How to get currently logged in USERID in plugin?


(Diana) #1

I am developing a plugin for Kibana 4.3.0

How to get the userid of currently logged in Kibana user?


(CJ Cenizal) #2

Hi Diana,

Users don't have IDs; instead they're only identified by user name. When developing the server portion of your plugin, you can define a route handler which can access the request.auth.credentials object, which has a username property. Does this meet your needs?

Thanks,
CJ


(Diana) #3

Hi @cjcenizal
Can you please provide sample code snippet ?


(CJ Cenizal) #4

Hi Diana,

I'm sorry, I just realized that there's no way to do what you want in 4.3.0, but we will be able to access Shield user information in 5.0. I apologize for my mistake!

CJ


(Diana) #5

Hi @cjcenizal ,

In my case, Authentication is incorporated in 4.3.0 using armor plugin (in our case). When user hits kibana URL, it redirects to SSO page (single sign on) and returns back to kibana main page after authentication. Thus 3 URLs are hit in a single call

I wonder how i can get the user credential detail , just by using Angular JS code (and not going thorugh server programming)

I have got this link , to read response headers

Wondering how to read request header, when I do not know which of the 3 URL sends credentials

Any suggesstions?

Thank you!!


(CJ Cenizal) #6

Hi Diana, I'm afraid I'm not familiar with the Armor plugin. Is this the one? https://github.com/petalmd/armor

Have you tried asking the implementers of this plugin for help?

CJ


(Chris Weed) #7

Hey @cjcenizal,
This doesn't seem to work in 5.2.2. According to the docs for Hapi.js the request.auth.credentials.user should be the current user. However credentials is undefined when I'm using xpack.

How do I get the currently logged in user when using xpack?


(CJ Cenizal) #8

Hi Chris,

So your server-side plugin should define an init method which accepts server as an argument. You can retrieve a getUser method exposed by X-Pack's security plugin at server.plugins.security.getUser. Then, whenever Hapi handles a request, you can call this method to get information about the user, like this:

const handleRequest = request  => {
    const getUser = server.plugins.security.getUser;
    const user = request;
};

Keep in mind that our plugin API is not stable, so it's very possible this will break without warning at some point in the future! I hope this helps.

Thanks,
CJ


Access XPack user's username from a plugin
(Chris Weed) #9

Fantastic, thank you. Was there documentation I missed on this?


(Chris Weed) #10

For anyone that has a similar question, this is what I ended up doing to get the currently logged in user.

      if (server.plugins.security) {
        server.plugins.security.getUser(req).then(user => {
          ticket.fields.reporter.name = user.username

This is all within my handler for an endpoint. Thanks @cjcenizal and I know it may break without warning, but I enjoy living on the edge :wink:


(CJ Cenizal) #11

Thanks for posting your solution, Chris! Glad I could help. I don't think this was noted anywhere in the documentation, but if you or anyone else is interested, here are some resources:


(system) #12