Auth Grafana with Reverse proxy in <iframe> for html or with ( axios , http) in nodejs express

Grafana Authentication
, ,
1

hello everyone , im new in grafana , i want to allow users use their dashboards in my web project with totaly security , so after along search i found that i should use the reverse proxy because that the token of authentication is not from authorization in grafana ( correct me please if im wrong ) , so i made this code of httpd.conf

ServerRoot "/usr/local/apache2"
Listen 80

# Load MPM module - choose one based on your needs
LoadModule mpm_event_module modules/mod_mpm_event.so

LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so

<IfModule unixd_module>
User daemon
Group daemon
</IfModule>

ServerAdmin localhost

<Directory />
    AllowOverride none
    Require all denied
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    Header set Access-Control-Allow-Headers "Content-Type, Authorization"

</Directory>

DocumentRoot "/usr/local/apache2/htdocs"

ErrorLog /proc/self/fd/2
LogLevel error

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog /proc/self/fd/1 common
</IfModule>
<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
    Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    Header set Access-Control-Allow-Headers "Authorization, Content-Type"
</IfModule>

<Proxy *>
    AuthType Basic
    AuthName "GrafanaAuthProxy"
    AuthBasicProvider file
    AuthUserFile "/tmp/htpasswd"
    Require valid-user
    RewriteEngine On
    RewriteRule .* - [E=PROXY_USER:%{LA-U:REMOTE_USER},NS]
    RequestHeader set X-WEBAUTH-USER "%{PROXY_USER}e"
</Proxy>

RequestHeader unset Authorization
ProxyRequests Off
ProxyPass / http://grafana:3000/
ProxyPassReverse / http://grafana:3000/

and the htpasswd is like that

anthony:{SHA}bhpDjP5abJ4hZWZfjCJYhJzMQ/A=

now no one of the iframe , and the backend allow me to use any format of login , with authorizatio , or with user:passw@localhost , any one can suggest me a code of once to help me