ApiKey Authentication cleanup
This commit is contained in:
parent
57fdbe6e08
commit
de607e207b
|
@ -1,15 +1,12 @@
|
||||||
using Nancy;
|
using Nancy;
|
||||||
using Nancy.Authentication.Basic;
|
using Nancy.Authentication.Basic;
|
||||||
using Nancy.Bootstrapper;
|
using Nancy.Bootstrapper;
|
||||||
|
using NzbDrone.Api.Extensions;
|
||||||
|
using NzbDrone.Api.Extensions.Pipelines;
|
||||||
|
|
||||||
namespace NzbDrone.Api.Authentication
|
namespace NzbDrone.Api.Authentication
|
||||||
{
|
{
|
||||||
public interface IEnableBasicAuthInNancy
|
public class EnableBasicAuthInNancy : IRegisterNancyPipeline
|
||||||
{
|
|
||||||
void Register(IPipelines pipelines);
|
|
||||||
}
|
|
||||||
|
|
||||||
public class EnableBasicAuthInNancy : IEnableBasicAuthInNancy
|
|
||||||
{
|
{
|
||||||
private readonly IAuthenticationService _authenticationService;
|
private readonly IAuthenticationService _authenticationService;
|
||||||
|
|
||||||
|
@ -28,7 +25,7 @@ namespace NzbDrone.Api.Authentication
|
||||||
{
|
{
|
||||||
Response response = null;
|
Response response = null;
|
||||||
|
|
||||||
if (!context.Request.Path.StartsWith("/api/") &&
|
if (!context.Request.IsApiRequest() &&
|
||||||
context.CurrentUser == null &&
|
context.CurrentUser == null &&
|
||||||
_authenticationService.Enabled)
|
_authenticationService.Enabled)
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,17 +1,15 @@
|
||||||
using System.Linq;
|
using System;
|
||||||
|
using System.Linq;
|
||||||
using Nancy;
|
using Nancy;
|
||||||
using Nancy.Bootstrapper;
|
using Nancy.Bootstrapper;
|
||||||
|
using NzbDrone.Api.Extensions;
|
||||||
|
using NzbDrone.Api.Extensions.Pipelines;
|
||||||
using NzbDrone.Common.EnvironmentInfo;
|
using NzbDrone.Common.EnvironmentInfo;
|
||||||
using NzbDrone.Core.Configuration;
|
using NzbDrone.Core.Configuration;
|
||||||
|
|
||||||
namespace NzbDrone.Api.Authentication
|
namespace NzbDrone.Api.Authentication
|
||||||
{
|
{
|
||||||
public interface IEnableStatelessAuthInNancy
|
public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
|
||||||
{
|
|
||||||
void Register(IPipelines pipelines);
|
|
||||||
}
|
|
||||||
|
|
||||||
public class EnableStatelessAuthInNancy : IEnableStatelessAuthInNancy
|
|
||||||
{
|
{
|
||||||
private readonly IConfigFileProvider _configFileProvider;
|
private readonly IConfigFileProvider _configFileProvider;
|
||||||
|
|
||||||
|
@ -28,18 +26,16 @@ namespace NzbDrone.Api.Authentication
|
||||||
public Response ValidateApiKey(NancyContext context)
|
public Response ValidateApiKey(NancyContext context)
|
||||||
{
|
{
|
||||||
Response response = null;
|
Response response = null;
|
||||||
var apiKey = context.Request.Headers["ApiKey"].FirstOrDefault();
|
|
||||||
|
if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
|
||||||
if (!RuntimeInfo.IsProduction &&
|
|
||||||
(context.Request.UserHostAddress.Equals("localhost") ||
|
|
||||||
context.Request.UserHostAddress.Equals("127.0.0.1") ||
|
|
||||||
context.Request.UserHostAddress.Equals("::1")))
|
|
||||||
{
|
{
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var apiKey = context.Request.Headers.Authorization;
|
||||||
|
|
||||||
if (context.Request.Path.StartsWith("/api/") &&
|
if (context.Request.IsApiRequest() &&
|
||||||
(apiKey == null || !apiKey.Equals(_configFileProvider.ApiKey)))
|
(String.IsNullOrWhiteSpace(apiKey) || !apiKey.Equals(_configFileProvider.ApiKey)))
|
||||||
{
|
{
|
||||||
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
using System.Text;
|
||||||
|
using Nancy;
|
||||||
|
|
||||||
|
namespace NzbDrone.Api.Extensions
|
||||||
|
{
|
||||||
|
public static class RequestExtensions
|
||||||
|
{
|
||||||
|
public static bool IsApiRequest(this Request request)
|
||||||
|
{
|
||||||
|
return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static bool IsSignalRRequest(this Request request)
|
||||||
|
{
|
||||||
|
return request.Path.StartsWith("/signalr/", StringComparison.InvariantCultureIgnoreCase);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static bool IsLocalRequest(this Request request)
|
||||||
|
{
|
||||||
|
return (request.UserHostAddress.Equals("localhost") ||
|
||||||
|
request.UserHostAddress.Equals("127.0.0.1") ||
|
||||||
|
request.UserHostAddress.Equals("::1"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -38,21 +38,7 @@ namespace NzbDrone.Api.Frontend.Mappers
|
||||||
|
|
||||||
public override Response GetResponse(string resourceUrl)
|
public override Response GetResponse(string resourceUrl)
|
||||||
{
|
{
|
||||||
string content;
|
|
||||||
var response = base.GetResponse(resourceUrl);
|
var response = base.GetResponse(resourceUrl);
|
||||||
var stream = new MemoryStream();
|
|
||||||
|
|
||||||
response.Contents.Invoke(stream);
|
|
||||||
stream.Position = 0;
|
|
||||||
|
|
||||||
using (var reader = new StreamReader(stream))
|
|
||||||
{
|
|
||||||
content = reader.ReadToEnd();
|
|
||||||
}
|
|
||||||
|
|
||||||
content = content.Replace("API_KEY", _configFileProvider.ApiKey);
|
|
||||||
|
|
||||||
response = new StreamResponse(() => StringToStream(content), response.ContentType);
|
|
||||||
response.Headers["X-UA-Compatible"] = "IE=edge";
|
response.Headers["X-UA-Compatible"] = "IE=edge";
|
||||||
|
|
||||||
return response;
|
return response;
|
||||||
|
@ -70,6 +56,7 @@ namespace NzbDrone.Api.Frontend.Mappers
|
||||||
|
|
||||||
text = text.Replace(".css", ".css?v=" + BuildInfo.Version);
|
text = text.Replace(".css", ".css?v=" + BuildInfo.Version);
|
||||||
text = text.Replace(".js", ".js?v=" + BuildInfo.Version);
|
text = text.Replace(".js", ".js?v=" + BuildInfo.Version);
|
||||||
|
text = text.Replace("API_KEY", _configFileProvider.ApiKey);
|
||||||
|
|
||||||
return text;
|
return text;
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,8 +30,6 @@ namespace NzbDrone.Api
|
||||||
RegisterPipelines(pipelines);
|
RegisterPipelines(pipelines);
|
||||||
|
|
||||||
container.Resolve<DatabaseTarget>().Register();
|
container.Resolve<DatabaseTarget>().Register();
|
||||||
container.Resolve<IEnableBasicAuthInNancy>().Register(pipelines);
|
|
||||||
container.Resolve<IEnableStatelessAuthInNancy>().Register(pipelines);
|
|
||||||
container.Resolve<IEventAggregator>().PublishEvent(new ApplicationStartedEvent());
|
container.Resolve<IEventAggregator>().PublishEvent(new ApplicationStartedEvent());
|
||||||
|
|
||||||
ApplicationPipelines.OnError.AddItemToEndOfPipeline(container.Resolve<NzbDroneErrorPipeline>().HandleException);
|
ApplicationPipelines.OnError.AddItemToEndOfPipeline(container.Resolve<NzbDroneErrorPipeline>().HandleException);
|
||||||
|
|
|
@ -21,11 +21,8 @@ define(function () {
|
||||||
delete xhr.data;
|
delete xhr.data;
|
||||||
}
|
}
|
||||||
if (xhr) {
|
if (xhr) {
|
||||||
if (!xhr.headers) {
|
xhr.headers = xhr.headers || {};
|
||||||
xhr.headers = {};
|
xhr.headers['Authorization'] = window.NzbDrone.ApiKey;
|
||||||
}
|
|
||||||
|
|
||||||
xhr.headers["ApiKey"] = window.NzbDrone.ApiKey;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return original.apply(this, arguments);
|
return original.apply(this, arguments);
|
||||||
|
|
|
@ -5,7 +5,7 @@ var statusText = $.ajax({
|
||||||
url : window.NzbDrone.ApiRoot + '/system/status',
|
url : window.NzbDrone.ApiRoot + '/system/status',
|
||||||
async: false,
|
async: false,
|
||||||
headers: {
|
headers: {
|
||||||
ApiKey: window.NzbDrone.ApiKey
|
Authorization: window.NzbDrone.ApiKey
|
||||||
}
|
}
|
||||||
}).responseText;
|
}).responseText;
|
||||||
|
|
||||||
|
|
|
@ -62,7 +62,7 @@
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
window.NzbDrone = {};
|
window.NzbDrone = window.NzbDrone || {};
|
||||||
window.NzbDrone.ApiKey = 'API_KEY';
|
window.NzbDrone.ApiKey = 'API_KEY';
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue