auth added

codeperfectplus · codeperfectplus · commit 14c3ff128b7e · 2024-09-23T15:00:25.000+05:30
diff --git a/src/routes/prometheus.py b/src/routes/prometheus.py
@@ -6,6 +6,7 @@
 from src.config import app, db
 from src.models import ExternalMonitornig
 from src.utils import ROOT_DIR
+from src.routes.helper.common_helper import admin_required
 from src.routes.helper.prometheus_helper import (
     load_yaml, 
     save_yaml, 
@@ -16,19 +17,26 @@
     update_prometheus_config)
 
 
-
 # Define the Prometheus Blueprint
 prometheus_bp = Blueprint('prometheus', __name__)
 
+# todo, find a better way to store the username and password
+username = 'admin'
+password = 'admin'
+
 # Define a route to serve Prometheus metrics
 @app.route('/metrics')
 def metrics():
+    auth = request.authorization
+    if not auth or not (auth.username == username and auth.password == password):
+        return Response('Could not verify', 401, {'WWW-Authenticate': 'Basic realm="Login required"'})
     output = generate_latest()
     output = '\n'.join([line for line in output.decode().split('\n') if not line.startswith('#') and line])
     return Response(output, mimetype='text/plain')
 
 # POST request to manage file paths
 @app.route('/external_monitoring', methods=['GET', 'POST'])
+@admin_required
 def external_monitoring():
     if request.method == 'POST':
         file_path = request.form.get('file_path')
@@ -54,6 +62,7 @@ def external_monitoring():
 
 # POST request to delete file path
 @app.route('/external_monitoring/delete_file_path/<int:id>', methods=['POST'])
+@admin_required
 def delete_file_path(id):
     file_path = ExternalMonitornig.query.get_or_404(id)
     db.session.delete(file_path)
@@ -62,12 +71,14 @@ def delete_file_path(id):
     return redirect(url_for('external_monitoring'))
 
 @app.route('/configure_targets')
+@admin_required
 def configure_targets():
     update_prometheus_config()
     targets_info = show_targets()
     return render_template('other/targets.html', targets_info=targets_info)
 
 @app.route('/targets/restart_prometheus')
+@admin_required
 def restart_prometheus():
     update_prometheus_config
     update_prometheus_container()
@@ -104,6 +115,7 @@ def add_target():
     return redirect(url_for('configure_targets'))
 
 @app.route('/targets/remove_target', methods=['POST'])
+@admin_required
 def remove_target():
     job_name = request.form.get('job_name')
     target_to_remove = request.form.get('target_to_remove')
@@ -131,6 +143,7 @@ def remove_target():
     return redirect(url_for('configure_targets'))
 
 @app.route('/targets/change_interval', methods=['POST'])
+@admin_required
 def change_interval():
     job_name = request.form.get('job_name')
     new_interval = request.form.get('new_interval') + 's'  # New scrape interval
diff --git a/src/scripts/prometheus.sh b/src/scripts/prometheus.sh
@@ -48,6 +48,10 @@ scrape_configs:
     static_configs:
     - targets:
       - '$FLASK_APP_IP:$FLASK_APP_PORT'
+    basic_auth:
+      username: admin
+      password: admin
+
 EOL
 
 # Check if Docker network exists
diff --git a/src/templates/other/targets.html b/src/templates/other/targets.html
@@ -6,76 +6,85 @@
 {% endblock %}
 
 {% block content %}
-    <div class="container">
-        <h1>SystemGuard Targets</h1>
-        {% include 'ext/message.html' %}
+<div class="container">
+    <h1>SystemGuard Targets</h1>
+    {% include 'ext/message.html' %}
 
-        <div class="table-wrapper">
-            <table class="modern-table">
-                <thead>
-                    <tr>
-                        <th>Group Name <i class="fas fa-info-circle" title="Job Name is the name of the service that is being monitored."></i></th>
-                        <th>Targets <i class="fas fa-info-circle" title="Targets are the IP addresses of the services that are being monitored."></i></th>
-                        <th>Scrape Interval <i class="fas fa-info-circle" title="Scrape Interval is the time interval between each scrape of the target."></i></th>
-                        <th>New Interval<i class="fas fa-info-circle" title="Change the scrape interval of the target."></i></th>
-                    </tr>
-                </thead>
-                <tbody>
-                    {% for info in targets_info %}
-                    <tr>
-                        <td>{{ info.job_name }}</td>
-                        <td>
-                            <ul class="target-list">
-                                {% for target in info.targets %}
-                                <li>
-                                    {{ target }}
-                                    <form action="{{ url_for('remove_target') }}" method="post" class="inline-form">
-                                        <input type="hidden" name="job_name" value="{{ info.job_name }}">
-                                        <input type="hidden" name="target_to_remove" value="{{ target }}">
-                                        <button type="submit" class="btn-danger">
-                                            <i class="fas fa-times"></i> Remove
-                                        </button>
-                                    </form>
-                                </li>
-                                {% endfor %}
-                            </ul>
-                        </td>
-                        <td>{{ info.scrape_interval }}</td>
-                        <td>
-                            <form action="{{ url_for('change_interval') }}" method="post" class="inline-form">
-                                <input type="hidden" name="job_name" value="{{ info.job_name }}">
-                                <input type="text" name="new_interval" placeholder="New Interval" required class="input-field">
-                                <input type="submit" value="Change Interval" class="btn-primary">
-                            </form>
-                        </td>
-                    </tr>
-                    {% endfor %}
-                </tbody>
-            </table>
-        </div>
-
-        <div class="section">
-            <h2>Restart Prometheus Docker Service</h2>
-            <form action="{{ url_for('restart_prometheus') }}">
-                <input type="submit" value="Restart Prometheus" class="btn-warning">
-            </form>
-        </div>
+    <div class="table-wrapper">
+        <table class="modern-table">
+            <thead>
+                <tr>
+                    <th>Group Name <i class="fas fa-info-circle"
+                            title="Job Name is the name of the service that is being monitored."></i></th>
+                    <th>Targets <i class="fas fa-info-circle"
+                            title="Targets are the IP addresses of the services that are being monitored."></i></th>
+                    <th>Scrape Interval <i class="fas fa-info-circle"
+                            title="Scrape Interval is the time interval between each scrape of the target."></i></th>
+                    <th>New Interval<i class="fas fa-info-circle" title="Change the scrape interval of the target."></i>
+                    </th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for info in targets_info %}
+                <tr>
+                    <td>{{ info.job_name }}</td>
+                    <td>
+                        <ul class="target-list">
+                            {% for target in info.targets %}
+                            <li>
+                                {{ target }}
+                                <form action="{{ url_for('remove_target') }}" method="post" class="inline-form">
+                                    <input type="hidden" name="job_name" value="{{ info.job_name }}">
+                                    <input type="hidden" name="target_to_remove" value="{{ target }}">
+                                    <button type="submit" class="btn-danger">
+                                        <i class="fas fa-times"></i> Remove
+                                    </button>
+                                </form>
+                            </li>
+                            {% endfor %}
+                        </ul>
+                    </td>
+                    <td>{{ info.scrape_interval }}</td>
+                    <td>
+                        <form action="{{ url_for('change_interval') }}" method="post" class="inline-form">
+                            <input type="hidden" name="job_name" value="{{ info.job_name }}">
+                            <input type="text" name="new_interval" placeholder="New Interval" required
+                                class="input-field">
+                            <input type="submit" value="Change Interval" class="btn-primary">
+                        </form>
+                    </td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
 
-        <div class="section">
-            <h2>Add New Target</h2>
-            <form action="{{ url_for('add_target') }}" method="post" class="add-target-form">
-                <input type="text" name="job_name" placeholder="Group Name" required class="input-field">
-                <input type="text" name="new_target" placeholder="New Target" required class="input-field">
-                <input type="text" name="scrape_interval" placeholder="Scrape Interval" required class="input-field">
-                <br>
-                <button type="submit" class="btn btn-primary btn-lg">
-                    <i class="fas fa-plus"></i> Add Target
-                </button>
-            </form>
-        </div>
+    <div class="section">
+        <h2>Restart Prometheus Docker Service</h2>
+        <form action="{{ url_for('restart_prometheus') }}">
+            <input type="submit" value="Restart Prometheus" class="btn-warning">
+        </form>
+    </div>
+    <div class="section">
+        <h2>Add New Target</h2>
+        <form action="{{ url_for('add_target') }}" method="post" class="add-target-form">
+            <input type="text" name="job_name" placeholder="Group Name" required class="input-field">
+            <input type="text" name="new_target" placeholder="New Target" required class="input-field">
+            <input type="text" name="scrape_interval" placeholder="Scrape Interval" required class="input-field">
+            <input type="text" name="username" placeholder="Username" required class="input-field">
+            <!-- New Username field -->
+            <input type="password" name="password" placeholder="Password" required class="input-field">
+            <!-- New Password field -->
+            <br>
+            <button type="submit" class="btn btn-primary btn-lg">
+                <i class="fas fa-plus"></i> Add Target
+            </button>
+        </form>
     </div>
+
+</div>
 {% endblock %}
 
 {% block extra_scripts %}
 <script src="{{ url_for('static', filename='js/targets.js') }}"></script>
-{% endblock %}
+{% endblock %}
