openlp/openlp/core/api/http/__init__.py

# -*- coding: utf-8 -*-
# vim: autoindent shiftwidth=4 expandtab textwidth=120 tabstop=4 softtabstop=4

##########################################################################
# OpenLP - Open Source Lyrics Projection                                 #
# ---------------------------------------------------------------------- #
# Copyright (c) 2008-2019 OpenLP Developers                              #
# ---------------------------------------------------------------------- #
# This program is free software: you can redistribute it and/or modify   #
# it under the terms of the GNU General Public License as published by   #
# the Free Software Foundation, either version 3 of the License, or      #
# (at your option) any later version.                                    #
#                                                                        #
# This program is distributed in the hope that it will be useful,        #
# but WITHOUT ANY WARRANTY; without even the implied warranty of         #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          #
# GNU General Public License for more details.                           #
#                                                                        #
# You should have received a copy of the GNU General Public License      #
# along with this program.  If not, see <https://www.gnu.org/licenses/>. #
##########################################################################

import base64
from functools import wraps

from webob import Response

from openlp.core.api.http.wsgiapp import WSGIApplication
from openlp.core.common.settings import Settings

application = WSGIApplication('api')


def _route_from_url(url_prefix, url):
    """
    Create a route from the URL
    """
    url_prefix = '/{prefix}/'.format(prefix=url_prefix.strip('/'))
    if not url:
        url = url_prefix[:-1]
    else:
        url = url_prefix + url
    url = url.replace('//', '/')
    return url


def register_endpoint(end_point):
    """
    Register an endpoint with the app
    """
    for url, view_func, method in end_point.routes:
        # Set the view functions
        route = _route_from_url(end_point.url_prefix, url)
        application.add_route(route, view_func, method)
        # Add a static route if necessary
        if end_point.static_dir:
            static_route = _route_from_url(end_point.url_prefix, 'static')
            static_route += '(.*)'
            application.add_static_route(static_route, end_point.static_dir)


def check_auth(auth):
    """
    This function is called to check if a username password combination is valid.

    :param auth: the authorisation object which needs to be tested
    :return Whether authentication have been successful
    """
    auth_code = "{user}:{password}".format(user=Settings().value('api/user id'),
                                           password=Settings().value('api/password'))
    try:
        auth_base = base64.b64encode(auth_code)
    except TypeError:
        auth_base = base64.b64encode(auth_code.encode()).decode()
    if auth[1] == auth_base:
        return True
    else:
        return False


def authenticate():
    """
    Sends a 401 response that enables basic auth to be triggered
    """
    resp = Response(status=401)
    resp.www_authenticate = 'Basic realm="OpenLP Login Required"'
    return resp


def requires_auth(f):
    """
    Decorates a function which needs to be authenticated before it can be used from the remote.

    :param f: The function which has been wrapped
    :return: the called function or a request to authenticate
    """
    @wraps(f)
    def decorated(*args, **kwargs):
        if not Settings().value('api/authentication enabled'):
            return f(*args, **kwargs)
        req = args[0]
        if not hasattr(req, 'authorization'):
            return authenticate()
        else:
            auth = req.authorization
            if auth and check_auth(auth):
                return f(*args, **kwargs)
            else:
                return authenticate()
    return decorated
Start of websockets in remote 2016-06-04 10:50:43 +00:00			`# -- coding: utf-8 --`
			`# vim: autoindent shiftwidth=4 expandtab textwidth=120 tabstop=4 softtabstop=4`

License change to GPL-3.0-or-later 2019-04-13 13:00:22 +00:00			`##########################################################################`
			`# OpenLP - Open Source Lyrics Projection #`
			`# ---------------------------------------------------------------------- #`
			`# Copyright (c) 2008-2019 OpenLP Developers #`
			`# ---------------------------------------------------------------------- #`
			`# This program is free software: you can redistribute it and/or modify #`
			`# it under the terms of the GNU General Public License as published by #`
			`# the Free Software Foundation, either version 3 of the License, or #`
			`# (at your option) any later version. #`
			`# #`
			`# This program is distributed in the hope that it will be useful, #`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of #`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #`
			`# GNU General Public License for more details. #`
			`# #`
			`# You should have received a copy of the GNU General Public License #`
			`# along with this program. If not, see <https://www.gnu.org/licenses/>. #`
			`##########################################################################`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00
More updates 2016-06-19 17:39:48 +00:00			`import base64`
			`from functools import wraps`
tests 2017-12-28 08:27:44 +00:00
More updates 2016-06-19 17:39:48 +00:00			`from webob import Response`

Move the API around a bit 2016-06-14 22:03:08 +00:00			`from openlp.core.api.http.wsgiapp import WSGIApplication`
tests 2017-12-28 08:27:44 +00:00			`from openlp.core.common.settings import Settings`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00
move http root 2016-12-17 06:58:44 +00:00			`application = WSGIApplication('api')`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00

Move the API around a bit 2016-06-14 22:03:08 +00:00			`def _route_from_url(url_prefix, url):`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00			`"""`
Move the API around a bit 2016-06-14 22:03:08 +00:00			`Create a route from the URL`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00			`"""`
Move the API around a bit 2016-06-14 22:03:08 +00:00			`url_prefix = '/{prefix}/'.format(prefix=url_prefix.strip('/'))`
			`if not url:`
			`url = url_prefix[:-1]`
			`else:`
			`url = url_prefix + url`
			`url = url.replace('//', '/')`
			`return url`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00

Move the API around a bit 2016-06-14 22:03:08 +00:00			`def register_endpoint(end_point):`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00			`"""`
Move the API around a bit 2016-06-14 22:03:08 +00:00			`Register an endpoint with the app`
api and router work, move settings and tab 2016-06-10 16:16:35 +00:00			`"""`
Add static routes for serving files, and template rendering built into endpoints 2016-06-15 21:52:46 +00:00			`for url, view_func, method in end_point.routes:`
			`# Set the view functions`
Move the API around a bit 2016-06-14 22:03:08 +00:00			`route = _route_from_url(end_point.url_prefix, url)`
Add static routes for serving files, and template rendering built into endpoints 2016-06-15 21:52:46 +00:00			`application.add_route(route, view_func, method)`
			`# Add a static route if necessary`
			`if end_point.static_dir:`
			`static_route = _route_from_url(end_point.url_prefix, 'static')`
			`static_route += '(.*)'`
			`application.add_static_route(static_route, end_point.static_dir)`
more updates 2016-06-05 14:56:01 +00:00
More updates 2016-06-19 17:39:48 +00:00
			`def check_auth(auth):`
			`"""`
			`This function is called to check if a username password combination is valid.`

			`:param auth: the authorisation object which needs to be tested`
			`:return Whether authentication have been successful`
			`"""`
migrate settings 2016-07-09 11:21:25 +00:00			`auth_code = "{user}:{password}".format(user=Settings().value('api/user id'),`
			`password=Settings().value('api/password'))`
More updates 2016-06-19 17:39:48 +00:00			`try:`
			`auth_base = base64.b64encode(auth_code)`
			`except TypeError:`
			`auth_base = base64.b64encode(auth_code.encode()).decode()`
			`if auth[1] == auth_base:`
			`return True`
			`else:`
			`return False`


			`def authenticate():`
			`"""`
			`Sends a 401 response that enables basic auth to be triggered`
			`"""`
			`resp = Response(status=401)`
			`resp.www_authenticate = 'Basic realm="OpenLP Login Required"'`
			`return resp`


			`def requires_auth(f):`
			`"""`
			`Decorates a function which needs to be authenticated before it can be used from the remote.`

			`:param f: The function which has been wrapped`
			`:return: the called function or a request to authenticate`
			`"""`
			`@wraps(f)`
			`def decorated(args, *kwargs):`
migrate settings 2016-07-09 11:21:25 +00:00			`if not Settings().value('api/authentication enabled'):`
More updates 2016-06-19 17:39:48 +00:00			`return f(args, *kwargs)`
			`req = args[0]`
			`if not hasattr(req, 'authorization'):`
			`return authenticate()`
			`else:`
			`auth = req.authorization`
Add plugin endpoints 2016-06-22 19:47:11 +00:00			`if auth and check_auth(auth):`
More updates 2016-06-19 17:39:48 +00:00			`return f(args, *kwargs)`
			`else:`
			`return authenticate()`
			`return decorated`