Hi, I am using Grafana to visualize different metrics for our DB and Server. And as per requirement I have created a React app and embedded those individual panels in the app using IFrame. But now the problem is that iframe is not protected even if I do have an auth setup for react app. So I was thinking of ways to secure my data and prevent panels from showing data to unauthorized personals.
I have come up with a crude idea and I would like to get some thoughts and opinions about it.
I can create a token that will be created on a successful login on the react+nodejs app and saved in DB with creation time and expiry time. This token will then be passed to the Panel using the query parameter and in the panel query, I can check if that token is valid + not expired. If it is invalid/expired then the query will not return any data for the panel to show and if is valid and not expired then the panel will show the relative data.
And for tokens in DB, I can create a cron-job that will check for expired tokens in DB and remove them after a specific duration every time.
P.s for queries I have created a DB user with only SELECT permission.