agatha/maubot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow access to /features endpoint without login

Browse Source
This commit is contained in:
Tulir Asokan 2019-01-07 08:13:27 +02:00
parent a9ffaed51f
commit 400c9aaebc
5 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
maubot/management/api/__init__.py
View File

@ -19,12 +19,20 @@ import importlib
from ...config import Config from ...config import Config
from .base import routes, get_config, set_config, set_loop from .base import routes, get_config, set_config, set_loop
from .auth import check_token
from .middleware import auth, error from .middleware import auth, error
@routes.get("/features") @routes.get("/features")
def features(_: web.Request) -> web.Response: def features(request: web.Request) -> web.Response:
return web.json_response(get_config()["api_features"]) data = get_config()["api_features"]
err = check_token(request)
if err is None:
return web.json_response(data)
else:
return web.json_response({
"login": data["login"],
})
def init(cfg: Config, loop: AbstractEventLoop) -> web.Application: def init(cfg: Config, loop: AbstractEventLoop) -> web.Application:

2
maubot/management/api/auth.py
View File

@ -69,4 +69,4 @@ async def ping(request: web.Request) -> web.Response:
user = data.get("user_id", None) user = data.get("user_id", None)
if not get_config().is_admin(user): if not get_config().is_admin(user):
return resp.invalid_token return resp.invalid_token
return resp.pong(user) return resp.pong(user, get_config()["api_features"])

2
maubot/management/api/middleware.py
View File

@ -29,7 +29,7 @@ log = logging.getLogger("maubot.server")
@web.middleware @web.middleware
async def auth(request: web.Request, handler: Handler) -> web.Response: async def auth(request: web.Request, handler: Handler) -> web.Response:
subpath = request.path[len(get_config()["server.base_path"]):] subpath = request.path[len(get_config()["server.base_path"]):]
if subpath.startswith("/auth/") or subpath == "/logs": if subpath.startswith("/auth/") or subpath == "/features" or subpath == "/logs":
return await handler(request) return await handler(request)
err = check_token(request) err = check_token(request)
if err is not None: if err is not None:

3
maubot/management/api/responses.py
View File

@ -294,9 +294,10 @@ class _Response:
"token": token, "token": token,
}) })
def pong(self, user: str) -> web.Response: def pong(self, user: str, features: dict) -> web.Response:
return self.found({ return self.found({
"username": user, "username": user,
"features": features,
}) })
@staticmethod @staticmethod

4
maubot/management/frontend/src/api.js
View File

@ -64,15 +64,13 @@ export async function login(username, password) {
let features = null let features = null
export async function ping() { export async function ping() {
if (!features) {
await remoteGetFeatures()
}
const response = await fetch(`${BASE_PATH}/auth/ping`, { const response = await fetch(`${BASE_PATH}/auth/ping`, {
method: "POST", method: "POST",
headers: getHeaders(), headers: getHeaders(),
}) })
const json = await response.json() const json = await response.json()
if (json.username) { if (json.username) {
features = json.features
return json.username return json.username
} else if (json.errcode === "auth_token_missing" || json.errcode === "auth_token_invalid") { } else if (json.errcode === "auth_token_missing" || json.errcode === "auth_token_invalid") {
return null return null