7 years ago · d3ec8e1ccb
--- a/conf/defaults.ini
+++ b/conf/defaults.ini
@@ -106,6 +106,22 @@ path = grafana.db
 
				 # For "sqlite3" only. cache mode setting used for connecting to the database
			
 
				 cache_mode = private
			
 
				 
			
 
				+#################################### Login ###############################
			
 
				+
			
 
				+[login]
			
 
				+
			
 
				+# login cookie name
			
 
				+cookie_name = grafana_session
			
 
				+
			
 
				+# If you want login cookies to be https only. default is false
			
 
				+cookie_secure = false
			
 
				+
			
 
				+# logged in user name
			
 
				+cookie_username = grafana_user
			
 
				+
			
 
				+# how many days an session can be unused before we inactivate it
			
 
				+login_remember_days = 7
			
 
				+
			
 
				 #################################### Session #############################
			
 
				 [session]
			
 
				 # Either "memory", "file", "redis", "mysql", "postgres", "memcache", default is "file"
			
@@ -124,6 +140,7 @@ provider = file
 
				 
			
 
				 provider_config = sessions
			
 
				 
			
 
				+
			
 
				 # Session cookie name
			
 
				 cookie_name = grafana_sess
			
 
				 
			
--- a/pkg/services/auth/auth_token.go
+++ b/pkg/services/auth/auth_token.go
@@ -38,6 +38,7 @@ type UserAuthTokenService interface {
 
				 type UserAuthTokenServiceImpl struct {
			
 
				 	SQLStore          *sqlstore.SqlStore            `inject:""`
			
 
				 	ServerLockService *serverlock.ServerLockService `inject:""`
			
 
				+	Cfg               *setting.Cfg                  `inject:""`
			
 
				 	log               log.Logger
			
 
				 }
			
 
				 
			
@@ -49,7 +50,7 @@ func (s *UserAuthTokenServiceImpl) Init() error {
 
				 
			
 
				 func (s *UserAuthTokenServiceImpl) InitContextWithToken(ctx *models.ReqContext, orgID int64) bool {
			
 
				 	//auth User
			
 
				-	unhashedToken := ctx.GetCookie(setting.SessionOptions.CookieName)
			
 
				+	unhashedToken := ctx.GetCookie(s.Cfg.LoginCookieName)
			
 
				 	if unhashedToken == "" {
			
 
				 		return false
			
 
				 	}
			
@@ -84,16 +85,19 @@ func (s *UserAuthTokenServiceImpl) InitContextWithToken(ctx *models.ReqContext,
 
				 }
			
 
				 
			
 
				 func (s *UserAuthTokenServiceImpl) writeSessionCookie(ctx *models.ReqContext, value string, maxAge int) {
			
 
				-	ctx.Logger.Info("new token", "unhashed token", value)
			
 
				+	if setting.Env == setting.DEV {
			
 
				+		ctx.Logger.Info("new token", "unhashed token", value, "cookieName", s.Cfg.LoginCookieName, "secure", s.Cfg.LoginCookieSecure)
			
 
				+	}
			
 
				 
			
 
				 	ctx.Resp.Header().Del("Set-Cookie")
			
 
				 	cookie := http.Cookie{
			
 
				-		Name:     setting.SessionOptions.CookieName,
			
 
				+		Name:     s.Cfg.LoginCookieName,
			
 
				 		Value:    url.QueryEscape(value),
			
 
				 		HttpOnly: true,
			
 
				 		Domain:   setting.Domain,
			
 
				 		Path:     setting.AppSubUrl + "/",
			
 
				-		Secure:   setting.SessionOptions.Secure,
			
 
				+		Secure:   s.Cfg.LoginCookieSecure,
			
 
				+		MaxAge:   maxAge,
			
 
				 	}
			
 
				 
			
 
				 	http.SetCookie(ctx.Resp, &cookie)
			
@@ -148,7 +152,11 @@ func (s *UserAuthTokenServiceImpl) CreateToken(userId int64, clientIP, userAgent
 
				 
			
 
				 func (s *UserAuthTokenServiceImpl) LookupToken(unhashedToken string) (*userAuthToken, error) {
			
 
				 	hashedToken := hashToken(unhashedToken)
			
 
				-	expireBefore := getTime().Add(time.Duration(-86400*setting.LogInRememberDays) * time.Second).Unix()
			
 
				+	if setting.Env == setting.DEV {
			
 
				+		s.log.Info("looking up token", "unhashed", unhashedToken, "hashed", hashedToken)
			
 
				+	}
			
 
				+
			
 
				+	expireBefore := getTime().Add(time.Duration(-86400*s.Cfg.LoginCookieMaxDays) * time.Second).Unix()
			
 
				 
			
 
				 	var userToken userAuthToken
			
 
				 	exists, err := s.SQLStore.NewSession().Where("(auth_token = ? OR prev_auth_token = ?) AND created_at > ?", hashedToken, hashedToken, expireBefore).Get(&userToken)
			
--- a/pkg/setting/setting.go
+++ b/pkg/setting/setting.go
@@ -18,7 +18,7 @@ import (
 
				 	"github.com/go-macaron/session"
			
 
				 	"github.com/grafana/grafana/pkg/log"
			
 
				 	"github.com/grafana/grafana/pkg/util"
			
 
				-	"gopkg.in/ini.v1"
			
 
				+	ini "gopkg.in/ini.v1"
			
 
				 )
			
 
				 
			
 
				 type Scheme string
			
@@ -223,6 +223,11 @@ type Cfg struct {
 
				 	MetricsEndpointBasicAuthPassword string
			
 
				 	EnableAlphaPanels                bool
			
 
				 	EnterpriseLicensePath            string
			
 
				+
			
 
				+	LoginCookieName     string
			
 
				+	LoginCookieUsername string
			
 
				+	LoginCookieSecure   bool
			
 
				+	LoginCookieMaxDays  int
			
 
				 }
			
 
				 
			
 
				 type CommandLineArgs struct {
			
@@ -546,6 +551,13 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
 
				 		ApplicationName = APP_NAME_ENTERPRISE
			
 
				 	}
			
 
				 
			
 
				+	//login
			
 
				+	login := iniFile.Section("login")
			
 
				+	cfg.LoginCookieName = login.Key("cookie_name").String()
			
 
				+	cfg.LoginCookieMaxDays = login.Key("login_remember_days").MustInt()
			
 
				+	cfg.LoginCookieSecure = login.Key("cookie_secure").MustBool(false)
			
 
				+	cfg.LoginCookieUsername = login.Key("cookie_username").String()
			
 
				+
			
 
				 	Env = iniFile.Section("").Key("app_mode").MustString("development")
			
 
				 	InstanceName = iniFile.Section("").Key("instance_name").MustString("unknown_instance_name")
			
 
				 	PluginsPath = makeAbsolute(iniFile.Section("paths").Key("plugins").String(), HomePath)