Revised Authentication logic for api and logfiles.

2025-01-03 05:35:29 +00:00 · 2014-03-27 23:13:31 +01:00 · 2014-03-27 23:13:31 +01:00 · f92aded4f0
commit f92aded4f0
parent 9645fb07db
4 changed files with 23 additions and 24 deletions
--- a/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
+++ b/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
@ -12,12 +12,10 @@ namespace NzbDrone.Api.Authentication
 {
    public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
    {
-        private readonly IAuthenticationService _authenticationService;
        private static String API_KEY;

-        public EnableStatelessAuthInNancy(IAuthenticationService authenticationService, IConfigFileProvider configFileProvider)
+        public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider)
        {
-            _authenticationService = authenticationService;
            API_KEY = configFileProvider.ApiKey;
        }

@ -29,17 +27,12 @@ namespace NzbDrone.Api.Authentication
        public Response ValidateApiKey(NancyContext context)
        {
            Response response = null;
-            
-            if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
-            {
-                return response;
-            }

            var authorizationHeader = context.Request.Headers.Authorization;
            var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
            var apiKey = apiKeyHeader.IsNullOrWhiteSpace() ? authorizationHeader : apiKeyHeader;

-            if (context.Request.IsApiRequest() && !ValidApiKey(apiKey) && !IsAuthenticated(context))
+            if (context.Request.IsApiRequest() && !ValidApiKey(apiKey))
            {
                response = new Response { StatusCode = HttpStatusCode.Unauthorized };
            }
@ -49,15 +42,9 @@ namespace NzbDrone.Api.Authentication

        private bool ValidApiKey(string apiKey)
        {
-            if (apiKey.IsNullOrWhiteSpace()) return false;
-            if (!apiKey.Equals(API_KEY)) return false;
+            if (!API_KEY.Equals(apiKey)) return false;

            return true;
        }
-
-        private bool IsAuthenticated(NancyContext context)
-        {
-            return _authenticationService.Enabled && _authenticationService.IsAuthenticated(context);
-        }
    }
 }
--- a/src/NzbDrone.Api/Extensions/RequestExtensions.cs
+++ b/src/NzbDrone.Api/Extensions/RequestExtensions.cs
@ -7,7 +7,7 @@ namespace NzbDrone.Api.Extensions
    {
        public static bool IsApiRequest(this Request request)
        {
-            return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase) || request.IsLogFileRequest();
+            return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase);
        }

        public static bool IsSignalRRequest(this Request request)
@ -21,11 +21,5 @@ namespace NzbDrone.Api.Extensions
                    request.UserHostAddress.Equals("127.0.0.1") ||
                    request.UserHostAddress.Equals("::1"));
        }
-
-        private static bool IsLogFileRequest(this Request request)
-        {
-            return request.Path.StartsWith("/log/", StringComparison.InvariantCultureIgnoreCase) &&
-                   request.Path.EndsWith(".txt", StringComparison.InvariantCultureIgnoreCase);
-        }
    }
 }
--- a/src/NzbDrone.Api/Logs/LogFileModule.cs
+++ b/src/NzbDrone.Api/Logs/LogFileModule.cs
@ -4,11 +4,15 @@ using System.Linq;
 using NzbDrone.Common;
 using NzbDrone.Common.Disk;
 using NzbDrone.Common.EnvironmentInfo;
+using Nancy;
+using Nancy.Responses;

 namespace NzbDrone.Api.Logs
 {
    public class LogFileModule : NzbDroneRestModule<LogFileResource>
    {
+        private const string LOGFILE_ROUTE = @"/(?<filename>nzbdrone(?:\.\d+)?\.txt)";
+
        private readonly IAppFolderInfo _appFolderInfo;
        private readonly IDiskProvider _diskProvider;

@ -19,6 +23,8 @@ namespace NzbDrone.Api.Logs
            _appFolderInfo = appFolderInfo;
            _diskProvider = diskProvider;
            GetResourceAll = GetLogFiles;
+
+            Get[LOGFILE_ROUTE] = options => GetLogFile(options.filename);
        }

        private List<LogFileResource> GetLogFiles()
@ -41,5 +47,17 @@ namespace NzbDrone.Api.Logs

            return result.OrderByDescending(l => l.LastWriteTime).ToList();
        }
+
+        private Response GetLogFile(string filename)
+        {
+            var filePath = Path.Combine(_appFolderInfo.GetLogFolder(), filename);
+
+            if (!_diskProvider.FileExists(filePath))
+                return new NotFoundResponse();
+
+            var data = _diskProvider.ReadAllText(filePath);
+            
+            return new TextResponse(data);
+        }
    }
 }
--- a/src/UI/System/Logs/Files/ContentsModel.js
+++ b/src/UI/System/Logs/Files/ContentsModel.js
@ -6,7 +6,7 @@ define(
    ], function (Backbone, StatusModel) {
        return Backbone.Model.extend({
            url: function () {
-                return StatusModel.get('urlBase') + '/logfile/' + this.get('filename');
+                return StatusModel.get('urlBase') + '/api/log/file/' + this.get('filename');
            },

            parse: function (contents) {