79685a delete auth token on signout 2019-01-31 16:13:35 +01:00
bergquist
75760aa892 dont specify domain for auth cookies 2019-01-25 10:40:50 +01:00
bergquist
d6edaa1328 moves cookie https setting to [security] 2019-01-24 19:04:58 +01:00
bergquist
516037fbdd makes sure rotation is always higher than urgent rotation 2019-01-24 13:54:45 +01:00
bergquist
fd0f9f2dd2 fixes broken test 2019-01-24 12:06:44 +01:00
bergquist
ff483f3782 removes old cookie auth configuration 2019-01-24 10:55:10 +01:00
bergquist
56a521b264 makes auth token rotation time configurable 2019-01-24 10:50:18 +01:00
Carl Bergquist
766122856b
Merge pull request #14995 from bergquist/token_oauth 
Stores hashed state code in cookie for OAuth logins.
 2019-01-23 10:39:12 +01:00
bergquist
c3ff3d644c fixes nil ref in tests 2019-01-22 16:16:32 +01:00
bergquist
64124b5042 add setting for how to long we should keep expired tokens 2019-01-22 15:31:43 +01:00
bergquist
12f8338977 stores hashed state code in cookie 2019-01-22 15:22:24 +01:00
bergquist
d3ec8e1ccb creates new config section for login settings 2019-01-22 15:22:11 +01:00
Marcus Efraimsson
4096449aec
extract auth token interface and remove auth token from context 2019-01-22 12:00:33 +01:00
Marcus Efraimsson
366e356e08
more auth token tests 2019-01-21 21:48:18 +01:00
bergquist
777bd9ea18 adds cleanup job for old session tokens 2019-01-21 19:03:32 +01:00
Marcus Efraimsson
f040f9a400
fix tests after renaming now 2019-01-21 16:53:00 +01:00
Marcus Efraimsson
38efc1d7d2
s/print/log 2019-01-21 15:53:40 +01:00
bergquist
92620af75f avoid calling now() multiple times 2019-01-21 15:48:17 +01:00
Marcus Efraimsson
dd8476d81a
passing auth token tests 2019-01-21 15:06:33 +01:00
Marcus Efraimsson
565408194a
handle expired tokens 2019-01-21 13:22:20 +01:00
bergquist
697ddccd8e set userToken on request when logging in 2019-01-21 11:42:10 +01:00
bergquist
55b3013eb3 moves initWithToken to auth package 2019-01-21 11:37:44 +01:00
Marcus Efraimsson
734a7d38b2
set cookie name from configuration 2019-01-21 11:21:43 +01:00
Marcus Efraimsson
766cfab374
change rotate time 2019-01-21 10:22:18 +01:00
Marcus Efraimsson
0d1e3759eb
mixor fixes 2019-01-21 10:20:23 +01:00
bergquist
2e97d39abe removes commented code 2019-01-21 10:01:48 +01:00
bergquist
47a7d93fd9 moves rotation into auth since both happens before c.Next() 2019-01-21 08:59:01 +01:00
bergquist
fd937e3d95 remove maxage from session token 2019-01-17 21:03:27 +01:00
bergquist
c2accfa4c0 inital code for rotate 2019-01-17 17:11:52 +01:00
bergquist
aba6148c43 login users based on token cookie 2019-01-16 16:44:40 +01:00
Marcus Efraimsson
b0df7280be
begin user auth token implementation 2019-01-15 15:16:20 +01:00