Commit af471d1f authored by echel0n's avatar echel0n
Browse files

Added API denied handling

parent f37d3db2
# Changelog # Changelog
- * 5572dbd - 2018-10-17: Fixed typo for API notification retrieval - * a9ca448 - 2018-10-21: Added API denied handling
- * f37d3db - 2018-10-17: Fixed typo for API notification retrieval
- * ed1b33e - 2018-10-17: Release v9.3.96 - * ed1b33e - 2018-10-17: Release v9.3.96
- * ecb1600 - 2018-10-17: Fixed setting caps issue when searching newznab providers - * ecb1600 - 2018-10-17: Fixed setting caps issue when searching newznab providers
- * bbbc6cb - 2018-10-17: Fixed 'Notification' object has no attribute 'type' issue. - * bbbc6cb - 2018-10-17: Fixed 'Notification' object has no attribute 'type' issue.
......
...@@ -29,7 +29,7 @@ from tornado.web import Application, RedirectHandler, StaticFileHandler ...@@ -29,7 +29,7 @@ from tornado.web import Application, RedirectHandler, StaticFileHandler
import sickrage import sickrage
from sickrage.core.helpers import create_https_certificates, launch_browser from sickrage.core.helpers import create_https_certificates, launch_browser
from sickrage.core.webserver.api import ApiHandler, KeyHandler from sickrage.core.webserver.api import ApiHandler
from sickrage.core.webserver.routes import Route from sickrage.core.webserver.routes import Route
from sickrage.core.webserver.views import CalendarHandler, LoginHandler, LogoutHandler from sickrage.core.webserver.views import CalendarHandler, LoginHandler, LogoutHandler
from sickrage.core.websocket import WebSocketUIHandler from sickrage.core.websocket import WebSocketUIHandler
...@@ -121,15 +121,12 @@ class WebServer(object): ...@@ -121,15 +121,12 @@ class WebServer(object):
# Static File Handlers # Static File Handlers
self.app.add_handlers('.*$', [ self.app.add_handlers('.*$', [
# api # api
(r'%s(/?.*)' % self.api_root, ApiHandler), (r'%s/api/(\w{32})(/?.*)' % sickrage.app.config.web_root, ApiHandler),
# redirect to home # redirect to home
(r"(%s)" % sickrage.app.config.web_root, RedirectHandler, (r"(%s)" % sickrage.app.config.web_root, RedirectHandler,
{"url": "%s/home" % sickrage.app.config.web_root}), {"url": "%s/home" % sickrage.app.config.web_root}),
# api key
(r'%s/getkey(/?.*)' % sickrage.app.config.web_root, KeyHandler),
# api builder # api builder
(r'%s/api/builder' % sickrage.app.config.web_root, RedirectHandler, (r'%s/api/builder' % sickrage.app.config.web_root, RedirectHandler,
{"url": sickrage.app.config.web_root + '/apibuilder/'}), {"url": sickrage.app.config.web_root + '/apibuilder/'}),
......
...@@ -32,7 +32,6 @@ from tornado.escape import json_encode, recursive_unicode ...@@ -32,7 +32,6 @@ from tornado.escape import json_encode, recursive_unicode
from tornado.web import RequestHandler from tornado.web import RequestHandler
import sickrage.subtitles import sickrage.subtitles
from sickrage.core import API
try: try:
from futures import ThreadPoolExecutor from futures import ThreadPoolExecutor
...@@ -80,27 +79,6 @@ result_type_map = { ...@@ -80,27 +79,6 @@ result_type_map = {
} }
class KeyHandler(RequestHandler):
def __init__(self, *args, **kwargs):
super(KeyHandler, self).__init__(*args, **kwargs)
def prepare(self, *args, **kwargs):
api_key = None
try:
username = self.get_argument('u', None)
password = self.get_argument('p', None)
api_token = API(username, password).token
if api_token:
api_key = sickrage.app.config.api_key
self.finish({'success': api_key is not None, 'api_key': api_key})
except Exception:
sickrage.app.log.error('Failed doing key request: %s' % (traceback.format_exc()))
self.finish({'success': False, 'error': 'Failed returning results'})
# basically everything except RESULT_SUCCESS / success is bad # basically everything except RESULT_SUCCESS / success is bad
class ApiHandler(RequestHandler): class ApiHandler(RequestHandler):
""" api class that returns json results """ """ api class that returns json results """
...@@ -116,27 +94,34 @@ class ApiHandler(RequestHandler): ...@@ -116,27 +94,34 @@ class ApiHandler(RequestHandler):
'image': self._out_as_image, 'image': self._out_as_image,
} }
accessMsg = "IP:{} - ACCESS GRANTED".format(self.request.remote_ip) if sickrage.app.config.api_key == self.path_args[0]:
sickrage.app.log.debug(accessMsg) accessMsg = "IP:{} - ACCESS GRANTED".format(self.request.remote_ip)
sickrage.app.log.debug(accessMsg)
# set the original call_dispatcher as the local _call_dispatcher # set the original call_dispatcher as the local _call_dispatcher
_call_dispatcher = self.call_dispatcher _call_dispatcher = self.call_dispatcher
# if profile was set wrap "_call_dispatcher" in the profile function # if profile was set wrap "_call_dispatcher" in the profile function
if 'profile' in self.request.arguments: if 'profile' in self.request.arguments:
from profilehooks import profile from profilehooks import profile
_call_dispatcher = profile(_call_dispatcher, immediate=True) _call_dispatcher = profile(_call_dispatcher, immediate=True)
del self.request.arguments["profile"] del self.request.arguments["profile"]
try: try:
outDict = self.route(_call_dispatcher, **self.request.arguments) outDict = self.route(_call_dispatcher, **self.request.arguments)
except Exception as e: except Exception as e:
sickrage.app.log.error(str(e)) sickrage.app.log.error(str(e))
errorData = {"error_msg": e, "request arguments": self.request.arguments} errorData = {"error_msg": e, "request arguments": self.request.arguments}
outDict = _responds(RESULT_FATAL, outDict = _responds(RESULT_FATAL,
errorData, errorData,
"SiCKRAGE encountered an internal error! Please report to the Devs") "SiCKRAGE encountered an internal error! Please report to the Devs")
else:
accessMsg = "IP:{} - ACCESS DENIED".format(self.request.remote_ip)
sickrage.app.log.debug(accessMsg)
errorData = {"error_msg": accessMsg, "request arguments": self.request.arguments}
outDict = _responds(RESULT_DENIED, errorData, accessMsg)
outputCallback = outputCallbackDict['default'] outputCallback = outputCallbackDict['default']
if 'outputType' in outDict: if 'outputType' in outDict:
......
...@@ -141,7 +141,7 @@ class Show(dict): ...@@ -141,7 +141,7 @@ class Show(dict):
else: else:
# If it's not numeric, it must be an attribute name, which # If it's not numeric, it must be an attribute name, which
# doesn't exist, so attribute error. # doesn't exist, so attribute error.
raise tvdb_attributenotfound("Cannot find attribute {}".format(repr(key))) raise tvdb_attributenotfound("Cannot find show attribute {}".format(repr(key)))
def airedOn(self, date): def airedOn(self, date):
ret = self.search(str(date), 'firstaired') ret = self.search(str(date), 'firstaired')
...@@ -210,7 +210,7 @@ class Season(dict): ...@@ -210,7 +210,7 @@ class Season(dict):
if key and (isinstance(key, int) or key.isdigit()): if key and (isinstance(key, int) or key.isdigit()):
raise tvdb_episodenotfound("Could not find episode {}".format(repr(key))) raise tvdb_episodenotfound("Could not find episode {}".format(repr(key)))
else: else:
raise tvdb_attributenotfound("Cannot find attribute {}".format(repr(key))) raise tvdb_attributenotfound("Cannot find season attribute {}".format(repr(key)))
def search(self, term=None, key=None): def search(self, term=None, key=None):
"""Search all episodes in season, returns a list of matching Episode """Search all episodes in season, returns a list of matching Episode
...@@ -247,7 +247,7 @@ class Episode(dict): ...@@ -247,7 +247,7 @@ class Episode(dict):
try: try:
return dict.__getitem__(self, key) return dict.__getitem__(self, key)
except KeyError: except KeyError:
raise tvdb_attributenotfound("Cannot find attribute {}".format(repr(key))) raise tvdb_attributenotfound("Cannot find episode attribute {}".format(repr(key)))
def search(self, term=None, key=None): def search(self, term=None, key=None):
"""Search episode data for term, if it matches, return the Episode (self). """Search episode data for term, if it matches, return the Episode (self).
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment