mirror of
https://github.com/grafana/grafana.git
synced 2024-11-30 12:44:10 -06:00
318182ccc9
* Chore: refactor auth proxy Introduced the helper struct for auth_proxy middleware. Added couple unit-tests, but it seems "integration" tests already cover most of the code paths. Although it might be good idea to test every bit of it, hm. Haven't refactored the extraction of the header logic that much Fixes #16147 * Fix: make linters happy
64 lines
1.4 KiB
Go
64 lines
1.4 KiB
Go
package middleware
|
|
|
|
import (
|
|
"github.com/grafana/grafana/pkg/infra/remotecache"
|
|
authproxy "github.com/grafana/grafana/pkg/middleware/auth_proxy"
|
|
m "github.com/grafana/grafana/pkg/models"
|
|
)
|
|
|
|
const (
|
|
|
|
// cachePrefix is a prefix for the cache key
|
|
cachePrefix = authproxy.CachePrefix
|
|
)
|
|
|
|
func initContextWithAuthProxy(store *remotecache.RemoteCache, ctx *m.ReqContext, orgID int64) bool {
|
|
auth := authproxy.New(&authproxy.Options{
|
|
Store: store,
|
|
Ctx: ctx,
|
|
OrgID: orgID,
|
|
})
|
|
|
|
// Bail if auth proxy is not enabled
|
|
if auth.IsEnabled() == false {
|
|
return false
|
|
}
|
|
|
|
// If the there is no header - we can't move forward
|
|
if auth.HasHeader() == false {
|
|
return false
|
|
}
|
|
|
|
// Check if allowed to continue with this IP
|
|
if result, err := auth.IsAllowedIP(); result == false {
|
|
ctx.Handle(407, err.Error(), err.DetailsError)
|
|
return true
|
|
}
|
|
|
|
// Try to get user id from various sources
|
|
id, err := auth.GetUserID()
|
|
if err != nil {
|
|
ctx.Handle(500, err.Error(), err.DetailsError)
|
|
return true
|
|
}
|
|
|
|
// Get full user info
|
|
user, err := auth.GetSignedUser(id)
|
|
if err != nil {
|
|
ctx.Handle(500, err.Error(), err.DetailsError)
|
|
return true
|
|
}
|
|
|
|
// Add user info to context
|
|
ctx.SignedInUser = user
|
|
ctx.IsSignedIn = true
|
|
|
|
// Remember user data it in cache
|
|
if err := auth.Remember(); err != nil {
|
|
ctx.Handle(500, err.Error(), err.DetailsError)
|
|
return true
|
|
}
|
|
|
|
return true
|
|
}
|