Allow Basic Auth on API

11 years ago · 5841140c99
parent c5ae38638a
commit 5841140c99
3 changed files with 28 additions and 11 deletions
--- a/NzbDrone.Api/Authentication/AuthenticationService.cs
+++ b/NzbDrone.Api/Authentication/AuthenticationService.cs
@ -1,4 +1,6 @@
-using Nancy.Authentication.Basic;
+using System;
+using Nancy;
+using Nancy.Authentication.Basic;
 using Nancy.Security;
 using NzbDrone.Core.Configuration;

@ -7,6 +9,7 @@ namespace NzbDrone.Api.Authentication
    public interface IAuthenticationService : IUserValidator
    {
        bool Enabled { get; }
+        bool IsAuthenticated(NancyContext context);
    }

    public class AuthenticationService : IAuthenticationService
@ -44,5 +47,12 @@ namespace NzbDrone.Api.Authentication
                return _configFileProvider.AuthenticationEnabled;
            }
        }
+
+        public bool IsAuthenticated(NancyContext context)
+        {
+            if (context.CurrentUser == null && _configFileProvider.AuthenticationEnabled) return false;
+
+            return true;
+        }
    }
 }
--- a/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs
+++ b/NzbDrone.Api/Authentication/EnableBasicAuthInNancy.cs
@ -25,9 +25,7 @@ namespace NzbDrone.Api.Authentication
        {
            Response response = null;

-            if (!context.Request.IsApiRequest() &&
-                context.CurrentUser == null &&
-                _authenticationService.Enabled)
+            if (!context.Request.IsApiRequest() && !_authenticationService.IsAuthenticated(context))
            {
                response = new Response { StatusCode = HttpStatusCode.Unauthorized };
            }
--- a/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
+++ b/NzbDrone.Api/Authentication/EnableStatelessAuthInNancy.cs
@ -11,10 +11,12 @@ namespace NzbDrone.Api.Authentication
 {
    public class EnableStatelessAuthInNancy : IRegisterNancyPipeline
    {
+        private readonly IAuthenticationService _authenticationService;
        private readonly IConfigFileProvider _configFileProvider;

-        public EnableStatelessAuthInNancy(IConfigFileProvider configFileProvider)
+        public EnableStatelessAuthInNancy(IAuthenticationService authenticationService, IConfigFileProvider configFileProvider)
        {
+            _authenticationService = authenticationService;
            _configFileProvider = configFileProvider;
        }

@ -27,20 +29,27 @@ namespace NzbDrone.Api.Authentication
        {
            Response response = null;
            
-            if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
-            {
-                return response;
-            }
+//            if (!RuntimeInfo.IsProduction && context.Request.IsLocalRequest())
+//            {
+//                return response;
+//            }

            var apiKey = context.Request.Headers.Authorization;
            
-            if (context.Request.IsApiRequest() && 
-                (String.IsNullOrWhiteSpace(apiKey) || !apiKey.Equals(_configFileProvider.ApiKey)))
+            if (context.Request.IsApiRequest() && !ValidApiKey(apiKey) && !_authenticationService.IsAuthenticated(context))
            {
                response = new Response { StatusCode = HttpStatusCode.Unauthorized };
            }

            return response;
        }
+
+        private bool ValidApiKey(string apiKey)
+        {
+            if (String.IsNullOrWhiteSpace(apiKey)) return false;
+            if (!apiKey.Equals(_configFileProvider.ApiKey)) return false;
+
+            return true;
+        }
    }
 }