How to get currently logged in USERID in plugin?

dianadijan · August 22, 2016, 9:55pm

I am developing a plugin for Kibana 4.3.0

How to get the userid of currently logged in Kibana user?

cjcenizal · August 23, 2016, 6:06pm

Hi Diana,

Users don't have IDs; instead they're only identified by user name. When developing the server portion of your plugin, you can define a route handler which can access the request.auth.credentials object, which has a username property. Does this meet your needs?

Thanks,
CJ

dianadijan · September 2, 2016, 6:07pm

Hi @cjcenizal
Can you please provide sample code snippet ?

cjcenizal · September 2, 2016, 9:01pm

Hi Diana,

I'm sorry, I just realized that there's no way to do what you want in 4.3.0, but we will be able to access Shield user information in 5.0. I apologize for my mistake!

CJ

dianadijan · September 2, 2016, 9:09pm

Hi @cjcenizal ,

In my case, Authentication is incorporated in 4.3.0 using armor plugin (in our case). When user hits kibana URL, it redirects to SSO page (single sign on) and returns back to kibana main page after authentication. Thus 3 URLs are hit in a single call

I wonder how i can get the user credential detail , just by using Angular JS code (and not going thorugh server programming)

I have got this link , to read response headers

Wondering how to read request header, when I do not know which of the 3 URL sends credentials

Any suggesstions?

Thank you!!

cjcenizal · September 6, 2016, 5:21pm

Hi Diana, I'm afraid I'm not familiar with the Armor plugin. Is this the one? https://github.com/petalmd/armor

Have you tried asking the implementers of this plugin for help?

CJ

Kikketer · April 17, 2017, 8:26pm

Hey @cjcenizal,
This doesn't seem to work in 5.2.2. According to the docs for Hapi.js the request.auth.credentials.user should be the current user. However credentials is undefined when I'm using xpack.

How do I get the currently logged in user when using xpack?

cjcenizal · April 17, 2017, 10:51pm

Hi Chris,

So your server-side plugin should define an init method which accepts server as an argument. You can retrieve a getUser method exposed by X-Pack's security plugin at server.plugins.security.getUser. Then, whenever Hapi handles a request, you can call this method to get information about the user, like this:

const handleRequest = request  => {
    const getUser = server.plugins.security.getUser;
    const user = request;
};

Keep in mind that our plugin API is not stable, so it's very possible this will break without warning at some point in the future! I hope this helps.

Thanks,
CJ

Kikketer · April 18, 2017, 2:16am

Fantastic, thank you. Was there documentation I missed on this?

Kikketer · April 18, 2017, 2:01pm

For anyone that has a similar question, this is what I ended up doing to get the currently logged in user.

      if (server.plugins.security) {
        server.plugins.security.getUser(req).then(user => {
          ticket.fields.reporter.name = user.username

This is all within my handler for an endpoint. Thanks @cjcenizal and I know it may break without warning, but I enjoy living on the edge

cjcenizal · April 18, 2017, 9:00pm

Thanks for posting your solution, Chris! Glad I could help. I don't think this was noted anywhere in the documentation, but if you or anyone else is interested, here are some resources: