Fixed authentication and logout.

pull/684/head
Louis Vézina 5 years ago
parent 4a2ed8830d
commit 0d87924bc0

@ -45,7 +45,7 @@ from io import BytesIO
from six import text_type from six import text_type
from beaker.middleware import SessionMiddleware from beaker.middleware import SessionMiddleware
from cork import Cork from cork import Cork
from bottle import route, template, static_file, request, redirect, response, HTTPError, app, hook from bottle import route, template, static_file, request, redirect, response, HTTPError, app, hook, abort
from datetime import timedelta from datetime import timedelta
from get_languages import load_language_in_db, language_from_alpha3, language_from_alpha2, alpha2_from_alpha3 from get_languages import load_language_in_db, language_from_alpha3, language_from_alpha2, alpha2_from_alpha3
@ -173,7 +173,12 @@ def login():
@route(base_url + 'logout') @route(base_url + 'logout')
def logout(): def logout():
aaa.logout(success_redirect=(base_url + 'login')) if settings.auth.type == 'form':
aaa.logout(success_redirect=(base_url + 'login'))
elif settings.auth.type == 'basic':
abort(401)
else:
aaa.logout(success_redirect=(base_url))
@route('/') @route('/')
@ -184,7 +189,9 @@ def redirect_root():
@route(base_url + 'shutdown') @route(base_url + 'shutdown')
@custom_auth_basic(check_credentials)
def shutdown(): def shutdown():
authorize()
try: try:
server.stop() server.stop()
except: except:
@ -202,7 +209,9 @@ def shutdown():
@route(base_url + 'restart') @route(base_url + 'restart')
@custom_auth_basic(check_credentials)
def restart(): def restart():
authorize()
try: try:
server.stop() server.stop()
except: except:
@ -454,6 +463,7 @@ def save_wizard():
@route(base_url + 'static/:path#.+#', name='static') @route(base_url + 'static/:path#.+#', name='static')
@custom_auth_basic(check_credentials) @custom_auth_basic(check_credentials)
def static(path): def static(path):
authorize()
return static_file(path, root=os.path.join(os.path.dirname(__file__), '../static')) return static_file(path, root=os.path.join(os.path.dirname(__file__), '../static'))
@ -2100,6 +2110,7 @@ def api_history():
@route(base_url + 'test_url/<protocol>/<url:path>', method='GET') @route(base_url + 'test_url/<protocol>/<url:path>', method='GET')
@custom_auth_basic(check_credentials) @custom_auth_basic(check_credentials)
def test_url(protocol, url): def test_url(protocol, url):
authorize()
url = six.moves.urllib.parse.unquote(url) url = six.moves.urllib.parse.unquote(url)
try: try:
result = requests.get(protocol + "://" + url, allow_redirects=False, verify=False).json()['version'] result = requests.get(protocol + "://" + url, allow_redirects=False, verify=False).json()['version']
@ -2112,6 +2123,7 @@ def test_url(protocol, url):
@route(base_url + 'test_notification/<protocol>/<provider:path>', method='GET') @route(base_url + 'test_notification/<protocol>/<provider:path>', method='GET')
@custom_auth_basic(check_credentials) @custom_auth_basic(check_credentials)
def test_notification(protocol, provider): def test_notification(protocol, provider):
authorize()
provider = six.moves.urllib.parse.unquote(provider) provider = six.moves.urllib.parse.unquote(provider)
apobj = apprise.Apprise() apobj = apprise.Apprise()
apobj.add(protocol + "://" + provider) apobj.add(protocol + "://" + provider)
@ -2125,6 +2137,7 @@ def test_notification(protocol, provider):
@route(base_url + 'notifications') @route(base_url + 'notifications')
@custom_auth_basic(check_credentials) @custom_auth_basic(check_credentials)
def notifications(): def notifications():
authorize()
if queueconfig.notifications: if queueconfig.notifications:
return queueconfig.notifications.read() return queueconfig.notifications.read()
else: else:
@ -2134,6 +2147,7 @@ def notifications():
@route(base_url + 'running_tasks') @route(base_url + 'running_tasks')
@custom_auth_basic(check_credentials) @custom_auth_basic(check_credentials)
def running_tasks_list(): def running_tasks_list():
authorize()
return dict(tasks=running_tasks) return dict(tasks=running_tasks)

Loading…
Cancel
Save