From b2edaf48e441f785852b7d452aed38aca3d6cc7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=B6=B5=E6=9B=A6?= Date: Sun, 23 Jun 2024 07:06:42 +0000 Subject: [PATCH] =?UTF-8?q?fix:=20#47=20=E6=94=AF=E6=8C=81=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E5=9F=BA=E7=A1=80=E7=9A=84BaseAuth=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 1 + pdm.lock | 14 +++++++++++++- pyproject.toml | 1 + requirements.txt | 3 +++ xiaomusic/config.py | 5 +++++ xiaomusic/httpserver.py | 32 ++++++++++++++++++++++++++------ 6 files changed, 49 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index de33f45..55e15eb 100644 --- a/.gitignore +++ b/.gitignore @@ -164,3 +164,4 @@ cython_debug/ ffmpeg music test.sh +conf diff --git a/pdm.lock b/pdm.lock index f03b6af..97fe60a 100644 --- a/pdm.lock +++ b/pdm.lock @@ -5,7 +5,7 @@ groups = ["default", "lint"] strategy = ["cross_platform"] lock_version = "4.4.1" -content_hash = "sha256:38bae754be83ffca7d688fc4e1daf0964709d202d651c6c865ff56c1b8332caa" +content_hash = "sha256:813253734c7d7835a76cd87fe8fe0329e02ad067f535aee6a9e11cb106569dd2" [[package]] name = "aiohttp" @@ -356,6 +356,18 @@ files = [ {file = "flask-3.0.3.tar.gz", hash = "sha256:ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842"}, ] +[[package]] +name = "flask-httpauth" +version = "4.8.0" +summary = "HTTP authentication for Flask routes" +dependencies = [ + "flask", +] +files = [ + {file = "Flask-HTTPAuth-4.8.0.tar.gz", hash = "sha256:66568a05bc73942c65f1e2201ae746295816dc009edd84b482c44c758d75097a"}, + {file = "Flask_HTTPAuth-4.8.0-py3-none-any.whl", hash = "sha256:a58fedd09989b9975448eef04806b096a3964a7feeebc0a78831ff55685b62b0"}, +] + [[package]] name = "flask" version = "3.0.3" diff --git a/pyproject.toml b/pyproject.toml index 1fed90a..bef943d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -13,6 +13,7 @@ dependencies = [ "yt-dlp>=2024.04.09", "flask[async]>=3.0.1", "waitress>=3.0.0", + "flask-HTTPAuth>=4.8.0", ] requires-python = ">=3.10" readme = "README.md" diff --git a/requirements.txt b/requirements.txt index b26d62e..7600f07 100644 --- a/requirements.txt +++ b/requirements.txt @@ -223,6 +223,9 @@ colorama==0.4.6; platform_system == "Windows" \ flask==3.0.3 \ --hash=sha256:34e815dfaa43340d1d15a5c3a02b8476004037eb4840b34910c6e21679d288f3 \ --hash=sha256:ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842 +flask-HTTPAuth==4.8.0 \ + --hash=sha256:66568a05bc73942c65f1e2201ae746295816dc009edd84b482c44c758d75097a \ + --hash=sha256:a58fedd09989b9975448eef04806b096a3964a7feeebc0a78831ff55685b62b0 frozenlist==1.4.0 \ --hash=sha256:008eb8b31b3ea6896da16c38c1b136cb9fec9e249e77f6211d479db79a4eaf01 \ --hash=sha256:09163bdf0b2907454042edb19f887c6d33806adc71fbd54afc14908bfdc22251 \ diff --git a/xiaomusic/config.py b/xiaomusic/config.py index 95f37f5..8ae0359 100644 --- a/xiaomusic/config.py +++ b/xiaomusic/config.py @@ -98,6 +98,11 @@ class Config: active_cmd: str = os.getenv("XIAOMUSIC_ACTIVE_CMD", "play,random_play") exclude_dirs: str = os.getenv("XIAOMUSIC_EXCLUDE_DIRS", "@eaDir") music_path_depth: int = int(os.getenv("XIAOMUSIC_MUSIC_PATH_DEPTH", "10")) + disable_httpauth: bool = ( + os.getenv("XIAOMUSIC_DISABLE_HTTPAUTH", "true").lower() == "true" + ) + httpauth_username: str = os.getenv("XIAOMUSIC_HTTPAUTH_USERNAME", "admin") + httpauth_password: str = os.getenv("XIAOMUSIC_HTTPAUTH_PASSWORD", "admin") def __post_init__(self) -> None: if self.proxy: diff --git a/xiaomusic/httpserver.py b/xiaomusic/httpserver.py index 033e276..5150659 100644 --- a/xiaomusic/httpserver.py +++ b/xiaomusic/httpserver.py @@ -3,6 +3,7 @@ import os from threading import Thread from flask import Flask, request, send_from_directory +from flask_httpauth import HTTPBasicAuth from waitress import serve from xiaomusic import ( @@ -12,12 +13,9 @@ from xiaomusic.config import ( KEY_WORD_DICT, ) -# 隐藏 flask 启动告警 -# https://gist.github.com/jerblack/735b9953ba1ab6234abb43174210d356 -# from flask import cli -# cli.show_server_banner = lambda *_: None - app = Flask(__name__) +auth = HTTPBasicAuth() + host = "0.0.0.0" port = 8090 static_path = "music" @@ -25,7 +23,20 @@ xiaomusic = None log = None +@auth.verify_password +def verify_password(username, password): + if xiaomusic.config.disable_httpauth: + return True + + if ( + xiaomusic.config.httpauth_username == username + and xiaomusic.config.httpauth_password == password + ): + return username + + @app.route("/allcmds") +@auth.login_required def allcmds(): return KEY_WORD_DICT @@ -39,6 +50,7 @@ def getversion(): @app.route("/getvolume", methods=["GET"]) +@auth.login_required def getvolume(): volume = xiaomusic.get_volume_ret() return { @@ -47,22 +59,25 @@ def getvolume(): @app.route("/searchmusic", methods=["GET"]) +@auth.login_required def searchmusic(): name = request.args.get("name") return xiaomusic.searchmusic(name) @app.route("/playingmusic", methods=["GET"]) +@auth.login_required def playingmusic(): return xiaomusic.playingmusic() @app.route("/", methods=["GET"]) -def redirect_to_index(): +def index(): return send_from_directory("static", "index.html") @app.route("/cmd", methods=["POST"]) +@auth.login_required async def do_cmd(): data = request.get_json() cmd = data.get("cmd") @@ -74,6 +89,7 @@ async def do_cmd(): @app.route("/getsetting", methods=["GET"]) +@auth.login_required async def getsetting(): config = xiaomusic.getconfig() log.debug(config) @@ -92,6 +108,7 @@ async def getsetting(): @app.route("/savesetting", methods=["POST"]) +@auth.login_required async def savesetting(): data = request.get_json() log.info(data) @@ -100,16 +117,19 @@ async def savesetting(): @app.route("/musiclist", methods=["GET"]) +@auth.login_required async def musiclist(): return xiaomusic.get_music_list() @app.route("/curplaylist", methods=["GET"]) +@auth.login_required async def curplaylist(): return xiaomusic.get_cur_play_list() @app.route("/delmusic", methods=["POST"]) +@auth.login_required def delmusic(): data = request.get_json() log.info(data)