Redirect to grafana from inside of Laravel Controller using AuthProxy

1.2k views Asked by At

I am building a Laravel App which connects to Grafana after certain steps. I want users to get redirected to authenticated Grafana page after completing a few steps.

I have followed raintank's blog to setup grafana auth proxy.

But I am confused on where to insert code to redirect inside the Laravel controller so that I can show users the authenticated grafana dashboard page.

The basic localhost:3000 works, but my point of confusion is where to insert the X-WEBAUTH-USER and the user name inside the controller or where to set them.

Being a newbie to Laravel, I am trying to understand where to start off.

1

There are 1 answers

0
sepehr On

It's impossible to redirect to a page with custom headers set, no matter what language or framework you use.

In other words, there's no way to trigger an HTTP redirect and cause the client (browser) to add a custom header. You might be thinking that this code should work just fine:

return redirect()->away('http://localhost:3000', 302, ['X-WEBAUTH-USER', 'username']);

But it won't. You're setting the custom headers for the response which is instructing the browser to redirect, not for the redirect itself.

The only way for a site to instruct a browser to issue an HTTP request with a custom header is to use Javascript and the XMLHttpRequest object. And it needs CORS implemented on the target server to allow such ajax requests.

Please note that a page can not set HTTP request headers unless it's making an async request using XMLHttpRequest. Meaning that you can't do such redirection with the custom header on the client-side as well.

The closest thing you can come up would be to act as a proxy server. Make the request to the second URL yourself and then return the response back to the client instead of redirecting.

You're surely missing something about that Grafana Auth Proxy thing. I'm sure it's not the way it works. I saw that the tutorial was setting up Apache as a proxy server, you might want to go down that way. I think you should re-read it more carefully.