50 lines
2 KiB
Python
50 lines
2 KiB
Python
import logging
|
|
|
|
from twisted.web import server, guard, resource
|
|
from twisted.cred import portal
|
|
|
|
from lbrynet import conf
|
|
from lbrynet.extras.daemon.auth.auth import PasswordChecker, HttpPasswordRealm
|
|
from lbrynet.extras.daemon.auth.keyring import Keyring
|
|
|
|
log = logging.getLogger(__name__)
|
|
|
|
|
|
class HTTPJSONRPCFactory(server.Site):
|
|
def __init__(self, resource, keyring, requestFactory=None, *args, **kwargs):
|
|
super().__init__(resource, requestFactory=requestFactory, *args, **kwargs)
|
|
self.use_ssl = False
|
|
|
|
|
|
class HTTPSJSONRPCFactory(server.Site):
|
|
def __init__(self, resource, keyring, requestFactory=None, *args, **kwargs):
|
|
super().__init__(resource, requestFactory=requestFactory, *args, **kwargs)
|
|
self.options = keyring.private_certificate.options()
|
|
self.use_ssl = True
|
|
|
|
|
|
class AuthJSONRPCResource(resource.Resource):
|
|
def __init__(self, protocol):
|
|
resource.Resource.__init__(self)
|
|
self.putChild(b"", protocol)
|
|
self.putChild(conf.settings['API_ADDRESS'].encode(), protocol)
|
|
|
|
def getChild(self, name, request):
|
|
request.setHeader('cache-control', 'no-cache, no-store, must-revalidate')
|
|
request.setHeader('expires', '0')
|
|
return self if name == '' else resource.Resource.getChild(self, name, request)
|
|
|
|
def getServerFactory(self, keyring: Keyring, use_authentication: bool, use_https: bool) -> server.Site:
|
|
factory_class = HTTPSJSONRPCFactory if use_https else HTTPJSONRPCFactory
|
|
if use_authentication:
|
|
log.info("Using authenticated API")
|
|
checker = PasswordChecker(keyring)
|
|
realm = HttpPasswordRealm(self)
|
|
portal_to_realm = portal.Portal(realm, [checker, ])
|
|
root = guard.HTTPAuthSessionWrapper(
|
|
portal_to_realm, [guard.BasicCredentialFactory(b'Login to lbrynet api'), ]
|
|
)
|
|
else:
|
|
log.info("Using non-authenticated API")
|
|
root = self
|
|
return factory_class(root, keyring)
|