forked from openlp/openlp
79 lines
3.1 KiB
Python
79 lines
3.1 KiB
Python
# -*- coding: utf-8 -*-
|
|
|
|
##########################################################################
|
|
# OpenLP - Open Source Lyrics Projection #
|
|
# ---------------------------------------------------------------------- #
|
|
# Copyright (c) 2008-2022 OpenLP Developers #
|
|
# ---------------------------------------------------------------------- #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <https://www.gnu.org/licenses/>. #
|
|
##########################################################################
|
|
|
|
import base64
|
|
from functools import wraps
|
|
|
|
from webob import Response
|
|
|
|
from openlp.core.common.registry import Registry
|
|
|
|
|
|
def check_auth(auth):
|
|
"""
|
|
This function is called to check if a username password combination is valid.
|
|
|
|
:param auth: the authorisation object which needs to be tested
|
|
:return Whether authentication have been successful
|
|
"""
|
|
auth_code = "{user}:{password}".format(user=Registry().get('settings_thread').value('api/user id'),
|
|
password=Registry().get('settings_thread').value('api/password'))
|
|
try:
|
|
auth_base = base64.b64encode(auth_code)
|
|
except TypeError:
|
|
auth_base = base64.b64encode(auth_code.encode()).decode()
|
|
if auth[1] == auth_base:
|
|
return True
|
|
else:
|
|
return False
|
|
|
|
|
|
def authenticate():
|
|
"""
|
|
Sends a 401 response that enables basic auth to be triggered
|
|
"""
|
|
resp = Response(status=401)
|
|
resp.www_authenticate = 'Basic realm="OpenLP Login Required"'
|
|
return resp
|
|
|
|
|
|
def requires_auth(f):
|
|
"""
|
|
Decorates a function which needs to be authenticated before it can be used from the remote.
|
|
|
|
:param f: The function which has been wrapped
|
|
:return: the called function or a request to authenticate
|
|
"""
|
|
@wraps(f)
|
|
def decorated(*args, **kwargs):
|
|
if not Registry().get('settings_thread').value('api/authentication enabled'):
|
|
return f(*args, **kwargs)
|
|
req = args[0]
|
|
if not hasattr(req, 'authorization'):
|
|
return authenticate()
|
|
else:
|
|
auth = req.authorization
|
|
if auth and check_auth(auth):
|
|
return f(*args, **kwargs)
|
|
else:
|
|
return authenticate()
|
|
return decorated
|