grafana

Commit Graph

Author	SHA1	Message	Date
Marcus Efraimsson	d53e64a32c	move auth token middleware/hooks to middleware package fix/adds auth token middleware tests	7 years ago
Marcus Efraimsson	cfd8eb5167	now /api/login/ping returns Response	7 years ago
Marcus Efraimsson	dd5a8275f1	must return json response from /api/login/ping Even though http error 401 was returned, the result was still a http 200	7 years ago
bergquist	88ca54eba9	renames signout function	7 years ago
bergquist	d6edaa1328	moves cookie https setting to [security]	7 years ago
bergquist	9153b6ed96	improves readability of loginping handler	7 years ago
bergquist	4626f083bb	store oauth login error messages in an encrypted cookie	7 years ago
bergquist	df85cc9bb1	redirect logged in users from /login to home	7 years ago
bergquist	c3ff3d644c	fixes nil ref in tests	7 years ago
Marcus Efraimsson	8b3fe41b0a	log fix	7 years ago
bergquist	aba6148c43	login users based on token cookie	7 years ago
Marcus Efraimsson	8764fb5aa6	inject login/logout hooks	7 years ago
Nick Triller	3414be18bc	Implement oauth_auto_login setting Redirect in backend	7 years ago
Torkel Ödegaard	8c9939df72	Adds backend hooks service so extensions can modify index data	7 years ago
Torkel Ödegaard	565edc1ed3	added setting top hide plugins in alpha state	7 years ago
Torkel Ödegaard	92ed1f04af	sql: added code migration type	7 years ago
Julien Pivotto	a5e6cb9a02	Fix #9847 Add a generic signout_redirect_url to enable oauth logout Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>	8 years ago
Dan Cech	d837be91ec	switch to passing ReqContext as a property	8 years ago
Dan Cech	1c5afa731f	shared library for managing external user accounts	8 years ago
Julian Kornberger	0a415c50d0	Make golint happier	8 years ago
Julian Kornberger	7aab6a8887	Make golint happier	8 years ago
Dan Cech	c0ecdee375	rename Context to ReqContext	8 years ago
Dan Cech	338655dd37	move Context and session out of middleware	8 years ago
Marcus Efraimsson	3d1c624c12	WIP: Protect against brute force (frequent) login attempts (#10031 ) * db: add login attempt migrations * db: add possibility to create login attempts * db: add possibility to retrieve login attempt count per username * auth: validation and update of login attempts for invalid credentials If login attempt count for user authenticating is 5 or more the last 5 minutes we temporarily block the user access to login * db: add possibility to delete expired login attempts * cleanup: Delete login attempts older than 10 minutes The cleanup job are running continuously and triggering each 10 minute * fix typo: rename consequent to consequent * auth: enable login attempt validation for ldap logins * auth: disable login attempts validation by configuration Setting is named DisableLoginAttemptsValidation and is false by default Config disable_login_attempts_validation is placed under security section #7616 * auth: don't run cleanup of login attempts if feature is disabled #7616 * auth: rename settings.go to ldap_settings.go * auth: refactor AuthenticateUser Extract grafana login, ldap login and login attemp validation together with their tests to separate files. Enables testing of many more aspects when authenticating a user. #7616 * auth: rename login attempt validation to brute force login protection Setting DisableLoginAttemptsValidation => DisableBruteForceLoginProtection Configuration disable_login_attempts_validation => disable_brute_force_login_protection #7616	8 years ago
bergquist	2de94d6548	convert old metrics to prom metrics	8 years ago
Torkel Ödegaard	e3bd51e38d	fix: remove duplicate set-cookie when logging in, fixes #9013	8 years ago
Torkel Ödegaard	23b0795dcc	ux: minor button changes	8 years ago
Daniel Lee	1e5778174c	login: regenerates session id on login	8 years ago
Torkel Ödegaard	b780415f25	fix: change to remember me cookie encoding	9 years ago
Daniel Lee	beb85f413a	oauth: delete session key instead of set to empty Adds the Delete function to the Session wrapper so that the Macaron function for deleting keys from a Session can be used. https://go-macaron.com/docs/middlewares/session#implement-provider-interface	9 years ago
Torkel Ödegaard	54c6699c2b	usermanagement: disable invite features when login form is disabled, cherry picked from master, #7875	9 years ago
Dan Cech	737c29ec8c	disable inviting new users to orgs if login form is disabled	9 years ago
Alexander Menzhinsky	30c334a2b8	Add common type for oauth authorization errors	9 years ago
Torkel Ödegaard	2750c8a801	feat(config): changed name of allow_user_login_pass to disable_login_form, changed the section of the config option to [auth], impacts merged PR #5423	9 years ago
Torkel Ödegaard	e5fc4332cd	feat(oauth): refactoring PR #6077	9 years ago
Dan Cech	fc17ed351c	support logging in with grafana.net credentials	9 years ago
Kevin Fitzpatrick	b4646b6c3a	Allow users to use a generic oauth that conforms to the github style. Enables users to set their own link text.	10 years ago
bergquist	690a74c6b7	feat(login): invert naming for dissallow user pass login	10 years ago
Kevin Fitzpatrick	040586604b	Allow configuration to disable the username and password login interface. Used for when admins only want users to login via OAuth.	10 years ago
Torkel Ödegaard	2a557f67d2	Do not set remember me cookie when days are set to zero	10 years ago
Torkel Ödegaard	df0bc7bbc4	feat(external_plugin): lots of refactoring for side menu link extensions and view data, #3185	10 years ago
Haneysmith, Nathan	235bbc9c7e	custom login hints via config file	10 years ago
Torkel Ödegaard	0b5ba55131	feat(ldap): work on reading ldap config from toml file, #1450	11 years ago
Torkel Ödegaard	eb793f7feb	Initial work on ldap support, #1450	11 years ago
Torkel Ödegaard	fc47fb8f64	Backend auth: remember cookie is needed for oauth logins as well	11 years ago
Torkel Ödegaard	c07d48d930	A big refactoring for how sessions are handled, Api calls that authenticate with api key will no longer create a new session	11 years ago
Torkel Ödegaard	22adf0d06e	Datasource proxy & session timeout fix (casued 401 Unauthorized error after a while), Fixes #1667	11 years ago
Torkel Ödegaard	d987532262	Added server metrics	11 years ago
Torkel Ödegaard	f3d4d2782f	Simplified single org settings, now auto_assign_org, and auto_assign_org_role, new [users] config section, Closes #1585	11 years ago
Torkel Ödegaard	10820f31c2	Changed go package path	11 years ago

1 2

58 Commits (d53e64a32c48fca9149d2e291313a6dc8b04bb53)