zishuo/onepanel
1
0
Fork 0
mirror of https://github.com/onepanelio/onepanel.git synced 2025-09-27 10:02:10 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: allowed onepanel-auth-token header to provide authentication token.

Browse Source 
Updated server to make that key not require a grpc-gateway prefix.
This commit is contained in:
Andrey Melnikov
2020-07-20 20:52:36 -07:00
parent b01c0c41a8
commit 7af3c9dd7c
2 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
server/auth/auth.go
View File

@@ -50,6 +50,10 @@ func getBearerToken(ctx context.Context) (*string, bool) {
}
}
for _, t := range md.Get("onepanel-auth-token") {
return &t, true
}
return nil, false
}
@@ -98,6 +102,7 @@ func IsAuthorized(c *v1.Client, namespace, verb, group, resource, name string) (
// 2. Is there a token? There should be a token for everything except logging in.
func UnaryInterceptor(kubeConfig *v1.Config, db *v1.DB, sysConfig v1.SystemConfig) grpc.UnaryServerInterceptor {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
// Check if the provided token is valid. This does not require a token in the header.
if info.FullMethod == "/api.AuthService/IsValidToken" {
md, ok := metadata.FromIncomingContext(ctx)
if !ok {