diff options
author | Yorhel <git@yorhel.nl> | 2010-12-05 11:38:12 +0100 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2010-12-05 11:38:12 +0100 |
commit | 0f49a06b76e88f07f79b3623d6bd177892b91d72 (patch) | |
tree | 6ebbfab73f5917ddef8f0dd38c46539e2603bb22 | |
parent | 5f84950274d625b01ee1211f2f8a99ddbb5e7cbc (diff) |
API: Allow the API to be used without logging in with a username/password
It only served to scare potential developers away.
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | data/docs/11 | 10 | ||||
-rw-r--r-- | lib/Multi/API.pm | 23 | ||||
-rw-r--r-- | lib/Multi/IRC.pm | 2 |
4 files changed, 25 insertions, 11 deletions
@@ -7,6 +7,7 @@ - API: Added "orig_lang" member and filter to the "get vn .." command - API: Throttle the commands and sqltime per IP instead of per user - API: Removed the limit on the number of open sessions per user + - API: Allow the API to be used without logging in with a username/password 2.14 - 2010-11-28 - Improved filter selection interface for the release and VN browser diff --git a/data/docs/11 b/data/docs/11 index 8fca395c..f196a8f2 100644 --- a/data/docs/11 +++ b/data/docs/11 @@ -212,7 +212,7 @@ however still required.<br /> </pre> <p> Every client is required to login before issuing other commands. The login - command accepts a JSON object as argument. This object must have the following members: + command accepts a JSON object as argument. This object has the following members: </p> <dl> <dt>protocol</dt><dd>An integer that indicates which protocol version the client implements. Must be 1.</dd> @@ -222,11 +222,14 @@ however still required.<br /> When writing a client, think of a funny (unique) name and hardcode it into your application. </dd><dt>clientver</dt><dd>A number or string indicating the software version of the client.</dd> - <dt>username</dt><dd>String containing the username of the person using the client.</dd> - <dt>password</dt><dd>String, password of that user in plain text.</dd> + <dt>username</dt><dd>(optional) String containing the username of the person using the client.</dd> + <dt>password</dt><dd>(optional) String, password of that user in plain text.</dd> </dl> <p> The server replies with either 'ok' (no arguments), or 'error' (see below). + Note that logging in using a username or password is optional. While currently + there is no difference between anonymous and user logins, future features may + only be available when logged in with a username. </p> @@ -937,6 +940,7 @@ however still required.<br /> <li>Added "orig_lang" member and filter to the "get vn .." command</li> <li>Throttle the commands and sqltime per IP instead of per user</li> <li>Removed the limit on the number of open sessions per user</li> + <li>Allow the API to be used without logging in with a username/password</li> </ul> <b>2.12</b> <ul> diff --git a/lib/Multi/API.pm b/lib/Multi/API.pm index 6b3bd19c..1f16f29f 100644 --- a/lib/Multi/API.pm +++ b/lib/Multi/API.pm @@ -377,18 +377,27 @@ sub login { $arg = $arg->[0]; return cerr $c, loggedin => 'Already logged in, please reconnect to start a new session' if $c->{client}; for (qw|protocol client clientver username password|) { - !exists $arg->{$_} && return cerr $c, missing => "Required field '$_' is missing", field => $_; - !defined $arg->{$_} && return cerr $c, badarg => "Field '$_' cannot be null", field => $_; + $_ ne "username" && $_ ne "password" && !exists $arg->{$_} && return cerr $c, missing => "Required field '$_' is missing", field => $_; + exists $arg->{$_} && !defined $arg->{$_} && return cerr $c, badarg => "Field '$_' cannot be null", field => $_; # note that 'true' and 'false' are also refs - ref $arg->{$_} && return cerr $c, badarg => "Field '$_' must be a scalar", field => $_; + exists $arg->{$_} && ref $arg->{$_} && return cerr $c, badarg => "Field '$_' must be a scalar", field => $_; } return cerr $c, badarg => 'Unknown protocol version', field => 'protocol' if $arg->{protocol} ne '1'; + return cerr $c, badarg => 'The fields "username" and "password" must either both be present or both be missing.', field => 'username' + if $arg->{username} && !$arg->{password} || $arg->{password} && !$arg->{username}; return cerr $c, badarg => 'Invalid client name', field => 'client' if $arg->{client} !~ /^[a-zA-Z0-9 _-]{3,50}$/; return cerr $c, badarg => 'Invalid client version', field => 'clientver' if $arg->{clientver} !~ /^[a-zA-Z0-9_.\/-]{1,25}$/; - # fetch user info - $_[KERNEL]->post(pg => query => "SELECT rank, salt, encode(passwd, 'hex') as passwd FROM users WHERE username = ?", - [ $arg->{username} ], 'login_res', [ $c, $arg ]); + if($arg->{username}) { + # fetch user info + $_[KERNEL]->post(pg => query => "SELECT rank, salt, encode(passwd, 'hex') as passwd FROM users WHERE username = ?", + [ $arg->{username} ], 'login_res', [ $c, $arg ]); + } else { + $c->{client} = $arg->{client}; + $c->{clientver} = $arg->{clientver}; + $c->{wheel}->put(['ok']); + $_[KERNEL]->yield(log => $c, 'Login using client "%s" ver. %s', $arg->{client}, $arg->{clientver}); + } } @@ -834,7 +843,7 @@ sub admin { id => $_, (map +($_, $c->{$_}), qw|username ip client clientver connected cmds cmd_err|) }; - if($c->{username}) { + if($c->{client}) { $r->{t_cmd} = ($c->{throttle}[0]-time())/$_[HEAP]{throttle_cmd}[0]; $r->{t_sql} = ($c->{throttle}[1]-time())/$_[HEAP]{throttle_sql}[0]; $r->{t_cmd} = 0 if $r->{t_cmd} < 0; diff --git a/lib/Multi/IRC.pm b/lib/Multi/IRC.pm index bce8f934..75b4f7c4 100644 --- a/lib/Multi/IRC.pm +++ b/lib/Multi/IRC.pm @@ -498,7 +498,7 @@ sub cmd_api { my $lst = $_[KERNEL]->call(api => admin => 'list'); return $_[KERNEL]->yield(reply => $_[DEST], 'Nobody connected.') if !@$lst; $_[KERNEL]->yield(reply => $_[DEST], sprintf '%3d %15s %s%s', $_->{id}, $_->{ip}, age(time-$_->{connected}), - !$_->{username} ? '' : sprintf ' - %s (%s %s) C/E: %d/%d T: %.2f/%.2f', $_->{username}, + !$_->{client} ? '' : sprintf ' - %s (%s %s) C/E: %d/%d T: %.2f/%.2f', ($_->{username}||'-'), $_->{client}, $_->{clientver}, $_->{cmds}, $_->{cmd_err}, $_->{t_cmd}, $_->{t_sql}) for (sort { $a->{ip} cmp $b->{ip} } @$lst); } |