mirror of https://github.com/Radarr/Radarr
Allow Basic Auth on API
This commit is contained in:
parent
c5ae38638a
commit
5841140c99
|
@ -1,4 +1,6 @@
|
||||||
using Nancy.Authentication.Basic;
|
using System;
|
||||||
|
using Nancy;
|
||||||
|
using Nancy.Authentication.Basic;
|
||||||
using Nancy.Security;
|
using Nancy.Security;
|
||||||
using NzbDrone.Core.Configuration;
|
using NzbDrone.Core.Configuration;
|
||||||
|
|
||||||
|
@ -7,6 +9,7 @@ namespace NzbDrone.Api.Authentication
|
||||||
public interface IAuthenticationService : IUserValidator
|
public interface IAuthenticationService : IUserValidator
|
||||||
{
|
{
|
||||||
bool Enabled { get; }
|
bool Enabled { get; }
|
||||||
|
bool IsAuthenticated(NancyContext context);
|
||||||
}
|
}
|
||||||
|
|
||||||
public class AuthenticationService : IAuthenticationService
|
public class AuthenticationService : IAuthenticationService
|
||||||
|
@ -44,5 +47,12 @@ namespace NzbDrone.Api.Authentication
|
||||||
return _configFileProvider.AuthenticationEnabled;
|
return _configFileProvider.AuthenticationEnabled;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public bool IsAuthenticated(NancyContext context)
|
||||||
|
{
|
||||||
|
if (context.CurrentUser == null && _configFileProvider.AuthenticationEnabled) return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,9 +25,7 @@ namespace NzbDrone.Api.Authentication
|
||||||
{
|
{
|
||||||
Response response = null;
|
Response response = null;
|
||||||
|
|
||||||
if (!context.Request.IsApiRequest() &&
|
if (!context.Request.IsApiRequest() && !_authenticationService.IsAuthenticated(context))
|
||||||
context.CurrentUser == null &&
|
|
||||||
_authenticationService.Enabled)
|
|
||||||
{
|
{
|
||||||
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,10 +11,12 @@ namespace NzbDrone.Api.Authentication
|
||||||
{
|
{
|
||||||
public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
|
public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
|
||||||
{
|
{
|
||||||
|
private readonly IAuthenticationService _authenticationService;
|
||||||
private readonly IConfigFileProvider _configFileProvider;
|
private readonly IConfigFileProvider _configFileProvider;
|
||||||
|
|
||||||
public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider)
|
public EnableStatelessAuthInNancy(IAuthenticationService authenticationService, IConfigFileProvider configFileProvider)
|
||||||
{
|
{
|
||||||
|
_authenticationService = authenticationService;
|
||||||
_configFileProvider = configFileProvider;
|
_configFileProvider = configFileProvider;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -27,20 +29,27 @@ namespace NzbDrone.Api.Authentication
|
||||||
{
|
{
|
||||||
Response response = null;
|
Response response = null;
|
||||||
|
|
||||||
if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
|
// if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
|
||||||
{
|
// {
|
||||||
return response;
|
// return response;
|
||||||
}
|
// }
|
||||||
|
|
||||||
var apiKey = context.Request.Headers.Authorization;
|
var apiKey = context.Request.Headers.Authorization;
|
||||||
|
|
||||||
if (context.Request.IsApiRequest() &&
|
if (context.Request.IsApiRequest() && !ValidApiKey(apiKey) && !_authenticationService.IsAuthenticated(context))
|
||||||
(String.IsNullOrWhiteSpace(apiKey) || !apiKey.Equals(_configFileProvider.ApiKey)))
|
|
||||||
{
|
{
|
||||||
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
||||||
}
|
}
|
||||||
|
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private bool ValidApiKey(string apiKey)
|
||||||
|
{
|
||||||
|
if (String.IsNullOrWhiteSpace(apiKey)) return false;
|
||||||
|
if (!apiKey.Equals(_configFileProvider.ApiKey)) return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue