* WIP
* Fix JWTs for auth-durations less than 5 mins
For auth-duration = 0 the JWT now understands that there does not
need to be duration checks.
For auth-duration < 5 minutes > 0 the JWT lifespan will be 1/2
of auth-duration to allow one extension
There is likely a range of very short auth-duration times like, say,
less than 5 seconds that would never allow a person to login simply
because the time of issue and request is longer.
* Update changelog
* User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close
* Refactor GET 'me' into heartbeat at constant interval
* Add ping route to all routes
* Add /chronograf/v1/ping endpoint for server status
* Refactor cookie generation to use an interface
* WIP adding refreshable tokens
* Add reminder to review index.js Login error handling
* Refactor Authenticator interface to accommodate cookie duration and logout delay
* Update make run-dev to be more TICKStack compliant
* Remove heartbeat/logout duration from authentication
* WIP Refactor tests to accommodate cookie and auth refactor
* Update oauth2 tests to newly refactored design
* Update oauth provider tests
* Remove unused oauth2/consts.go
* Move authentication middleware to server package
* Fix authentication comment
* Update authenication documentation to mention AUTH_DURATION
* Update /chronograf/v1/ping to simply return 204
* Fix Makefile run-dev target
* Remove spurious ping route
* Update auth docs to clarify authentication duration
* Revert "Refactor GET 'me' into heartbeat at constant interval"
This reverts commit 298a8c47e1.
Conflicts:
ui/src/index.js
* Add auth test for JWT signing method
* Add comments for why coverage isn't written for some areas of jwt code
* Update auth docs to explicitly mention how to require re-auth for all users on server restart
* Add Duration to Validation interface for Tokens
* Make auth duration of zero yield a everlasting token
* Revert "Revert "Refactor GET 'me' into heartbeat at constant interval""
This reverts commit b4773c15af.
* Rename http status constants and add FORBIDDEN
* Heartbeat only when logged in, notify user if heartbeat fails
* Update changelog
* Fix minor word semantics
* Update oauth2 tests to be in the oauth2_test package
* Add check at compile time that JWT implements Tokenizer
* Rename CookieMux to AuthMux for consistency with earlier refactor
* Fix logout middleware
* Fix logout button not showing due to obsolete data shape expectations
* Update changelog
* Fix proptypes for logout button data shape in SideNav
* Experiments
* Attach Cell Renaming to NameableGraph ContextMenu option
* Polish styles for Cell Name input field + draggable state
* Update CHANGELOG
* Text and placeholder updates
* Peel types off PropTypes
* Revert to parseMode
* Update copy to be more descriptive of resulting behavior
* Add question mark tooltips to Chat ID and Token
* Expand tooltips to be hoverable with clickable contents
* Extract QuestionMarkComponent to its own file
* Update CHANGELOG
* url is never changed, so omit this field
* Extract constants to their own file
* Refactor PropTypes
* Clear up Kapacitor Alert HipChat configuration
* Update CHANGELOG
* your-room => room
* Extract this tooltip to its own file
* Reorder CHANGELOG entries
* Text and placeholder updates
* Peel types off PropTypes
* Revert to parseMode
* Update copy to be more descriptive of resulting behavior
* Add question mark tooltips to Chat ID and Token
* Expand tooltips to be hoverable with clickable contents
* Extract QuestionMarkComponent to its own file
* Update CHANGELOG
* url is never changed, so omit this field
* Extract constants to their own file
* NavBlocks without NavListItem children are valid
Some sidebar NavBlocks consist of just a header,
and clicking on that header should mark the NavBlock
as active
* Update CHANGELOG
* Leverage markdown to cut down on merge conflicts
* Introduce Kapacitor and InfluxDB as command line options
If omitted, their values will be null at runtime. If supplied, e.g.:
chronograf
--kapacitor https://path.to.my:1/kapacitor/instance
--influxdb https://path.to.my:1/influxdb/instance
Their values will be accessible via
Server.Kapacitor
Server.InfluxDB
* MultiSourcesStore will hold Bolt and config’d sources
* Delegate to db.SourcesStore for now
* Add Username/Password tags for InfluxDB and Kapacitor
* Builders for MultiSourceStore and MultiLayoutStore
* Store Kapacitor and InfluxDB configs in memory
* Typo
* Update CHANGELOG
* Move StoreBuilders to server/builders.go
* Correct these assertions by reversing them
* Kapacitor -> KapacitorURL; InfluxDB -> InfluxDBURL
* Pass cell name through to Visualization component.
* Rename Header components in Dashboard page to better match their actual component names.
* Update changelog.
* Fix number on update changelog
* Rename selectStatement to buildInfluxQLQuery
* Moved `influxql/select` to `utils/influxql`
* Replace `buildQuery` with `buildInfluxQLQuery` util function
* Retain GROUP BY clause when saving cell query
* Revert "Replace `buildQuery` with `buildInfluxQLQuery` util function"
This reverts commit d932d99bfa.
* Build DashboardCell queries with buildInfluxQLQuery util
Retain old LayouRenderer.buildQuery functionality for
canned dashboards, and anything else that isn’t using
the queryConfig schema. Rename this function to make
it clear that it is legacy behavior, and that it
should not be a dependency of any new code.
* Update CHANGELOG
* Redirect to default source on invalid source ID
When supplied with an invalid source ID, the CheckSources component
would redirect the user to a "Create Source" page. This caused
surprising behavior when a source was deleted because that source ID
would become invalid. The effect being that deleting a source brought
users immediately to the create source page, rather than back to the
sources list.
This instead redirects users to the default source when provided an
invalid source id. The backend automatically re-assigns the "default"
source, so this will always succeed, since sources are fetched again
from the backend.
The regex used is slightly dependent on URL structure that has been
stable over the lifetime of this project. Also it relies on URL
structure more than the previous redirecting implementation.
* Force sources to reload after deletion
Deleting a source invalidates the state held by the client because of
automatic re-assignment of the default source by the backend. Without
duplicating backend logic, it is impossible for the frontend to discover
the new source without reloading sources.
The ManageSources page now uses an async-action creator which deletes
the requested source and reloads all sources. The source action creators
have also been refactored to use implicit returns like other action
creators.
* Remove Dead removeSource action
removeSource is no longer used because the API invalidates its
assumptions. For more information, see 04bf3ca.
* Update Changelog with source deletion redirect fix
Users are no longer unexpectedly redirected to the "create source" page
whenever they delete a source that they are connected to.
* Return 404 when deleting non-existent source
When deleting a source, a new default is assigned automatically. If a
non-existent source ID was provided, previously this would result in a
500. This is a violation of the Swagger docs. The solution is to examine
the error and if it was an ErrSourceNotFound, invoke the notFound
handler.
* Add Error handling to source deletion
There are two kinds of errors that can be encountered when deleting a
source: a 404 and a 500 (from either the delete or the subsequent
fetch).
The 404 is a precondition failure of the action creator. The source.id
requested can be non-existent for two reasons: 1) The action creator was
passed garbage by the caller. 2) A concurrent write occurred which
silently invalidated this session's state. For the first case, we can
ensure that the caller is sane by having an assertion check that the
requested source is among some set of sources. This could be
circumvented by a caller, but chances are good that both the full set of
sources and the desired source are both available to callers of this
action creator. The second case is not an error. In this case, we should
proceed reloading sources, since the deletion that was requested has
already been performed by someone else.
Finally, 500s can only occur if there is something broken with the API.
In this situation, we provide a notification that tells the user to
check the API logs for more information.
* Remove duplicate CHANGELOG entries
These were introduced due to a naive merge conflict resolution.
* Remove assertion
This was decided to be confusing and unnecessary.
* Remove remnants of removed assertion
These were needed for an assertion that has been removed. It's no longer
necessary to pass `sources` to the action creator.
* Move isEditMode from Redux to component state
* Use ConfirmButtons instead of Save button
* Save and Cancel dashboard name edits with ConfirmButtons
* Handler should operate on values instead of events
* Update CHANGELOG
Andrew Watkins
Regan Kuchan
Jade McGough
Alex P
Jared Scheib
Chris Goller
Jared Scheib
Luke Morris
Andrew Watkins
Fred Cox
nathan haugo
Hunter Trujillo
Timothy J. Raymond
Tim Raymond
Jade McGough
Alex Paxton