diff --git a/bazarr/init.py b/bazarr/init.py
index 83c82c627..75c15fd34 100644
--- a/bazarr/init.py
+++ b/bazarr/init.py
@@ -50,6 +50,14 @@ if not os.path.exists(os.path.join(args.config_dir, 'cache')):
configure_logging(settings.general.getboolean('debug') or args.debug)
import logging
+# create random api_key if there's none in config.ini
+if not settings.auth.apikey:
+ from binascii import hexlify
+ from six import text_type
+ settings.auth.apikey = text_type(hexlify(os.urandom(16)))
+ with open(os.path.join(args.config_dir, 'config', 'config.ini'), 'w+') as handle:
+ settings.write(handle)
+
# create database file
if not os.path.exists(os.path.join(args.config_dir, 'db', 'bazarr.db')):
import sqlite3
diff --git a/bazarr/main.py b/bazarr/main.py
index 3e4e0490d..48e2c6a1a 100644
--- a/bazarr/main.py
+++ b/bazarr/main.py
@@ -147,6 +147,16 @@ def authorize():
aaa.require(fail_redirect=(base_url + 'login'))
+def api_authorize():
+ if 'apikey' in request.GET.dict:
+ if request.GET.dict['apikey'][0] == settings.auth.apikey:
+ return
+ else:
+ abort(401, 'Unauthorized')
+ else:
+ abort(401, 'Unauthorized')
+
+
def post_get(name, default=''):
return request.POST.get(name, default).strip()
@@ -1429,7 +1439,8 @@ def save_settings():
pass
else:
aaa._beaker_session.delete()
-
+ settings.auth.apikey = request.forms.get('settings_auth_apikey')
+
settings_sonarr_ip = request.forms.get('settings_sonarr_ip')
settings_sonarr_port = request.forms.get('settings_sonarr_port')
settings_sonarr_baseurl = request.forms.get('settings_sonarr_baseurl')
@@ -2230,6 +2241,17 @@ def movie_history(no):
return dict(data=movie_history)
+# Don't put any route under this one
+@route(base_url + 'api/help')
+def api_help():
+ endpoints = []
+ for route in app.app.routes:
+ if '/api/' in route.rule:
+ endpoints.append(route.rule)
+
+ return dict(endpoints=endpoints)
+
+
# Mute DeprecationWarning
warnings.simplefilter("ignore", DeprecationWarning)
server = CherryPyWSGIServer((str(settings.general.ip), (int(args.port) if args.port else int(settings.general.port))), app)
diff --git a/views/settings.tpl b/views/settings.tpl
index 3b3742213..6c9dc2cc0 100644
--- a/views/settings.tpl
+++ b/views/settings.tpl
@@ -116,7 +116,7 @@
.tab()
;
- $('a:not(.tabs), button:not(.cancel, .test)').on('click', function(){
+ $('a:not(.tabs), button:not(.cancel, .test, .no_loader)').on('click', function(){
$('#loader').addClass('active');
});
diff --git a/views/settings_general.tpl b/views/settings_general.tpl
index aa8b1d64b..d057b05eb 100644
--- a/views/settings_general.tpl
+++ b/views/settings_general.tpl
@@ -328,6 +328,22 @@
+
+
@@ -866,3 +882,15 @@
+
+
\ No newline at end of file