mirror of https://github.com/lidarr/Lidarr
Merged authentication so they don't step on eachother
Fixed: iCal authentication with API Key
This commit is contained in:
Mark McDowall
parent
dfe2746bc6
commit
412291a7c4
|
|
@ -1,6 +1,10 @@
|
|||
using Nancy;
|
||||
using System;
|
||||
using System.Linq;
|
||||
using Nancy;
|
||||
using Nancy.Authentication.Basic;
|
||||
using Nancy.Security;
|
||||
using NzbDrone.Api.Extensions;
|
||||
using NzbDrone.Common;
|
||||
using NzbDrone.Core.Configuration;
|
||||
|
||||
namespace NzbDrone.Api.Authentication
|
||||
|
|
@ -15,10 +19,12 @@ namespace NzbDrone.Api.Authentication
|
|||
{
|
||||
private readonly IConfigFileProvider _configFileProvider;
|
||||
private static readonly NzbDroneUser AnonymousUser = new NzbDroneUser { UserName = "Anonymous" };
|
||||
private static String API_KEY;
|
||||
|
||||
public AuthenticationService(IConfigFileProvider configFileProvider)
|
||||
{
|
||||
_configFileProvider = configFileProvider;
|
||||
API_KEY = configFileProvider.ApiKey;
|
||||
}
|
||||
|
||||
public IUserIdentity Validate(string username, string password)
|
||||
|
|
@ -47,9 +53,71 @@ namespace NzbDrone.Api.Authentication
|
|||
|
||||
public bool IsAuthenticated(NancyContext context)
|
||||
{
|
||||
if (context.CurrentUser == null && _configFileProvider.AuthenticationEnabled) return false;
|
||||
var apiKey = GetApiKey(context);
|
||||
|
||||
return true;
|
||||
if (context.Request.IsApiRequest())
|
||||
{
|
||||
return ValidApiKey(apiKey);
|
||||
}
|
||||
|
||||
if (context.Request.IsFeedRequest())
|
||||
{
|
||||
if (!Enabled)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
if (ValidUser(context) || ValidApiKey(apiKey))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!Enabled)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
if (ValidUser(context))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
private bool ValidUser(NancyContext context)
|
||||
{
|
||||
if (context.CurrentUser != null) return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
private bool ValidApiKey(string apiKey)
|
||||
{
|
||||
if (API_KEY.Equals(apiKey)) return true;
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
private string GetApiKey(NancyContext context)
|
||||
{
|
||||
var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
|
||||
var apiKeyQueryString = context.Request.Query["ApiKey"];
|
||||
|
||||
if (!apiKeyHeader.IsNullOrWhiteSpace())
|
||||
{
|
||||
return apiKeyHeader;
|
||||
}
|
||||
|
||||
if (apiKeyQueryString.HasValue)
|
||||
{
|
||||
return apiKeyQueryString.Value;
|
||||
}
|
||||
|
||||
return context.Request.Headers.Authorization;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,16 +1,15 @@
|
|||
using Nancy;
|
||||
using Nancy.Authentication.Basic;
|
||||
using Nancy.Bootstrapper;
|
||||
using NzbDrone.Api.Extensions;
|
||||
using NzbDrone.Api.Extensions.Pipelines;
|
||||
|
||||
namespace NzbDrone.Api.Authentication
|
||||
{
|
||||
public class EnableBasicAuthInNancy : IRegisterNancyPipeline
|
||||
public class EnableAuthInNancy : IRegisterNancyPipeline
|
||||
{
|
||||
private readonly IAuthenticationService _authenticationService;
|
||||
|
||||
public EnableBasicAuthInNancy(IAuthenticationService authenticationService)
|
||||
public EnableAuthInNancy(IAuthenticationService authenticationService)
|
||||
{
|
||||
_authenticationService = authenticationService;
|
||||
}
|
||||
|
|
@ -25,7 +24,7 @@ namespace NzbDrone.Api.Authentication
|
|||
{
|
||||
Response response = null;
|
||||
|
||||
if (!context.Request.IsApiRequest() && !_authenticationService.IsAuthenticated(context))
|
||||
if (!_authenticationService.IsAuthenticated(context))
|
||||
{
|
||||
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
||||
}
|
||||
|
|
@ -1,65 +0,0 @@
|
|||
using System;
|
||||
using System.Linq;
|
||||
using Nancy;
|
||||
using Nancy.Bootstrapper;
|
||||
using NzbDrone.Api.Extensions;
|
||||
using NzbDrone.Api.Extensions.Pipelines;
|
||||
using NzbDrone.Common;
|
||||
using NzbDrone.Core.Configuration;
|
||||
|
||||
namespace NzbDrone.Api.Authentication
|
||||
{
|
||||
public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
|
||||
{
|
||||
private static String API_KEY;
|
||||
|
||||
public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider)
|
||||
{
|
||||
API_KEY = configFileProvider.ApiKey;
|
||||
}
|
||||
|
||||
public void Register(IPipelines pipelines)
|
||||
{
|
||||
pipelines.BeforeRequest.AddItemToEndOfPipeline(ValidateApiKey);
|
||||
}
|
||||
|
||||
public Response ValidateApiKey(NancyContext context)
|
||||
{
|
||||
Response response = null;
|
||||
|
||||
var apiKey = GetApiKey(context);
|
||||
|
||||
if ((context.Request.IsApiRequest() || context.Request.IsFeedRequest()) && !ValidApiKey(apiKey))
|
||||
{
|
||||
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
||||
}
|
||||
|
||||
return response;
|
||||
}
|
||||
|
||||
private bool ValidApiKey(string apiKey)
|
||||
{
|
||||
if (!API_KEY.Equals(apiKey)) return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
private string GetApiKey(NancyContext context)
|
||||
{
|
||||
var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
|
||||
var apiKeyQueryString = context.Request.Query["ApiKey"];
|
||||
|
||||
if (!apiKeyHeader.IsNullOrWhiteSpace())
|
||||
{
|
||||
return apiKeyHeader;
|
||||
}
|
||||
|
||||
if (apiKeyQueryString.HasValue)
|
||||
{
|
||||
return apiKeyQueryString.Value;
|
||||
}
|
||||
|
||||
return context.Request.Headers.Authorization;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -85,8 +85,7 @@
|
|||
<Link>Properties\SharedAssemblyInfo.cs</Link>
|
||||
</Compile>
|
||||
<Compile Include="Authentication\AuthenticationService.cs" />
|
||||
<Compile Include="Authentication\EnableStatelessAuthInNancy.cs" />
|
||||
<Compile Include="Authentication\EnableBasicAuthInNancy.cs" />
|
||||
<Compile Include="Authentication\EnableAuthInNancy.cs" />
|
||||
<Compile Include="Authentication\NzbDroneUser.cs" />
|
||||
<Compile Include="Blacklist\BlacklistModule.cs" />
|
||||
<Compile Include="Blacklist\BlacklistResource.cs" />
|
||||
|
|
|
|||
Loading…
Reference in New Issue