fix: #47 支持配置基础的BaseAuth登录

2024-06-23 07:06:42 +00:00 · 2024-06-23 07:06:42 +00:00 · b2edaf48e4
commit b2edaf48e4
parent 33e02cee82
6 changed files with 49 additions and 7 deletions
--- a/.gitignore
+++ b/.gitignore
@ -164,3 +164,4 @@ cython_debug/
 ffmpeg
 music
 test.sh
+conf
--- a/pdm.lock
+++ b/pdm.lock
@ -5,7 +5,7 @@
 groups = ["default", "lint"]
 strategy = ["cross_platform"]
 lock_version = "4.4.1"
-content_hash = "sha256:38bae754be83ffca7d688fc4e1daf0964709d202d651c6c865ff56c1b8332caa"
+content_hash = "sha256:813253734c7d7835a76cd87fe8fe0329e02ad067f535aee6a9e11cb106569dd2"

 [[package]]
 name = "aiohttp"
@ -356,6 +356,18 @@ files = [
    {file = "flask-3.0.3.tar.gz", hash = "sha256:ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842"},
 ]

+[[package]]
+name = "flask-httpauth"
+version = "4.8.0"
+summary = "HTTP authentication for Flask routes"
+dependencies = [
+    "flask",
+]
+files = [
+    {file = "Flask-HTTPAuth-4.8.0.tar.gz", hash = "sha256:66568a05bc73942c65f1e2201ae746295816dc009edd84b482c44c758d75097a"},
+    {file = "Flask_HTTPAuth-4.8.0-py3-none-any.whl", hash = "sha256:a58fedd09989b9975448eef04806b096a3964a7feeebc0a78831ff55685b62b0"},
+]
+
 [[package]]
 name = "flask"
 version = "3.0.3"
--- a/pyproject.toml
+++ b/pyproject.toml
@ -13,6 +13,7 @@ dependencies = [
    "yt-dlp>=2024.04.09",
    "flask[async]>=3.0.1",
    "waitress>=3.0.0",
+    "flask-HTTPAuth>=4.8.0",
 ]
 requires-python = ">=3.10"
 readme = "README.md"
--- a/requirements.txt
+++ b/requirements.txt
@ -223,6 +223,9 @@ colorama==0.4.6; platform_system == "Windows" \
 flask==3.0.3 \
    --hash=sha256:34e815dfaa43340d1d15a5c3a02b8476004037eb4840b34910c6e21679d288f3 \
    --hash=sha256:ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842
+flask-HTTPAuth==4.8.0 \
+    --hash=sha256:66568a05bc73942c65f1e2201ae746295816dc009edd84b482c44c758d75097a \
+    --hash=sha256:a58fedd09989b9975448eef04806b096a3964a7feeebc0a78831ff55685b62b0
 frozenlist==1.4.0 \
    --hash=sha256:008eb8b31b3ea6896da16c38c1b136cb9fec9e249e77f6211d479db79a4eaf01 \
    --hash=sha256:09163bdf0b2907454042edb19f887c6d33806adc71fbd54afc14908bfdc22251 \
--- a/xiaomusic/config.py
+++ b/xiaomusic/config.py
@ -98,6 +98,11 @@ class Config:
    active_cmd: str = os.getenv("XIAOMUSIC_ACTIVE_CMD", "play,random_play")
    exclude_dirs: str = os.getenv("XIAOMUSIC_EXCLUDE_DIRS", "@eaDir")
    music_path_depth: int = int(os.getenv("XIAOMUSIC_MUSIC_PATH_DEPTH", "10"))
+    disable_httpauth: bool = (
+        os.getenv("XIAOMUSIC_DISABLE_HTTPAUTH", "true").lower() == "true"
+    )
+    httpauth_username: str = os.getenv("XIAOMUSIC_HTTPAUTH_USERNAME", "admin")
+    httpauth_password: str = os.getenv("XIAOMUSIC_HTTPAUTH_PASSWORD", "admin")

    def __post_init__(self) -> None:
        if self.proxy:
--- a/xiaomusic/httpserver.py
+++ b/xiaomusic/httpserver.py
@ -3,6 +3,7 @@ import os
 from threading import Thread

 from flask import Flask, request, send_from_directory
+from flask_httpauth import HTTPBasicAuth
 from waitress import serve

 from xiaomusic import (
@ -12,12 +13,9 @@ from xiaomusic.config import (
    KEY_WORD_DICT,
 )

-# 隐藏 flask 启动告警
-# https://gist.github.com/jerblack/735b9953ba1ab6234abb43174210d356
-# from flask import cli
-# cli.show_server_banner = lambda *_: None
-
 app = Flask(__name__)
+auth = HTTPBasicAuth()
+
 host = "0.0.0.0"
 port = 8090
 static_path = "music"
@ -25,7 +23,20 @@ xiaomusic = None
 log = None


+@auth.verify_password
+def verify_password(username, password):
+    if xiaomusic.config.disable_httpauth:
+        return True
+
+    if (
+        xiaomusic.config.httpauth_username == username
+        and xiaomusic.config.httpauth_password == password
+    ):
+        return username
+
+
@app.route("/allcmds")
+@auth.login_required
 def allcmds():
    return KEY_WORD_DICT

@ -39,6 +50,7 @@ def getversion():


@app.route("/getvolume", methods=["GET"])
+@auth.login_required
 def getvolume():
    volume = xiaomusic.get_volume_ret()
    return {
@ -47,22 +59,25 @@ def getvolume():


@app.route("/searchmusic", methods=["GET"])
+@auth.login_required
 def searchmusic():
    name = request.args.get("name")
    return xiaomusic.searchmusic(name)


@app.route("/playingmusic", methods=["GET"])
+@auth.login_required
 def playingmusic():
    return xiaomusic.playingmusic()


@app.route("/", methods=["GET"])
-def redirect_to_index():
+def index():
    return send_from_directory("static", "index.html")


@app.route("/cmd", methods=["POST"])
+@auth.login_required
 async def do_cmd():
    data = request.get_json()
    cmd = data.get("cmd")
@ -74,6 +89,7 @@ async def do_cmd():


@app.route("/getsetting", methods=["GET"])
+@auth.login_required
 async def getsetting():
    config = xiaomusic.getconfig()
    log.debug(config)
@ -92,6 +108,7 @@ async def getsetting():


@app.route("/savesetting", methods=["POST"])
+@auth.login_required
 async def savesetting():
    data = request.get_json()
    log.info(data)
@ -100,16 +117,19 @@ async def savesetting():


@app.route("/musiclist", methods=["GET"])
+@auth.login_required
 async def musiclist():
    return xiaomusic.get_music_list()


@app.route("/curplaylist", methods=["GET"])
+@auth.login_required
 async def curplaylist():
    return xiaomusic.get_cur_play_list()


@app.route("/delmusic", methods=["POST"])
+@auth.login_required
 def delmusic():
    data = request.get_json()
    log.info(data)