Added API denied handling

changelog.md

 # Changelog
 
-- * 5572dbd - 2018-10-17: Fixed typo for API notification retrieval 
+- * a9ca448 - 2018-10-21: Added API denied handling 
+- * f37d3db - 2018-10-17: Fixed typo for API notification retrieval 
 - * ed1b33e - 2018-10-17: Release v9.3.96 
 - * ecb1600 - 2018-10-17: Fixed setting caps issue when searching newznab providers 
 - * bbbc6cb - 2018-10-17: Fixed 'Notification' object has no attribute 'type' issue. 

sickrage/core/webserver/__init__.py

@@ -29,7 +29,7 @@ from tornado.web import Application, RedirectHandler, StaticFileHandler
 
 import sickrage
 from sickrage.core.helpers import create_https_certificates, launch_browser
-from sickrage.core.webserver.api import ApiHandler, KeyHandler
+from sickrage.core.webserver.api import ApiHandler
 from sickrage.core.webserver.routes import Route
 from sickrage.core.webserver.views import CalendarHandler, LoginHandler, LogoutHandler
 from sickrage.core.websocket import WebSocketUIHandler
@@ -121,15 +121,12 @@ class WebServer(object):
  # Static File Handlers
  self.app.add_handlers('.*$', [
  # api
- (r'%s(/?.*)' % self.api_root, ApiHandler),
+ (r'%s/api/(\w{32})(/?.*)' % sickrage.app.config.web_root, ApiHandler),
 
  # redirect to home
  (r"(%s)" % sickrage.app.config.web_root, RedirectHandler,
  {"url": "%s/home" % sickrage.app.config.web_root}),
 
- # api key
- (r'%s/getkey(/?.*)' % sickrage.app.config.web_root, KeyHandler),
-
  # api builder
  (r'%s/api/builder' % sickrage.app.config.web_root, RedirectHandler,
  {"url": sickrage.app.config.web_root + '/apibuilder/'}),

sickrage/core/webserver/api.py

@@ -32,7 +32,6 @@ from tornado.escape import json_encode, recursive_unicode
 from tornado.web import RequestHandler
 
 import sickrage.subtitles
-from sickrage.core import API
 
 try:
  from futures import ThreadPoolExecutor
@@ -80,27 +79,6 @@ result_type_map = {
 }
 
 
-class KeyHandler(RequestHandler):
- def __init__(self, *args, **kwargs):
- super(KeyHandler, self).__init__(*args, **kwargs)
-
- def prepare(self, *args, **kwargs):
- api_key = None
-
- try:
- username = self.get_argument('u', None)
- password = self.get_argument('p', None)
- api_token = API(username, password).token
-
- if api_token:
- api_key = sickrage.app.config.api_key
-
- self.finish({'success': api_key is not None, 'api_key': api_key})
- except Exception:
- sickrage.app.log.error('Failed doing key request: %s' % (traceback.format_exc()))
- self.finish({'success': False, 'error': 'Failed returning results'})
-
-
 # basically everything except RESULT_SUCCESS / success is bad
 class ApiHandler(RequestHandler):
  """ api class that returns json results """
@@ -116,27 +94,34 @@ class ApiHandler(RequestHandler):
  'image': self._out_as_image,
  }
 
- accessMsg = "IP:{} - ACCESS GRANTED".format(self.request.remote_ip)
- sickrage.app.log.debug(accessMsg)
+ if sickrage.app.config.api_key == self.path_args[0]:
+ accessMsg = "IP:{} - ACCESS GRANTED".format(self.request.remote_ip)
+ sickrage.app.log.debug(accessMsg)
 
- # set the original call_dispatcher as the local _call_dispatcher
- _call_dispatcher = self.call_dispatcher
+  # set the original call_dispatcher as the local _call_dispatcher
+  _call_dispatcher = self.call_dispatcher
 
- # if profile was set wrap "_call_dispatcher" in the profile function
- if 'profile' in self.request.arguments:
- from profilehooks import profile
+  # if profile was set wrap "_call_dispatcher" in the profile function
+  if 'profile' in self.request.arguments:
+  from profilehooks import profile
 
- _call_dispatcher = profile(_call_dispatcher, immediate=True)
- del self.request.arguments["profile"]
+  _call_dispatcher = profile(_call_dispatcher, immediate=True)
+  del self.request.arguments["profile"]
 
- try:
- outDict = self.route(_call_dispatcher, **self.request.arguments)
- except Exception as e:
- sickrage.app.log.error(str(e))
- errorData = {"error_msg": e, "request arguments": self.request.arguments}
- outDict = _responds(RESULT_FATAL,
- errorData,
- "SiCKRAGE encountered an internal error! Please report to the Devs")
+ try:
+ outDict = self.route(_call_dispatcher, **self.request.arguments)
+ except Exception as e:
+ sickrage.app.log.error(str(e))
+ errorData = {"error_msg": e, "request arguments": self.request.arguments}
+ outDict = _responds(RESULT_FATAL,
+ errorData,
+ "SiCKRAGE encountered an internal error! Please report to the Devs")
+ else:
+ accessMsg = "IP:{} - ACCESS DENIED".format(self.request.remote_ip)
+ sickrage.app.log.debug(accessMsg)
+
+ errorData = {"error_msg": accessMsg, "request arguments": self.request.arguments}
+ outDict = _responds(RESULT_DENIED, errorData, accessMsg)
 
  outputCallback = outputCallbackDict['default']
  if 'outputType' in outDict:

sickrage/indexers/thetvdb/api.py

@@ -141,7 +141,7 @@ class Show(dict):
  else:
  # If it's not numeric, it must be an attribute name, which
  # doesn't exist, so attribute error.
- raise tvdb_attributenotfound("Cannot find attribute {}".format(repr(key)))
+ raise tvdb_attributenotfound("Cannot find show attribute {}".format(repr(key)))
 
  def airedOn(self, date):
  ret = self.search(str(date), 'firstaired')
@@ -210,7 +210,7 @@ class Season(dict):
  if key and (isinstance(key, int) or key.isdigit()):
  raise tvdb_episodenotfound("Could not find episode {}".format(repr(key)))
  else:
- raise tvdb_attributenotfound("Cannot find attribute {}".format(repr(key)))
+ raise tvdb_attributenotfound("Cannot find season attribute {}".format(repr(key)))
 
  def search(self, term=None, key=None):
  """Search all episodes in season, returns a list of matching Episode
@@ -247,7 +247,7 @@ class Episode(dict):
  try:
  return dict.__getitem__(self, key)
  except KeyError:
- raise tvdb_attributenotfound("Cannot find attribute {}".format(repr(key)))
+ raise tvdb_attributenotfound("Cannot find episode attribute {}".format(repr(key)))
 
  def search(self, term=None, key=None):
  """Search episode data for term, if it matches, return the Episode (self).