From 5841140c99d08ca156ac5a523b5268b01b5abc7e Mon Sep 17 00:00:00 2001 From: Mark McDowall Date: Mon, 23 Sep 2013 15:31:50 -0700 Subject: [PATCH] Allow Basic Auth on API --- .../Authentication/AuthenticationService.cs | 12 +++++++++- .../Authentication/EnableBasicAuthInNancy.cs | 4 +--- .../EnableStatelessAuthInNancy.cs | 23 +++++++++++++------ 3 files changed, 28 insertions(+), 11 deletions(-) diff --git a/NzbDrone.Api/Authentication/AuthenticationService.cs b/NzbDrone.Api/Authentication/AuthenticationService.cs index 17d7e5022..961dc22e4 100644 --- a/NzbDrone.Api/Authentication/AuthenticationService.cs +++ b/NzbDrone.Api/Authentication/AuthenticationService.cs @@ -1,4 +1,6 @@ -using Nancy.Authentication.Basic; +using System; +using Nancy; +using Nancy.Authentication.Basic; using Nancy.Security; using NzbDrone.Core.Configuration; @@ -7,6 +9,7 @@ namespace NzbDrone.Api.Authentication public interface IAuthenticationService : IUserValidator { bool Enabled { get; } + bool IsAuthenticated(NancyContext context); } public class AuthenticationService : IAuthenticationService @@ -44,5 +47,12 @@ namespace NzbDrone.Api.Authentication return _configFileProvider.AuthenticationEnabled; } } + + public bool IsAuthenticated(NancyContext context) + { + if (context.CurrentUser == null && _configFileProvider.AuthenticationEnabled) return false; + + return true; + } } } diff --git a/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs b/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs index a6994caf3..c5622eb75 100644 --- a/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs +++ b/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs @@ -25,9 +25,7 @@ namespace NzbDrone.Api.Authentication { Response response = null; - if (!context.Request.IsApiRequest() && - context.CurrentUser == null && - _authenticationService.Enabled) + if (!context.Request.IsApiRequest() && !_authenticationService.IsAuthenticated(context)) { response = new Response { StatusCode = HttpStatusCode.Unauthorized }; } diff --git a/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs b/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs index 68d737387..8896482b2 100644 --- a/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs +++ b/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs @@ -11,10 +11,12 @@ namespace NzbDrone.Api.Authentication { public class EnableStatelessAuthInNancy : IRegisterNancyPipeline { + private readonly IAuthenticationService _authenticationService; private readonly IConfigFileProvider _configFileProvider; - public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider) + public EnableStatelessAuthInNancy(IAuthenticationService authenticationService, IConfigFileProvider configFileProvider) { + _authenticationService = authenticationService; _configFileProvider = configFileProvider; } @@ -27,20 +29,27 @@ namespace NzbDrone.Api.Authentication { Response response = null; - if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest()) - { - return response; - } +// if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest()) +// { +// return response; +// } var apiKey = context.Request.Headers.Authorization; - if (context.Request.IsApiRequest() && - (String.IsNullOrWhiteSpace(apiKey) || !apiKey.Equals(_configFileProvider.ApiKey))) + if (context.Request.IsApiRequest() && !ValidApiKey(apiKey) && !_authenticationService.IsAuthenticated(context)) { response = new Response { StatusCode = HttpStatusCode.Unauthorized }; } return response; } + + private bool ValidApiKey(string apiKey) + { + if (String.IsNullOrWhiteSpace(apiKey)) return false; + if (!apiKey.Equals(_configFileProvider.ApiKey)) return false; + + return true; + } } } \ No newline at end of file