From: Chris Hofstaedtler Date: Fri, 15 Feb 2019 21:06:24 +0000 (+0100) Subject: Webserver: simplify access to apikey/password X-Git-Tag: dnsdist-1.4.0-beta1~17^2~2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7579a7b9f61d6355bbdb600bee35ea39b1ccc9ef;p=pdns Webserver: simplify access to apikey/password --- diff --git a/pdns/webserver.cc b/pdns/webserver.cc index a168559e1..5c221d1e7 100644 --- a/pdns/webserver.cc +++ b/pdns/webserver.cc @@ -125,16 +125,17 @@ static bool optionsHandler(HttpRequest* req, HttpResponse* resp) { return false; } -static void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp, const string &apikey) { +void WebServer::apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp) { if (optionsHandler(req, resp)) return; resp->headers["access-control-allow-origin"] = "*"; - if (apikey.empty()) { + if (d_apikey.empty()) { g_log<logprefix<<"HTTP API Request \"" << req->url.path << "\": Authentication failed, API Key missing in config" << endl; throw HttpUnauthorizedException("X-API-Key"); } - bool auth_ok = req->compareHeader("x-api-key", apikey) || req->getvars["api-key"] == apikey; + + bool auth_ok = req->compareHeader("x-api-key", d_apikey) || req->getvars["api-key"] == d_apikey; if (!auth_ok) { g_log<logprefix<<"HTTP Request \"" << req->url.path << "\": Authentication by API Key failed" << endl; @@ -170,14 +171,13 @@ static void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, Htt } void WebServer::registerApiHandler(const string& url, HandlerFunction handler) { - HandlerFunction f = boost::bind(&apiWrapper, handler, _1, _2, d_apikey); + HandlerFunction f = boost::bind(&WebServer::apiWrapper, this, handler, _1, _2); registerBareHandler(url, f); - d_registerApiHandlerCalled = true; } -static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp, const string &password) { - if (!password.empty()) { - bool auth_ok = req->compareAuthorization(password); +void WebServer::webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp) { + if (!d_webserverPassword.empty()) { + bool auth_ok = req->compareAuthorization(d_webserverPassword); if (!auth_ok) { g_log<logprefix<<"HTTP Request \"" << req->url.path << "\": Web Authentication failed" << endl; throw HttpUnauthorizedException("Basic"); @@ -188,7 +188,7 @@ static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, Htt } void WebServer::registerWebHandler(const string& url, HandlerFunction handler) { - HandlerFunction f = boost::bind(&webWrapper, handler, _1, _2, d_webserverPassword); + HandlerFunction f = boost::bind(&WebServer::webWrapper, this, handler, _1, _2); registerBareHandler(url, f); } diff --git a/pdns/webserver.hh b/pdns/webserver.hh index 500f15704..e7d94b948 100644 --- a/pdns/webserver.hh +++ b/pdns/webserver.hh @@ -158,16 +158,10 @@ public: virtual ~WebServer() { }; void setApiKey(const string &apikey) { - if (d_registerApiHandlerCalled) { - throw PDNSException("registerApiHandler has been called, can not change apikey"); - } d_apikey = apikey; } void setPassword(const string &password) { - if (d_registerWebHandlerCalled) { - throw PDNSException("registerWebHandler has been called, can not change password"); - } d_webserverPassword = password; } @@ -233,10 +227,9 @@ protected: std::shared_ptr d_server; std::string d_apikey; - bool d_registerApiHandlerCalled{false}; - + void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp); std::string d_webserverPassword; - bool d_registerWebHandlerCalled{false}; + void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp); NetmaskGroup d_acl;