grafana

Commit Graph

Author	SHA1	Message	Date
Jeffrey Descan	c5f906f472	Security: refactor 'redirect_to' cookie to use 'Secure' flag (#19787 ) * Refactor redirect_to cookie with secure flag in middleware * Refactor redirect_to cookie with secure flag in api/login * Refactor redirect_to cookie with secure flag in api/login_oauth * Removed the deletion of 'Set-Cookie' header to prevent logout * Removed the deletion of 'Set-Cookie' at top of api/login.go * Add HttpOnly flag on redirect_to cookies where missing * Refactor duplicated code * Add tests * Refactor cookie options * Replace local function for deleting cookie * Delete redundant calls Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>	6 years ago
Marcus Efraimsson	964c2e722f	Snapshot: Fix http api (#18830 ) (cherry picked from commit `be2e2330f5`)	6 years ago
Leonard Gram	6589a4e55f	teams: better names for api permissions.	6 years ago
Hugo Häggmark	782b5b6a3a	teams: viewers and editors can view teams	6 years ago
Leonard Gram	22e098b830	teams: editors can work with teams.	6 years ago
Johannes Schill	a81d5486b0	Viewers with viewers_can_edit should be able to access /explore (#15787 ) * fix: Viewers with viewers_can_edit should be able to access /explore #15773 * refactoring initial PR a bit to simplify function and reduce duplication	6 years ago
bergquist	5998646da5	restrict session usage to auth_proxy	7 years ago
Dan Cech	3056d9a80e	support passing api token in Basic auth password (#12416 )	7 years ago
Julian Kornberger	7aab6a8887	Make golint happier	7 years ago
Dan Cech	c0ecdee375	rename Context to ReqContext	7 years ago
Dan Cech	338655dd37	move Context and session out of middleware	7 years ago
bergquist	0ab0343995	mark redirect_to cookie as http only closes #10829	7 years ago
Alexander Zobnin	f97be541af	redirect "permission denied" requests to "/" (#10773 )	8 years ago
bergquist	4fe72ebf69	feat(macaron): upgrades macaron version	10 years ago
Torkel Ödegaard	fdcb4473af	fix(api auth): return 401 for authentication errors and 403 for access denied errors, fixes #2693	10 years ago
Torkel Ödegaard	1f330d7753	Basic auth: Fixed issue when using basic auth proxy infront of Grafana, Fixes #1673	10 years ago
Torkel Ödegaard	b83367063e	Small improvement to dashboard loading error handling	10 years ago
Anthony Woods	7010df0fe8	fixes #1619 Secure PhantomJS Png rendering removes auth hack to allow phantomjs to query pages as a user without auth. Instead we pass phantomjs the session cookie, which it then includes in the request.	10 years ago
Torkel Ödegaard	477e035f2e	Fixed anonymous access mode, Closes #1586	10 years ago
Torkel Ödegaard	26e4809e2e	Big Backend Refatoring: Renamed Account -> Org	10 years ago
Torkel Ödegaard	10820f31c2	Changed go package path	11 years ago
Torkel Ödegaard	1d6413bfae	More work on backend for user favorites	11 years ago
Torkel Ödegaard	1cff564483	Fontend handling of account role to hide user actions and links that the user does not have access to	11 years ago
Torkel Ödegaard	a5e450a0dd	Worked on anonymous access	11 years ago
Torkel Ödegaard	257519490a	Worked on login remember cookie, and redirect after login	11 years ago
Torkel Ödegaard	951ce0a102	API token -> API key rename	11 years ago
Torkel Ödegaard	90925273a0	User / Account model split, User and account now seperate entities, collaborators are now AccountUsers	11 years ago
Torkel Ödegaard	1532eb4278	Fixed png rendering	11 years ago
Torkel Ödegaard	2b05dac071	Api Key role is now correcty added do middleware context	11 years ago
Torkel Ödegaard	3912ed5023	Role checking when saving dashboard, making sure that the user has owner or editor role	11 years ago
Torkel Ödegaard	22156fe309	Big refactoring for context.User, and how current user info is fetching, now included collaborator role	11 years ago
Torkel Ödegaard	5ec07db143	Refactoring of auth middleware, and starting work on account admin	11 years ago
Torkel Ödegaard	5e18afe916	Refactoring of api routes	11 years ago
Torkel Ödegaard	ced5e5500e	mini code cleanup of in auth	11 years ago
woodsaj	7b17e38f5d	add Token authentication support Added CRUD methods for Tokens. Extend Auth Handler to check for the presence of a Bearer Authorization header to authenticate against. If there is no header, or the token is not valid, the Auth Handler falls back to looking for a Session.	11 years ago
Torkel Ödegaard	35326e1d92	Worked a little on anonymous access, needs more work	11 years ago
Torkel Ödegaard	f25a415a9e	Work on making grafana work in sub url	11 years ago
Torkel Ödegaard	22bf20a135	Refactoring get account by id and by login to queries	11 years ago
Torkel Ödegaard	90ae59ccaf	Fixed png rending	11 years ago
Torkel Ödegaard	4eefa73441	Progress on account and dashboard save/load	11 years ago
Torkel Ödegaard	eb2c078898	Progres on move to sql from rethinkdb	11 years ago
Torkel Ödegaard	222319d924	macaron transition progress	11 years ago

1 2

92 Commits (101011-docs-document-new-alerting-threshold-operators)