summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2010-12-05 11:38:12 +0100
committerYorhel <git@yorhel.nl>2010-12-05 11:38:12 +0100
commit0f49a06b76e88f07f79b3623d6bd177892b91d72 (patch)
tree6ebbfab73f5917ddef8f0dd38c46539e2603bb22
parent5f84950274d625b01ee1211f2f8a99ddbb5e7cbc (diff)
API: Allow the API to be used without logging in with a username/password
It only served to scare potential developers away.
-rw-r--r--ChangeLog1
-rw-r--r--data/docs/1110
-rw-r--r--lib/Multi/API.pm23
-rw-r--r--lib/Multi/IRC.pm2
4 files changed, 25 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index d6d2778f..368c9225 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,7 @@
- API: Added "orig_lang" member and filter to the "get vn .." command
- API: Throttle the commands and sqltime per IP instead of per user
- API: Removed the limit on the number of open sessions per user
+ - API: Allow the API to be used without logging in with a username/password
2.14 - 2010-11-28
- Improved filter selection interface for the release and VN browser
diff --git a/data/docs/11 b/data/docs/11
index 8fca395c..f196a8f2 100644
--- a/data/docs/11
+++ b/data/docs/11
@@ -212,7 +212,7 @@ however still required.<br />
</pre>
<p>
Every client is required to login before issuing other commands. The login
- command accepts a JSON object as argument. This object must have the following members:
+ command accepts a JSON object as argument. This object has the following members:
</p>
<dl>
<dt>protocol</dt><dd>An integer that indicates which protocol version the client implements. Must be 1.</dd>
@@ -222,11 +222,14 @@ however still required.<br />
When writing a client, think of a funny (unique) name and hardcode it into
your application.
</dd><dt>clientver</dt><dd>A number or string indicating the software version of the client.</dd>
- <dt>username</dt><dd>String containing the username of the person using the client.</dd>
- <dt>password</dt><dd>String, password of that user in plain text.</dd>
+ <dt>username</dt><dd>(optional) String containing the username of the person using the client.</dd>
+ <dt>password</dt><dd>(optional) String, password of that user in plain text.</dd>
</dl>
<p>
The server replies with either 'ok' (no arguments), or 'error' (see below).
+ Note that logging in using a username or password is optional. While currently
+ there is no difference between anonymous and user logins, future features may
+ only be available when logged in with a username.
</p>
@@ -937,6 +940,7 @@ however still required.<br />
<li>Added "orig_lang" member and filter to the "get vn .." command</li>
<li>Throttle the commands and sqltime per IP instead of per user</li>
<li>Removed the limit on the number of open sessions per user</li>
+ <li>Allow the API to be used without logging in with a username/password</li>
</ul>
<b>2.12</b>
<ul>
diff --git a/lib/Multi/API.pm b/lib/Multi/API.pm
index 6b3bd19c..1f16f29f 100644
--- a/lib/Multi/API.pm
+++ b/lib/Multi/API.pm
@@ -377,18 +377,27 @@ sub login {
$arg = $arg->[0];
return cerr $c, loggedin => 'Already logged in, please reconnect to start a new session' if $c->{client};
for (qw|protocol client clientver username password|) {
- !exists $arg->{$_} && return cerr $c, missing => "Required field '$_' is missing", field => $_;
- !defined $arg->{$_} && return cerr $c, badarg => "Field '$_' cannot be null", field => $_;
+ $_ ne "username" && $_ ne "password" && !exists $arg->{$_} && return cerr $c, missing => "Required field '$_' is missing", field => $_;
+ exists $arg->{$_} && !defined $arg->{$_} && return cerr $c, badarg => "Field '$_' cannot be null", field => $_;
# note that 'true' and 'false' are also refs
- ref $arg->{$_} && return cerr $c, badarg => "Field '$_' must be a scalar", field => $_;
+ exists $arg->{$_} && ref $arg->{$_} && return cerr $c, badarg => "Field '$_' must be a scalar", field => $_;
}
return cerr $c, badarg => 'Unknown protocol version', field => 'protocol' if $arg->{protocol} ne '1';
+ return cerr $c, badarg => 'The fields "username" and "password" must either both be present or both be missing.', field => 'username'
+ if $arg->{username} && !$arg->{password} || $arg->{password} && !$arg->{username};
return cerr $c, badarg => 'Invalid client name', field => 'client' if $arg->{client} !~ /^[a-zA-Z0-9 _-]{3,50}$/;
return cerr $c, badarg => 'Invalid client version', field => 'clientver' if $arg->{clientver} !~ /^[a-zA-Z0-9_.\/-]{1,25}$/;
- # fetch user info
- $_[KERNEL]->post(pg => query => "SELECT rank, salt, encode(passwd, 'hex') as passwd FROM users WHERE username = ?",
- [ $arg->{username} ], 'login_res', [ $c, $arg ]);
+ if($arg->{username}) {
+ # fetch user info
+ $_[KERNEL]->post(pg => query => "SELECT rank, salt, encode(passwd, 'hex') as passwd FROM users WHERE username = ?",
+ [ $arg->{username} ], 'login_res', [ $c, $arg ]);
+ } else {
+ $c->{client} = $arg->{client};
+ $c->{clientver} = $arg->{clientver};
+ $c->{wheel}->put(['ok']);
+ $_[KERNEL]->yield(log => $c, 'Login using client "%s" ver. %s', $arg->{client}, $arg->{clientver});
+ }
}
@@ -834,7 +843,7 @@ sub admin {
id => $_,
(map +($_, $c->{$_}), qw|username ip client clientver connected cmds cmd_err|)
};
- if($c->{username}) {
+ if($c->{client}) {
$r->{t_cmd} = ($c->{throttle}[0]-time())/$_[HEAP]{throttle_cmd}[0];
$r->{t_sql} = ($c->{throttle}[1]-time())/$_[HEAP]{throttle_sql}[0];
$r->{t_cmd} = 0 if $r->{t_cmd} < 0;
diff --git a/lib/Multi/IRC.pm b/lib/Multi/IRC.pm
index bce8f934..75b4f7c4 100644
--- a/lib/Multi/IRC.pm
+++ b/lib/Multi/IRC.pm
@@ -498,7 +498,7 @@ sub cmd_api {
my $lst = $_[KERNEL]->call(api => admin => 'list');
return $_[KERNEL]->yield(reply => $_[DEST], 'Nobody connected.') if !@$lst;
$_[KERNEL]->yield(reply => $_[DEST], sprintf '%3d %15s %s%s', $_->{id}, $_->{ip}, age(time-$_->{connected}),
- !$_->{username} ? '' : sprintf ' - %s (%s %s) C/E: %d/%d T: %.2f/%.2f', $_->{username},
+ !$_->{client} ? '' : sprintf ' - %s (%s %s) C/E: %d/%d T: %.2f/%.2f', ($_->{username}||'-'),
$_->{client}, $_->{clientver}, $_->{cmds}, $_->{cmd_err}, $_->{t_cmd}, $_->{t_sql})
for (sort { $a->{ip} cmp $b->{ip} } @$lst);
}