Skip to content

Commit

Permalink
chore(gateway): log error on unauthorized attempt
Browse files Browse the repository at this point in the history
  • Loading branch information
@GeorgeMac
GeorgeMac committed Oct 17, 2019
1 parent 984f64d commit 3bc113e
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 4 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
1. [15348](https://github.com/influxdata/influxdb/pull/15348): Disable saving for threshold check if no threshold selected
1. [15354](https://github.com/influxdata/influxdb/pull/15354): Query variable selector shows variable keys, not values
1. [15246](https://github.com/influxdata/influxdb/pull/15427): UI/Telegraf filter functionality shows results based on input name
1. [15452](https://github.com/influxdata/influxdb/pull/15452): Log error as info message on unauthorized API call attempts

## v2.0.0-alpha.18 [2019-09-26]

Expand Down
13 changes: 9 additions & 4 deletions http/authentication_middleware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,11 @@ func ProbeAuthScheme(r *http.Request) (string, error) {
return sessionAuthScheme, nil
}

func (h *AuthenticationHandler) unauthorized(ctx context.Context, w http.ResponseWriter, err error) {
h.Logger.Info("unauthorized", zap.Error(err))
UnauthorizedError(ctx, h, w)
}

// ServeHTTP extracts the session or token from the http request and places the resulting authorizer on the request context.
func (h *AuthenticationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if handler, _, _ := h.noAuthRouter.Lookup(r.Method, r.URL.Path); handler != nil {
Expand All @@ -79,7 +84,7 @@ func (h *AuthenticationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request
ctx := r.Context()
scheme, err := ProbeAuthScheme(r)
if err != nil {
UnauthorizedError(ctx, h, w)
h.unauthorized(ctx, w, err)
return
}

Expand All @@ -89,17 +94,17 @@ func (h *AuthenticationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request
case tokenAuthScheme:
auth, err = h.extractAuthorization(ctx, r)
if err != nil {
UnauthorizedError(ctx, h, w)
h.unauthorized(ctx, w, err)
return
}
case sessionAuthScheme:
auth, err = h.extractSession(ctx, r)
if err != nil {
UnauthorizedError(ctx, h, w)
h.unauthorized(ctx, w, err)
return
}
default:
UnauthorizedError(ctx, h, w)
h.unauthorized(ctx, w, err)
return
}

Expand Down

0 comments on commit 3bc113e

Please sign in to comment.