fixed authentication. at least locally. need to test remote.

NzbDrone.Api/Authentication/AuthenticationService.cs

@@ -5,20 +5,32 @@ using NzbDrone.Common.Model;
 
 namespace NzbDrone.Api.Authentication
 {
-    public class AuthenticationValidator : IUserValidator
+    public interface IAuthenticationService : IUserValidator
+    {
+        AuthenticationType AuthenticationType { get; }
+    }
+
+    public class AuthenticationService : IAuthenticationService
     {
         private readonly IConfigFileProvider _configFileProvider;
+        private static readonly NzbDroneUser AnonymousUser = new NzbDroneUser { UserName = "Anonymous" };
 
-        public AuthenticationValidator(IConfigFileProvider configFileProvider)
+
+        public AuthenticationService(IConfigFileProvider configFileProvider)
         {
             _configFileProvider = configFileProvider;
         }
 
+        public AuthenticationType AuthenticationType
+        {
+            get { return _configFileProvider.AuthenticationType; }
+        }
+
         public IUserIdentity Validate(string username, string password)
         {
-            if (_configFileProvider.AuthenticationType == AuthenticationType.Anonymous)
+            if (AuthenticationType == AuthenticationType.Anonymous)
             {
-                return new NzbDroneUser { UserName = "Anonymous" };
+                return AnonymousUser;
             }
 
             if (_configFileProvider.BasicAuthUsername.Equals(username) &&

NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs

@@ -0,0 +1,39 @@
+using Nancy;
+using Nancy.Authentication.Basic;
+using Nancy.Bootstrapper;
+using NzbDrone.Common.Model;
+
+namespace NzbDrone.Api.Authentication
+{
+    public interface IEnableBasicAuthInNancy
+    {
+        void Register(IPipelines pipelines);
+    }
+
+    public class EnableBasicAuthInNancy : IEnableBasicAuthInNancy
+    {
+        private readonly IAuthenticationService _authenticationService;
+
+        public EnableBasicAuthInNancy(IAuthenticationService authenticationService)
+        {
+            _authenticationService = authenticationService;
+        }
+
+        public void Register(IPipelines pipelines)
+        {
+            pipelines.EnableBasicAuthentication(new BasicAuthenticationConfiguration(_authenticationService, "NzbDrone"));
+            pipelines.BeforeRequest.AddItemToEndOfPipeline(RequiresAuthentication);
+        }
+
+        private Response RequiresAuthentication(NancyContext context)
+        {
+            Response response = null;
+            if (context.CurrentUser == null && _authenticationService.AuthenticationType != AuthenticationType.Anonymous)
+            {
+                response = new Response { StatusCode = HttpStatusCode.Unauthorized };
+            }
+
+            return response;
+        }
+    }
+}

NzbDrone.Api/Frontend/IndexModule.cs

@@ -8,7 +8,6 @@ namespace NzbDrone.Api.Frontend
     {
         public IndexModule()
         {
-            this.RequiresAuthentication();
             //Serve anything that doesn't have an extension
             Get[@"/(.*)"] = x => Index();
         }

NzbDrone.Api/NzbDroneRestModule.cs

@@ -13,7 +13,6 @@ namespace NzbDrone.Api
         protected NzbDroneRestModule()
             : this(new TResource().ResourceName)
         {
-            this.RequiresAuthentication();
         }
 
         protected NzbDroneRestModule(string resource)