root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 83 Packages Projects Releases Wiki Activity
grafana/pkg/api/basic_auth.go

20 lines
678 B
Go
Raw Normal View History

Re-organize packages and add basic auth test
2018-11-20 02:15:18 +08:00
package api
Add basic authentication support to metrics endpoint
2018-11-15 04:42:47 +08:00
import (
"crypto/subtle"
Macaron: remove custom Request type (#37874) * remove macaron.Request, use http.Request instead * remove com dependency from bindings module * fix another c.Req.Request
2021-09-01 17:18:30 +08:00
"net/http"
Add basic authentication support to metrics endpoint
2018-11-15 04:42:47 +08:00
)
Re-organize packages and add basic auth test
2018-11-20 02:15:18 +08:00
// BasicAuthenticatedRequest parses the provided HTTP request for basic authentication credentials
Add basic authentication support to metrics endpoint
2018-11-15 04:42:47 +08:00
// and returns true if the provided credentials match the expected username and password.
// Returns false if the request is unauthenticated.
// Uses constant-time comparison in order to mitigate timing attacks.
Macaron: remove custom Request type (#37874) * remove macaron.Request, use http.Request instead * remove com dependency from bindings module * fix another c.Req.Request
2021-09-01 17:18:30 +08:00
func BasicAuthenticatedRequest(req *http.Request, expectedUser, expectedPass string) bool {
Add basic authentication support to metrics endpoint
2018-11-15 04:42:47 +08:00
user, pass, ok := req.BasicAuth()
Fix formatting and remove enabled toggle
2018-11-15 06:37:32 +08:00
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(expectedUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(expectedPass)) != 1 {
Add basic authentication support to metrics endpoint
2018-11-15 04:42:47 +08:00
return false
}
return true
}