RPC Sink Token-Based Authentication

[Fathimah1210]

The issues:

1. Current Authenticated RPC Access, the RPC endpoints like for metric collection lack authentication, allowing any client to submit fake triggers or metric alerts.
2. Plaintext communication for all RPC traffic, including sensitive database metrics, is transmitted over unencrypted HTTP.
3. No audit trails, failed authentication attempts, or unauthorized access are logged, making intrusion detection impossible.

The solution:

1. Token-based RPC Auth for implementing a mandatory token system via the AuthRequest wrapper for all RPC calls. The clients must provide a valid token to submit metrics in internal/sinks/rpc.go
2. Centralized validation for auth logic is isolated in AuthenticatedWrapper (token verification, data extraction, and error logging)
3. Audit logging to log authentication failures, like invalid tokens, with the timestamps in log.Println("[ERROR] Authentication failed")

Alternatives you have considered:
TLS Encryption: It will prioritize the auth login at first.

Thank you for your time and consideration. Looking forward to your feedback!

PR #711

[ondar]

The UI is for testing only. For production setup I advise to disable it and configure through DB or files.

[pashagolub]

@ondar this is not about UI. it's about RPC sinks

[ondar]

@ondar this is not about UI. it's about RPC sinks

Ah my bad. Please disregard my previous comment.

[pashagolub]

#711 is rejected:

• tests failed
• aggressive breaking changes
• extrenal dependencies

But I like the whole idea.