| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 |
- package api
- import (
- "errors"
- "strconv"
- "github.com/torkelo/grafana-pro/pkg/models"
- "github.com/gin-gonic/gin"
- "github.com/gorilla/sessions"
- )
- type authContext struct {
- account *models.Account
- userAccount *models.Account
- }
- func (auth *authContext) getAccountId() int {
- return auth.account.Id
- }
- func (self *HttpServer) authDenied(c *gin.Context) {
- c.Writer.Header().Set("Location", "/login")
- c.Abort(302)
- }
- func authGetRequestAccountId(c *gin.Context, session *sessions.Session) (int, error) {
- accountId := session.Values["accountId"]
- urlQuery := c.Request.URL.Query()
- if len(urlQuery["render"]) > 0 {
- accId, _ := strconv.Atoi(urlQuery["accountId"][0])
- session.Values["accountId"] = accId
- accountId = accId
- }
- if accountId == nil {
- return -1, errors.New("Auth: session account id not found")
- }
- return accountId.(int), nil
- }
- func (self *HttpServer) auth() gin.HandlerFunc {
- return func(c *gin.Context) {
- session, _ := sessionStore.Get(c.Request, "grafana-session")
- accountId, err := authGetRequestAccountId(c, session)
- if err != nil && c.Request.URL.Path != "/login" {
- self.authDenied(c)
- return
- }
- account, err := self.store.GetAccount(accountId)
- if err != nil {
- self.authDenied(c)
- return
- }
- usingAccount, err := self.store.GetAccount(account.UsingAccountId)
- if err != nil {
- self.authDenied(c)
- return
- }
- c.Set("userAccount", account)
- c.Set("usingAccount", usingAccount)
- session.Save(c.Request, c.Writer)
- }
- }
|
