From 3c1c43ae9cac74deaddddef1b9bda2894a2c31e4 Mon Sep 17 00:00:00 2001
From: Ulric Qin <ulric.qin@gmail.com>
Date: Thu, 28 May 2020 18:42:42 +0800
Subject: [PATCH 1/3] monapi support grafana

---
 etc/monapi.yml                                      | 4 ++++
 src/modules/monapi/config/yaml.go                   | 1 +
 src/modules/monapi/http/middleware/authorization.go | 4 +++-
 src/modules/monapi/http/routes/routes.go            | 2 ++
 4 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/etc/monapi.yml b/etc/monapi.yml
index ba7c2238..cdadb75f 100644
--- a/etc/monapi.yml
+++ b/etc/monapi.yml
@@ -59,3 +59,7 @@ redis:
   #   conn: 500
   #   read: 3000
   #   write: 3000
+
+tokens:
+  - 7dcd606e0462f9df2fea0bf505c9e622
+
diff --git a/src/modules/monapi/config/yaml.go b/src/modules/monapi/config/yaml.go
index 26f0fbc5..f9a2694f 100644
--- a/src/modules/monapi/config/yaml.go
+++ b/src/modules/monapi/config/yaml.go
@@ -19,6 +19,7 @@ type Config struct {
 	Cleaner cleanerSection      `yaml:"cleaner"`
 	Link    linkSection         `yaml:"link"`
 	Notify  map[string][]string `yaml:"notify"`
+	Tokens  []string            `yaml:"tokens"`
 }
 
 type linkSection struct {
diff --git a/src/modules/monapi/http/middleware/authorization.go b/src/modules/monapi/http/middleware/authorization.go
index af8c69d6..8a34fceb 100644
--- a/src/modules/monapi/http/middleware/authorization.go
+++ b/src/modules/monapi/http/middleware/authorization.go
@@ -5,10 +5,12 @@ import (
 	"strings"
 
 	"github.com/didi/nightingale/src/model"
+	"github.com/didi/nightingale/src/modules/monapi/config"
 
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 	"github.com/toolkits/pkg/errors"
+	"github.com/toolkits/pkg/slice"
 )
 
 func Logined() gin.HandlerFunc {
@@ -74,7 +76,7 @@ const internalToken = "monapi-builtin-token"
 func CheckHeaderToken() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		token := c.GetHeader("x-srv-token")
-		if token != internalToken {
+		if token != internalToken && !slice.ContainsString(config.Get().Tokens, token) {
 			errors.Bomb("token[%s] invalid", token)
 		}
 		c.Next()
diff --git a/src/modules/monapi/http/routes/routes.go b/src/modules/monapi/http/routes/routes.go
index 01042881..109bc3d5 100644
--- a/src/modules/monapi/http/routes/routes.go
+++ b/src/modules/monapi/http/routes/routes.go
@@ -127,6 +127,8 @@ func Config(r *gin.Engine) {
 	v1 := r.Group("/v1/portal").Use(middleware.CheckHeaderToken())
 	{
 		v1.POST("/endpoint", endpointImport)
+		v1.GET("/tree", treeGet)
+		v1.GET("/endpoints/bynodeids", endpointByNodeIdsGets)
 	}
 
 	transferProxy := r.Group("/api/transfer")

From 834669bf36c52cdf7d858605378786b28d9028e7 Mon Sep 17 00:00:00 2001
From: UlricQin <ulric.qin@gmail.com>
Date: Thu, 28 May 2020 20:28:48 +0800
Subject: [PATCH 2/3] upgrade 2.4.0: support grafana

---
 control                                             | 2 +-
 src/modules/monapi/http/middleware/authorization.go | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/control b/control
index fbb6e3ab..c1f26745 100755
--- a/control
+++ b/control
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # release version
-version=2.3.0
+version=2.4.0
 
 CWD=$(cd $(dirname $0)/; pwd)
 cd $CWD
diff --git a/src/modules/monapi/http/middleware/authorization.go b/src/modules/monapi/http/middleware/authorization.go
index 8a34fceb..fd1f7e21 100644
--- a/src/modules/monapi/http/middleware/authorization.go
+++ b/src/modules/monapi/http/middleware/authorization.go
@@ -70,13 +70,11 @@ func headerUser(c *gin.Context) string {
 	return pair[0]
 }
 
-const internalToken = "monapi-builtin-token"
-
 // CheckHeaderToken check thirdparty x-srv-token
 func CheckHeaderToken() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		token := c.GetHeader("x-srv-token")
-		if token != internalToken && !slice.ContainsString(config.Get().Tokens, token) {
+		if !slice.ContainsString(config.Get().Tokens, token) {
 			errors.Bomb("token[%s] invalid", token)
 		}
 		c.Next()

From a366f144340c089cf20413e1aa69890312c85c9e Mon Sep 17 00:00:00 2001
From: UlricQin <ulric.qin@gmail.com>
Date: Fri, 29 May 2020 16:02:00 +0800
Subject: [PATCH 3/3] upgrade 2.4.1: bugfix: default token

---
 control                                             | 2 +-
 src/modules/monapi/http/middleware/authorization.go | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/control b/control
index c1f26745..ff087d43 100755
--- a/control
+++ b/control
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # release version
-version=2.4.0
+version=2.4.1
 
 CWD=$(cd $(dirname $0)/; pwd)
 cd $CWD
diff --git a/src/modules/monapi/http/middleware/authorization.go b/src/modules/monapi/http/middleware/authorization.go
index fd1f7e21..8a34fceb 100644
--- a/src/modules/monapi/http/middleware/authorization.go
+++ b/src/modules/monapi/http/middleware/authorization.go
@@ -70,11 +70,13 @@ func headerUser(c *gin.Context) string {
 	return pair[0]
 }
 
+const internalToken = "monapi-builtin-token"
+
 // CheckHeaderToken check thirdparty x-srv-token
 func CheckHeaderToken() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		token := c.GetHeader("x-srv-token")
-		if !slice.ContainsString(config.Get().Tokens, token) {
+		if token != internalToken && !slice.ContainsString(config.Get().Tokens, token) {
 			errors.Bomb("token[%s] invalid", token)
 		}
 		c.Next()