To try and prevent any security issues, use an external package to
generate key instead of doing it ourselves. Note: we have to use nanoid
version 3 as nanoid version 4 requires ESM. Currently, nanoid v3 is
still supported.
Signed-off-by: Matthew Nickson <mnickson@sidingsmedia.com>
API key authentication is now possible by making use of the X-API-Key
header. API authentication will only be enabled when a user adds their
first API key, up until this point, they can still use their username
and password to authenticate with API endpoints. After the user adds
their first API key, they may only use API keys in future to
authenticate with the API.
In this commit, the prometheus /metrics endpoint has been changed over
to the new authentication system.
Signed-off-by: Matthew Nickson <mnickson@sidingsmedia.com>
Web interfaces for manging API keys have been added however translation
keys are still required.
Signed-off-by: Matthew Nickson <mnickson@sidingsmedia.com>
This should fully implement #1221 by modifying the API and adding two
new properties to the result. The `sendUrl` property denotes if the URL
is sent and `url` is included when required.
Client side checks have been implemented in order to only show a link
when the URL is vaugely correct. I.e not "" or "https://". This prevents
the link from being included if the monitor type is not HTTP without
having to publicly expose the monitor type.
The exposure of the URL is configuarable for each monitor on each
status page by clicking on the link icon.
Signed-off-by: Matthew Nickson <mnickson@sidingsmedia.com>