From f92aded4f09713a543d2d95c8018530f52ab07cc Mon Sep 17 00:00:00 2001 From: Taloth Saldono Date: Thu, 27 Mar 2014 23:13:31 +0100 Subject: [PATCH] Revised Authentication logic for api and logfiles. --- .../EnableStatelessAuthInNancy.cs | 19 +++---------------- .../Extensions/RequestExtensions.cs | 8 +------- src/NzbDrone.Api/Logs/LogFileModule.cs | 18 ++++++++++++++++++ src/UI/System/Logs/Files/ContentsModel.js | 2 +- 4 files changed, 23 insertions(+), 24 deletions(-) diff --git a/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs b/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs index 8996690bd..1bcb8685e 100644 --- a/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs +++ b/src/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs @@ -12,12 +12,10 @@ namespace NzbDrone.Api.Authentication { public class EnableStatelessAuthInNancy : IRegisterNancyPipeline { - private readonly IAuthenticationService _authenticationService; private static String API_KEY; - public EnableStatelessAuthInNancy(IAuthenticationService authenticationService, IConfigFileProvider configFileProvider) + public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider) { - _authenticationService = authenticationService; API_KEY = configFileProvider.ApiKey; } @@ -29,17 +27,12 @@ namespace NzbDrone.Api.Authentication public Response ValidateApiKey(NancyContext context) { Response response = null; - - if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest()) - { - return response; - } var authorizationHeader = context.Request.Headers.Authorization; var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault(); var apiKey = apiKeyHeader.IsNullOrWhiteSpace() ? authorizationHeader : apiKeyHeader; - if (context.Request.IsApiRequest() && !ValidApiKey(apiKey) && !IsAuthenticated(context)) + if (context.Request.IsApiRequest() && !ValidApiKey(apiKey)) { response = new Response { StatusCode = HttpStatusCode.Unauthorized }; } @@ -49,15 +42,9 @@ namespace NzbDrone.Api.Authentication private bool ValidApiKey(string apiKey) { - if (apiKey.IsNullOrWhiteSpace()) return false; - if (!apiKey.Equals(API_KEY)) return false; + if (!API_KEY.Equals(apiKey)) return false; return true; } - - private bool IsAuthenticated(NancyContext context) - { - return _authenticationService.Enabled && _authenticationService.IsAuthenticated(context); - } } } \ No newline at end of file diff --git a/src/NzbDrone.Api/Extensions/RequestExtensions.cs b/src/NzbDrone.Api/Extensions/RequestExtensions.cs index 672cdb7d5..02686deb6 100644 --- a/src/NzbDrone.Api/Extensions/RequestExtensions.cs +++ b/src/NzbDrone.Api/Extensions/RequestExtensions.cs @@ -7,7 +7,7 @@ namespace NzbDrone.Api.Extensions { public static bool IsApiRequest(this Request request) { - return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase) || request.IsLogFileRequest(); + return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase); } public static bool IsSignalRRequest(this Request request) @@ -21,11 +21,5 @@ namespace NzbDrone.Api.Extensions request.UserHostAddress.Equals("127.0.0.1") || request.UserHostAddress.Equals("::1")); } - - private static bool IsLogFileRequest(this Request request) - { - return request.Path.StartsWith("/log/", StringComparison.InvariantCultureIgnoreCase) && - request.Path.EndsWith(".txt", StringComparison.InvariantCultureIgnoreCase); - } } } diff --git a/src/NzbDrone.Api/Logs/LogFileModule.cs b/src/NzbDrone.Api/Logs/LogFileModule.cs index 94153428a..b44e77b6d 100644 --- a/src/NzbDrone.Api/Logs/LogFileModule.cs +++ b/src/NzbDrone.Api/Logs/LogFileModule.cs @@ -4,11 +4,15 @@ using System.Linq; using NzbDrone.Common; using NzbDrone.Common.Disk; using NzbDrone.Common.EnvironmentInfo; +using Nancy; +using Nancy.Responses; namespace NzbDrone.Api.Logs { public class LogFileModule : NzbDroneRestModule { + private const string LOGFILE_ROUTE = @"/(?nzbdrone(?:\.\d+)?\.txt)"; + private readonly IAppFolderInfo _appFolderInfo; private readonly IDiskProvider _diskProvider; @@ -19,6 +23,8 @@ namespace NzbDrone.Api.Logs _appFolderInfo = appFolderInfo; _diskProvider = diskProvider; GetResourceAll = GetLogFiles; + + Get[LOGFILE_ROUTE] = options => GetLogFile(options.filename); } private List GetLogFiles() @@ -41,5 +47,17 @@ namespace NzbDrone.Api.Logs return result.OrderByDescending(l => l.LastWriteTime).ToList(); } + + private Response GetLogFile(string filename) + { + var filePath = Path.Combine(_appFolderInfo.GetLogFolder(), filename); + + if (!_diskProvider.FileExists(filePath)) + return new NotFoundResponse(); + + var data = _diskProvider.ReadAllText(filePath); + + return new TextResponse(data); + } } } \ No newline at end of file diff --git a/src/UI/System/Logs/Files/ContentsModel.js b/src/UI/System/Logs/Files/ContentsModel.js index b8d2bdc73..d109013dc 100644 --- a/src/UI/System/Logs/Files/ContentsModel.js +++ b/src/UI/System/Logs/Files/ContentsModel.js @@ -6,7 +6,7 @@ define( ], function (Backbone, StatusModel) { return Backbone.Model.extend({ url: function () { - return StatusModel.get('urlBase') + '/logfile/' + this.get('filename'); + return StatusModel.get('urlBase') + '/api/log/file/' + this.get('filename'); }, parse: function (contents) {