code.gitea.io/gitea@v1.21.7/routers/web/metrics.go

code.gitea.io/gitea@v1.21.7/routers/web/metrics.go (about)

     1  // Copyright 2018 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package web
     5  
     6  import (
     7  	"crypto/subtle"
     8  	"net/http"
     9  
    10  	"code.gitea.io/gitea/modules/setting"
    11  
    12  	"github.com/prometheus/client_golang/prometheus/promhttp"
    13  )
    14  
    15  // Metrics validate auth token and render prometheus metrics
    16  func Metrics(resp http.ResponseWriter, req *http.Request) {
    17  	if setting.Metrics.Token == "" {
    18  		promhttp.Handler().ServeHTTP(resp, req)
    19  		return
    20  	}
    21  	header := req.Header.Get("Authorization")
    22  	if header == "" {
    23  		http.Error(resp, "", http.StatusUnauthorized)
    24  		return
    25  	}
    26  	got := []byte(header)
    27  	want := []byte("Bearer " + setting.Metrics.Token)
    28  	if subtle.ConstantTimeCompare(got, want) != 1 {
    29  		http.Error(resp, "", http.StatusUnauthorized)
    30  		return
    31  	}
    32  	promhttp.Handler().ServeHTTP(resp, req)
    33  }