From e538593c6164df46619df88117ed9bcfe0fb81b9 Mon Sep 17 00:00:00 2001 From: "kay.one" Date: Wed, 22 May 2013 19:10:02 -0700 Subject: [PATCH] fixed authentication. at least locally. need to test remote. --- ...nValidator.cs => AuthenticationService.cs} | 20 ++++++++-- .../Authentication/EnableBasicAuthInNancy.cs | 39 +++++++++++++++++++ NzbDrone.Api/Frontend/IndexModule.cs | 1 - NzbDrone.Api/NzbDroneRestModule.cs | 1 - 4 files changed, 55 insertions(+), 6 deletions(-) rename NzbDrone.Api/Authentication/{AuthenticationValidator.cs => AuthenticationService.cs} (52%) create mode 100644 NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs diff --git a/NzbDrone.Api/Authentication/AuthenticationValidator.cs b/NzbDrone.Api/Authentication/AuthenticationService.cs similarity index 52% rename from NzbDrone.Api/Authentication/AuthenticationValidator.cs rename to NzbDrone.Api/Authentication/AuthenticationService.cs index ec8fd1154..02b525a3b 100644 --- a/NzbDrone.Api/Authentication/AuthenticationValidator.cs +++ b/NzbDrone.Api/Authentication/AuthenticationService.cs @@ -5,20 +5,32 @@ using NzbDrone.Common.Model; namespace NzbDrone.Api.Authentication { - public class AuthenticationValidator : IUserValidator + public interface IAuthenticationService : IUserValidator + { + AuthenticationType AuthenticationType { get; } + } + + public class AuthenticationService : IAuthenticationService { private readonly IConfigFileProvider _configFileProvider; + private static readonly NzbDroneUser AnonymousUser = new NzbDroneUser { UserName = "Anonymous" }; - public AuthenticationValidator(IConfigFileProvider configFileProvider) + + public AuthenticationService(IConfigFileProvider configFileProvider) { _configFileProvider = configFileProvider; } + public AuthenticationType AuthenticationType + { + get { return _configFileProvider.AuthenticationType; } + } + public IUserIdentity Validate(string username, string password) { - if (_configFileProvider.AuthenticationType == AuthenticationType.Anonymous) + if (AuthenticationType == AuthenticationType.Anonymous) { - return new NzbDroneUser { UserName = "Anonymous" }; + return AnonymousUser; } if (_configFileProvider.BasicAuthUsername.Equals(username) && diff --git a/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs b/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs new file mode 100644 index 000000000..d3223c270 --- /dev/null +++ b/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs @@ -0,0 +1,39 @@ +using Nancy; +using Nancy.Authentication.Basic; +using Nancy.Bootstrapper; +using NzbDrone.Common.Model; + +namespace NzbDrone.Api.Authentication +{ + public interface IEnableBasicAuthInNancy + { + void Register(IPipelines pipelines); + } + + public class EnableBasicAuthInNancy : IEnableBasicAuthInNancy + { + private readonly IAuthenticationService _authenticationService; + + public EnableBasicAuthInNancy(IAuthenticationService authenticationService) + { + _authenticationService = authenticationService; + } + + public void Register(IPipelines pipelines) + { + pipelines.EnableBasicAuthentication(new BasicAuthenticationConfiguration(_authenticationService, "NzbDrone")); + pipelines.BeforeRequest.AddItemToEndOfPipeline(RequiresAuthentication); + } + + private Response RequiresAuthentication(NancyContext context) + { + Response response = null; + if (context.CurrentUser == null && _authenticationService.AuthenticationType != AuthenticationType.Anonymous) + { + response = new Response { StatusCode = HttpStatusCode.Unauthorized }; + } + + return response; + } + } +} \ No newline at end of file diff --git a/NzbDrone.Api/Frontend/IndexModule.cs b/NzbDrone.Api/Frontend/IndexModule.cs index eb3b1f5c6..ffcbcdf17 100644 --- a/NzbDrone.Api/Frontend/IndexModule.cs +++ b/NzbDrone.Api/Frontend/IndexModule.cs @@ -8,7 +8,6 @@ namespace NzbDrone.Api.Frontend { public IndexModule() { - this.RequiresAuthentication(); //Serve anything that doesn't have an extension Get[@"/(.*)"] = x => Index(); } diff --git a/NzbDrone.Api/NzbDroneRestModule.cs b/NzbDrone.Api/NzbDroneRestModule.cs index 19efa7881..e6246a269 100644 --- a/NzbDrone.Api/NzbDroneRestModule.cs +++ b/NzbDrone.Api/NzbDroneRestModule.cs @@ -13,7 +13,6 @@ namespace NzbDrone.Api protected NzbDroneRestModule() : this(new TResource().ResourceName) { - this.RequiresAuthentication(); } protected NzbDroneRestModule(string resource)