Began work on hashing api keys

11 years ago · 5269422f7c
parent c9f06e1da1
commit 5269422f7c
6 changed files with 33 additions and 29 deletions
--- a/pkg/api/api.go
+++ b/pkg/api/api.go
@ -2,10 +2,10 @@ package api
 import (
 	"github.com/Unknwon/macaron"
 	"github.com/macaron-contrib/binding"
 	"github.com/grafana/grafana/pkg/api/dtos"
 	"github.com/grafana/grafana/pkg/middleware"
 	m "github.com/grafana/grafana/pkg/models"
 	"github.com/macaron-contrib/binding"
 )
 // Register adds http routes
@ -61,10 +61,8 @@ func Register(r *macaron.Macaron) {
 		// auth api keys
 		r.Group("/auth/keys", func() {
-			r.Combo("/").
+			r.Get("/", GetApiKeys)
-				Get(GetApiKeys).
+			r.Post("/", bind(m.AddApiKeyCommand{}), AddApiKey)
 				Post(bind(m.AddApiKeyCommand{}), AddApiKey).
 				Put(bind(m.UpdateApiKeyCommand{}), UpdateApiKey)
 			r.Delete("/:id", DeleteApiKey)
 		}, reqAccountAdmin)
--- a/pkg/api/apikey.go
+++ b/pkg/api/apikey.go
@ -21,7 +21,6 @@ func GetApiKeys(c *middleware.Context) {
 			Id:   t.Id,
 			Name: t.Name,
 			Role: t.Role,
 			Key:  t.Key,
 		}
 	}
 	c.JSON(200, result)
@ -59,25 +58,7 @@ func AddApiKey(c *middleware.Context, cmd m.AddApiKeyCommand) {
 		Id:   cmd.Result.Id,
 		Name: cmd.Result.Name,
 		Role: cmd.Result.Role,
 		Key:  cmd.Result.Key,
 	}
 	c.JSON(200, result)
 }
 func UpdateApiKey(c *middleware.Context, cmd m.UpdateApiKeyCommand) {
 	if !cmd.Role.IsValid() {
 		c.JsonApiErr(400, "Invalid role specified", nil)
 		return
 	}
 	cmd.AccountId = c.AccountId
 	err := bus.Dispatch(&cmd)
 	if err != nil {
 		c.JsonApiErr(500, "Failed to update api key", err)
 		return
 	}
 	c.JsonOK("API key updated")
 }
--- a/pkg/components/apikeygen/apikeygen.go
+++ b/pkg/components/apikeygen/apikeygen.go
@ -0,0 +1,30 @@
 package apikeygen
 import (
 	"strconv"
 	"github.com/grafana/grafana/pkg/util"
 )
 type KeyGenResult struct {
 	HashedKey      string
 	JsonKeyEncoded string
 }
 type ApiKeyJson struct {
 	Key       string
 	AccountId int64
 	Name      string
 }
 func GenerateNewKey(accountId int64, name string) KeyGenResult {
 	jsonKey := ApiKeyJson{}
 	jsonKey.AccountId = accountId
 	jsonKey.Name = name
 	jsonKey.Key = util.GetRandomString(32)
 	result := KeyGenResult{}
 	result.HashedKey = util.EncodePassword([]byte(jsonKey.Key), []byte(strconv.FormatInt(accountId, 10)))
 }
--- a/pkg/models/apikey.go
+++ b/pkg/models/apikey.go
@ -60,6 +60,5 @@ type GetApiKeyByKeyQuery struct {
 type ApiKeyDTO struct {
 	Id   int64    `json:"id"`
 	Name string   `json:"name"`
 	Key  string   `json:"key"`
 	Role RoleType `json:"role"`
 }
--- a/pkg/services/sqlstore/migrations.go
+++ b/pkg/services/sqlstore/migrations.go
@ -170,9 +170,6 @@ func addApiKeyMigrations(mg *Migrator) {
 	mg.AddMigration("add index api_key.account_id", new(AddIndexMigration).
 		Table("api_key").Columns("account_id"))
 	mg.AddMigration("add index api_key.key", new(AddIndexMigration).
 		Table("api_key").Columns("key").Unique())
 	mg.AddMigration("add index api_key.account_id_name", new(AddIndexMigration).
 		Table("api_key").Columns("account_id", "name").Unique())
 }
--- a/src/app/features/account/partials/users.html
+++ b/src/app/features/account/partials/users.html
@ -11,7 +11,6 @@
 		<h2>Account users</h2>
 		<form name="form">
 			<div class="tight-form">
 				<ul class="tight-form-list">