Revision 7595ed066867d8dc0caab54acc7da14f64343024 authored by Gabriel MABILLE on 07 October 2022, 12:30:15 UTC, committed by GitHub on 07 October 2022, 12:30:15 UTC
* FIX: Remove RBAC datasource permissions upon datasource deletion * Use scope provider instead * Fix test
1 parent 0eb3afb
grafana_login.go
package login
import (
"context"
"crypto/subtle"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/user"
"github.com/grafana/grafana/pkg/util"
)
var validatePassword = func(providedPassword string, userPassword string, userSalt string) error {
passwordHashed, err := util.EncodePassword(providedPassword, userSalt)
if err != nil {
return err
}
if subtle.ConstantTimeCompare([]byte(passwordHashed), []byte(userPassword)) != 1 {
return ErrInvalidCredentials
}
return nil
}
var loginUsingGrafanaDB = func(ctx context.Context, query *models.LoginUserQuery, userService user.Service) error {
userQuery := user.GetUserByLoginQuery{LoginOrEmail: query.Username}
user, err := userService.GetByLogin(ctx, &userQuery)
if err != nil {
return err
}
if user.IsDisabled {
return ErrUserDisabled
}
if err := validatePassword(query.Password, user.Password, user.Salt); err != nil {
return err
}
query.User = user
return nil
}
Computing file changes ...
