Auth key for web socket server access

author: Oliver Poignant <oliver@poignant.se> 2017-01-07 12:24:10 +0100
committer: Oliver Poignant <oliver@poignant.se> 2017-01-07 12:24:10 +0100
commit: ef4b78f5ac47b9c51f4afdcc386f15873932aaec (patch)
tree: 808842a2c19231a303e29660f55bbdb46d0df6f8 /gitautodeploy/httpserver.py
parent: 6dfc5094495bda3c513ca461da863a25ce04907d (diff)
download: Git-Auto-Deploy-ef4b78f5ac47b9c51f4afdcc386f15873932aaec.zip
Git-Auto-Deploy-ef4b78f5ac47b9c51f4afdcc386f15873932aaec.tar.gz
Git-Auto-Deploy-ef4b78f5ac47b9c51f4afdcc386f15873932aaec.tar.bz2
1 files changed, 11 insertions, 4 deletions
diff --git a/gitautodeploy/httpserver.py b/gitautodeploy/httpserver.py
index 6717ae3..290d0f8 100644
--- a/gitautodeploy/httpserver.py
+++ b/gitautodeploy/httpserver.py
@@ -35,7 +35,7 @@ def WebhookRequestHandlerFactory(config, event_store, server_status, is_https=Fa
                 return
 
             # Client needs to authenticate
-            if not self.validate_web_ui_authentication():
+            if not self.validate_web_ui_basic_auth():
                 return
 
             return SimpleHTTPRequestHandler.do_HEAD(self)
@@ -55,10 +55,10 @@ def WebhookRequestHandlerFactory(config, event_store, server_status, is_https=Fa
                 return
 
             # Client needs to authenticate
-            if not self.validate_web_ui_authentication():
+            if not self.validate_web_ui_basic_auth():
                 return
 
-            # Handle API call
+            # Handle status API call
             if self.path == "/api/status":
                 self.handle_status_api()
                 return
@@ -68,8 +68,12 @@ def WebhookRequestHandlerFactory(config, event_store, server_status, is_https=Fa
 
         def handle_status_api(self):
             import json
+            from os import urandom
+            from base64 import b64encode
+
             data = {
                 'events': self._event_store.dict_repr(),
+                'auth-key': self._server_status['auth-key']
             }
 
             data.update(self.get_server_status())
@@ -286,10 +290,13 @@ def WebhookRequestHandlerFactory(config, event_store, server_status, is_https=Fa
             self.send_error(403, "%s is not allowed access" % self.client_address[0])
             return False
 
-        def validate_web_ui_authentication(self):
+        def validate_web_ui_basic_auth(self):
             """Authenticate the user"""
             import base64
 
+            if not self._config['web-ui-auth-enabled']:
+                return True
+
             # Verify that a username and password is specified in the config
             if self._config['web-ui-username'] is None or self._config['web-ui-password'] is None:
                 self.send_error(403, "Authentication credentials missing in config")
author	Oliver Poignant <oliver@poignant.se>	2017-01-07 12:24:10 +0100
committer	Oliver Poignant <oliver@poignant.se>	2017-01-07 12:24:10 +0100
commit	ef4b78f5ac47b9c51f4afdcc386f15873932aaec (patch)
tree	808842a2c19231a303e29660f55bbdb46d0df6f8 /gitautodeploy/httpserver.py
parent	6dfc5094495bda3c513ca461da863a25ce04907d (diff)
download	Git-Auto-Deploy-ef4b78f5ac47b9c51f4afdcc386f15873932aaec.zip Git-Auto-Deploy-ef4b78f5ac47b9c51f4afdcc386f15873932aaec.tar.gz Git-Auto-Deploy-ef4b78f5ac47b9c51f4afdcc386f15873932aaec.tar.bz2