IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity
35,674 Commits 5,416 Branches 554 Tags
bd35e6917ad4758f9d0f8573b3df64df6cc94803
Commit Graph

51 Commits

Author SHA1 Message Date
Arve Knudsen
78596a6756 Migrate to Wire for dependency injection (#32289) 
Fixes #30144

Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
 2021-08-25 15:11:22 +02:00
Joan López de la Franca Beltran
610999cfa2 Auth: Allow soft token revocation (#31601) 
* Add revoked_at field to user auth token to allow soft revokes

* Allow soft token revocations

* Update token revocations and tests

* Return error info on revokedTokenErr

* Override session cookie only when no revokedErr nor API request

* Display modal on revoked token error

* Feedback: Refactor TokenRevokedModal to FC

* Add GetUserRevokedTokens into UserTokenService

* Backendsrv: adds tests and refactors soft token path

* Apply feedback

* Write redirect cookie on token revoked error

* Update TokenRevokedModal style

* Return meaningful error info

* Some UI changes

* Update backend_srv tests

* Minor style fix on backend_srv tests

* Replace deprecated method usage to publish events

* Fix backend_srv tests

* Apply suggestions from code review

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Minor style fix after PR suggestion commit

* Apply suggestions from code review

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Prettier fixes

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
 2021-03-16 17:44:02 +01:00
Carl Bergquist
5114fa39ce we should never log unhashed tokens (#31432) 
Signed-off-by: bergquist <carl.bergquist@gmail.com>
 2021-02-24 10:04:25 +01:00
Agnès Toulet
2a70c73025 Auth: add expired token error and update CreateToken function (#30203) 
* Auth: add error for expired token

* Auth: save token error into context data

* Auth: send full user and req context to CreateToken

* Auth: add token ID in context

* add TokenExpiredError struct

* update auth tests

* remove most of the changes to CreateToken func

* clean up

* Login: add requestURI in CreateToken ctx

* update RequestURIKey comment
 2021-01-19 17:55:53 +01:00
Arve Knudsen
12661e8a9d Move middleware context handler logic to service (#29605) 
* middleware: Move context handler to own service

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
 2020-12-11 11:44:44 +01:00
taciomcosta
10ff4eecef Backend: fix IPv6 address parsing erroneous (#28585) 
* Backend: Fix parsing of client IP address

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
 2020-11-25 07:55:22 +01:00
Arve Knudsen
b5379c5335 Chore: Fix SQL related Go variable naming (#28887) 
* Chore: Fix variable naming

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
 2020-11-11 06:21:08 +01:00
Arve Knudsen
a078e40238 Settings: Rename constants/variables to follow Go naming standards (#28002) 
* settings: Rename constants/variables to follow Go naming standards
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
 2020-10-02 15:45:45 +02:00
Hansuuuuuuuuuu
8d971ab2f2 Auth: Replace maximum inactive/lifetime settings of days to duration (#27150) 
Allows login_maximum_inactive_lifetime_duration and 
login_maximum_lifetime_duration to be configured using 
time.Duration-compatible values while retaining backward compatibility.

Fixes #17554

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
 2020-09-14 15:57:38 +02:00
Arve Knudsen
41d432b5ae Chore: Enable whitespace linter (#25903) 
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
 2020-07-06 20:17:28 +02:00
Arve Knudsen
2a78d2a61c pkg/services: Check errors (#19712) 
* pkg/services: Check errors
* pkg/services: Don't treat context.Canceled|context.DeadlineExceeded as error
 2019-10-22 14:08:18 +02:00
Arve Knudsen
b858a5f496 Don't truncate IPv6 addresses (#19573) 
* Bugfix: Fix parsing of IPv6 addresses

Make sure that IPv6 addresses aren't truncated when parsing. Fixes #18924
* util: Change network address parsing funcs to return error
* pkg/api: Return NetworkAddress instead of host/port
 2019-10-09 08:58:45 +02:00
Alexander Zobnin
60ddad8fdb Batch disable users (#17254) 
* batch disable users

* batch revoke users tokens

* split batch disable user and revoke token

* fix tests for batch disable users

* Chore: add BatchDisableUsers() to the bus
 2019-05-31 13:22:22 +03:00
zhulongcheng
2fff8f77dc move log package to /infra (#17023) 
ref #14679

Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>
 2019-05-13 08:45:54 +02:00
Carl Bergquist
9660356638 Auth: Enable retries and transaction for some db calls for auth tokens (#16785) 
the WithSession wrapper handles retries and connection
management so the caller dont have to worry about it.
 2019-04-30 14:42:01 +02:00
Carl Bergquist
490515aec6 build: partially replace gometalinter with golangci-lint (#16610) 
we still use gometalinter for goconst since it doesn't 
report errors for duplicated in test files
 2019-04-16 10:27:07 +02:00
Marcus Efraimsson
8029e48588 support get user tokens/revoke all user tokens in UserTokenService 2019-03-08 15:15:17 +01:00
bergquist
e163aadfe4 use authtoken for session quota restrictions 
closes #15360
 2019-02-12 15:10:55 +01:00
Marcus Efraimsson
8ae066ab5d move authtoken package into auth package 2019-02-06 17:02:57 +01:00
Marcus Efraimsson
7cd3cd6cd4 auth package refactoring 
moving middleware/hooks away from package
exposing public struct UserToken accessible from other packages
fix debug log lines so the same order and naming are used
 2019-02-05 00:10:56 +01:00
Marcus Efraimsson
fb3c510178 Merge branch 'master' into delete_session_on_logout 2019-02-04 20:23:05 +01:00
bergquist
a6bd2c73a0 introduce samesite setting for login cookie 
ref #15067
 2019-02-01 11:47:21 +01:00
bergquist
a1b3986532 always delete session cookie even if db delete fails 2019-02-01 09:59:53 +01:00
bergquist
91bd908e03 adds more tests signing out session 2019-01-31 22:24:04 +01:00
bergquist
11c4967bdc changes some info logging to debug 2019-01-31 21:51:14 +01:00
bergquist
88ca54eba9 renames signout function 2019-01-31 16:26:36 +01:00
bergquist
43ac79685a delete auth token on signout 2019-01-31 16:13:35 +01:00
bergquist
75760aa892 dont specify domain for auth cookies 2019-01-25 10:40:50 +01:00
bergquist
d6edaa1328 moves cookie https setting to [security] 2019-01-24 19:04:58 +01:00
bergquist
516037fbdd makes sure rotation is always higher than urgent rotation 2019-01-24 13:54:45 +01:00
bergquist
56a521b264 makes auth token rotation time configurable 2019-01-24 10:50:18 +01:00
bergquist
12f8338977 stores hashed state code in cookie 2019-01-22 15:22:24 +01:00
bergquist
d3ec8e1ccb creates new config section for login settings 2019-01-22 15:22:11 +01:00
Marcus Efraimsson
4096449aec extract auth token interface and remove auth token from context 2019-01-22 12:00:33 +01:00
Marcus Efraimsson
366e356e08 more auth token tests 2019-01-21 21:48:18 +01:00
bergquist
777bd9ea18 adds cleanup job for old session tokens 2019-01-21 19:03:32 +01:00
Marcus Efraimsson
38efc1d7d2 s/print/log 2019-01-21 15:53:40 +01:00
bergquist
92620af75f avoid calling now() multiple times 2019-01-21 15:48:17 +01:00
Marcus Efraimsson
dd8476d81a passing auth token tests 2019-01-21 15:06:33 +01:00
Marcus Efraimsson
565408194a handle expired tokens 2019-01-21 13:22:20 +01:00
bergquist
697ddccd8e set userToken on request when logging in 2019-01-21 11:42:10 +01:00
bergquist
55b3013eb3 moves initWithToken to auth package 2019-01-21 11:37:44 +01:00
Marcus Efraimsson
734a7d38b2 set cookie name from configuration 2019-01-21 11:21:43 +01:00
Marcus Efraimsson
766cfab374 change rotate time 2019-01-21 10:22:18 +01:00
Marcus Efraimsson
0d1e3759eb mixor fixes 2019-01-21 10:20:23 +01:00
bergquist
2e97d39abe removes commented code 2019-01-21 10:01:48 +01:00
bergquist
47a7d93fd9 moves rotation into auth since both happens before c.Next() 2019-01-21 08:59:01 +01:00
bergquist
fd937e3d95 remove maxage from session token 2019-01-17 21:03:27 +01:00
bergquist
c2accfa4c0 inital code for rotate 2019-01-17 17:11:52 +01:00
bergquist
aba6148c43 login users based on token cookie 2019-01-16 16:44:40 +01:00