7 tahun lalu · 543c7fe587
--- a/docs/sources/installation/configuration.md
+++ b/docs/sources/installation/configuration.md
@@ -659,6 +659,10 @@ Set to `true` to enable auto sign up of users who do not exist in Grafana DB. De
 
				 
			
 
				 Limit where auth proxy requests come from by configuring a list of IP addresses. This can be used to prevent users spoofing the X-WEBAUTH-USER header.
			
 
				 
			
 
				+### headers
			
 
				+
			
 
				+Used to define additional headers for `Name`, `Email` and/or `Login`, for example if the user's name is sent in the X-WEBAUTH-NAME header and their email address in the X-WEBAUTH-EMAIL header, set `headers = Name:X-WEBAUTH-NAME Email:X-WEBAUTH-EMAIL`.
			
 
				+
			
 
				 <hr>
			
 
				 
			
 
				 ## [session]
			
--- a/pkg/middleware/auth_proxy.go
+++ b/pkg/middleware/auth_proxy.go
@@ -4,6 +4,7 @@ import (
 
				 	"fmt"
			
 
				 	"net"
			
 
				 	"net/mail"
			
 
				+	"reflect"
			
 
				 	"strings"
			
 
				 	"time"
			
 
				 
			
@@ -111,6 +112,16 @@ func initContextWithAuthProxy(ctx *m.ReqContext, orgID int64) bool {
 
				 			return true
			
 
				 		}
			
 
				 
			
 
				+		for _, field := range []string{"Name", "Email", "Login"} {
			
 
				+			if setting.AuthProxyHeaders[field] == "" {
			
 
				+				continue
			
 
				+			}
			
 
				+
			
 
				+			if val := ctx.Req.Header.Get(setting.AuthProxyHeaders[field]); val != "" {
			
 
				+				reflect.ValueOf(extUser).Elem().FieldByName(field).SetString(val)
			
 
				+			}
			
 
				+		}
			
 
				+
			
 
				 		// add/update user in grafana
			
 
				 		cmd := &m.UpsertUserCommand{
			
 
				 			ReqContext:    ctx,
			
--- a/pkg/setting/setting.go
+++ b/pkg/setting/setting.go
@@ -125,6 +125,7 @@ var (
 
				 	AuthProxyAutoSignUp     bool
			
 
				 	AuthProxyLdapSyncTtl    int
			
 
				 	AuthProxyWhitelist      string
			
 
				+	AuthProxyHeaders        map[string]string
			
 
				 
			
 
				 	// Basic Auth
			
 
				 	BasicAuthEnabled bool
			
@@ -611,6 +612,14 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
 
				 	AuthProxyLdapSyncTtl = authProxy.Key("ldap_sync_ttl").MustInt()
			
 
				 	AuthProxyWhitelist = authProxy.Key("whitelist").String()
			
 
				 
			
 
				+	AuthProxyHeaders = make(map[string]string)
			
 
				+	for _, propertyAndHeader := range util.SplitString(authProxy.Key("headers").String()) {
			
 
				+		split := strings.SplitN(propertyAndHeader, ":", 2)
			
 
				+		if len(split) == 2 {
			
 
				+			AuthProxyHeaders[split[0]] = split[1]
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				 	// basic auth
			
 
				 	authBasic := iniFile.Section("auth.basic")
			
 
				 	BasicAuthEnabled = authBasic.Key("enabled").MustBool(true)