Revised Authentication logic for api and logfiles.

pull/4/head
Taloth Saldono 11 years ago committed by Taloth
parent 9645fb07db
commit f92aded4f0

@ -12,12 +12,10 @@ namespace NzbDrone.Api.Authentication
{
public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
{
private readonly IAuthenticationService _authenticationService;
private static String API_KEY;
public EnableStatelessAuthInNancy(IAuthenticationService authenticationService, IConfigFileProvider configFileProvider)
public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider)
{
_authenticationService = authenticationService;
API_KEY = configFileProvider.ApiKey;
}
@ -29,17 +27,12 @@ namespace NzbDrone.Api.Authentication
public Response ValidateApiKey(NancyContext context)
{
Response response = null;
if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
{
return response;
}
var authorizationHeader = context.Request.Headers.Authorization;
var apiKeyHeader = context.Request.Headers["X-Api-Key"].FirstOrDefault();
var apiKey = apiKeyHeader.IsNullOrWhiteSpace() ? authorizationHeader : apiKeyHeader;
if (context.Request.IsApiRequest() && !ValidApiKey(apiKey) && !IsAuthenticated(context))
if (context.Request.IsApiRequest() && !ValidApiKey(apiKey))
{
response = new Response { StatusCode = HttpStatusCode.Unauthorized };
}
@ -49,15 +42,9 @@ namespace NzbDrone.Api.Authentication
private bool ValidApiKey(string apiKey)
{
if (apiKey.IsNullOrWhiteSpace()) return false;
if (!apiKey.Equals(API_KEY)) return false;
if (!API_KEY.Equals(apiKey)) return false;
return true;
}
private bool IsAuthenticated(NancyContext context)
{
return _authenticationService.Enabled && _authenticationService.IsAuthenticated(context);
}
}
}

@ -7,7 +7,7 @@ namespace NzbDrone.Api.Extensions
{
public static bool IsApiRequest(this Request request)
{
return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase) || request.IsLogFileRequest();
return request.Path.StartsWith("/api/", StringComparison.InvariantCultureIgnoreCase);
}
public static bool IsSignalRRequest(this Request request)
@ -21,11 +21,5 @@ namespace NzbDrone.Api.Extensions
request.UserHostAddress.Equals("127.0.0.1") ||
request.UserHostAddress.Equals("::1"));
}
private static bool IsLogFileRequest(this Request request)
{
return request.Path.StartsWith("/log/", StringComparison.InvariantCultureIgnoreCase) &&
request.Path.EndsWith(".txt", StringComparison.InvariantCultureIgnoreCase);
}
}
}

@ -4,11 +4,15 @@ using System.Linq;
using NzbDrone.Common;
using NzbDrone.Common.Disk;
using NzbDrone.Common.EnvironmentInfo;
using Nancy;
using Nancy.Responses;
namespace NzbDrone.Api.Logs
{
public class LogFileModule : NzbDroneRestModule<LogFileResource>
{
private const string LOGFILE_ROUTE = @"/(?<filename>nzbdrone(?:\.\d+)?\.txt)";
private readonly IAppFolderInfo _appFolderInfo;
private readonly IDiskProvider _diskProvider;
@ -19,6 +23,8 @@ namespace NzbDrone.Api.Logs
_appFolderInfo = appFolderInfo;
_diskProvider = diskProvider;
GetResourceAll = GetLogFiles;
Get[LOGFILE_ROUTE] = options => GetLogFile(options.filename);
}
private List<LogFileResource> GetLogFiles()
@ -41,5 +47,17 @@ namespace NzbDrone.Api.Logs
return result.OrderByDescending(l => l.LastWriteTime).ToList();
}
private Response GetLogFile(string filename)
{
var filePath = Path.Combine(_appFolderInfo.GetLogFolder(), filename);
if (!_diskProvider.FileExists(filePath))
return new NotFoundResponse();
var data = _diskProvider.ReadAllText(filePath);
return new TextResponse(data);
}
}
}

@ -6,7 +6,7 @@ define(
], function (Backbone, StatusModel) {
return Backbone.Model.extend({
url: function () {
return StatusModel.get('urlBase') + '/logfile/' + this.get('filename');
return StatusModel.get('urlBase') + '/api/log/file/' + this.get('filename');
},
parse: function (contents) {

Loading…
Cancel
Save