Skip to content
Snippets Groups Projects
Select Git revision
  • Keunes-stable-patch-91132
  • Keunes-stable-patch-11152
  • stable
  • 1659-following-rss-feed-is-broken
  • renovate/configure
  • develop default protected
  • pipenv
  • master
  • generate-swagger
  • 1645
  • 1288-user-me-can-be-created-but-cannot-be-edited
  • 623-test
  • 1218-smartplaylist_backend
  • 653-enable-starting-embedded-player-at-a-specific-position-in-track
  • 1381-progress-bars
  • 1515-update-click
  • update-uvicorn
  • update-boto3
  • 1518-update-django-allauth
  • 1434-update-pyld
  • 1.2.0
  • 1.2.0-rc2
  • 1.2.0-rc1
  • 1.2.0-testing4
  • 1.2.0-testing3
  • 1.2.0-testing2
  • 1.2.0-testing
  • 1.1.4
  • 1.1.3
  • 1.1.2
  • 1.1.1
  • 1.1
  • 1.1-rc2
  • 1.1-rc1
  • 1.0.1
  • 1.0
  • 1.0-rc1
  • 0.21.2
  • 0.21.1
  • 0.21
40 results

authentication.py

Blame
    • Forked from funkwhale / funkwhale
    4948 commits behind, 10 commits ahead of the upstream repository.
    authentication.py 2.06 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69 
    

    

    

    import binascii
import hashlib

from rest_framework import authentication, exceptions

from funkwhale_api.users.models import User

from funkwhale_api.plugins import authentication as plugin_authentication


def get_token(salt, password):
    to_hash = password + salt
    h = hashlib.md5()
    h.update(to_hash.encode("utf-8"))
    return h.hexdigest()


def authenticate(username, password):
    try:
        if password.startswith("enc:"):
            password = password.replace("enc:", "", 1)
            password = binascii.unhexlify(password).decode("utf-8")
        user = User.objects.select_related("actor").get(
            username__iexact=username, is_active=True, subsonic_api_token=password
        )
    except (User.DoesNotExist, binascii.Error):
        raise exceptions.AuthenticationFailed("Wrong username or password.")

    return (user, None)


def authenticate_salt(username, salt, token):
    try:
        user = User.objects.select_related("actor").get(
            username=username, is_active=True, subsonic_api_token__isnull=False
        )
    except User.DoesNotExist:
        raise exceptions.AuthenticationFailed("Wrong username or password.")
    expected = get_token(salt, user.subsonic_api_token)
    if expected != token:
        raise exceptions.AuthenticationFailed("Wrong username or password.")

    return (user, None)


class SubsonicAuthentication(
    plugin_authentication.AttachPluginsConfMixin, authentication.BaseAuthentication
):
    def authenticate(self, request):
        auth = self.perform_authentication(request)
        self.update_plugins_conf(request, auth)
        return auth

    def perform_authentication(self, request):
        data = request.GET or request.POST
        username = data.get("u")
        if not username:
            return None

        p = data.get("p")
        s = data.get("s")
        t = data.get("t")
        if not p and (not s or not t):
            raise exceptions.AuthenticationFailed("Missing credentials")

        if p:
            return authenticate(username, p)
        return authenticate_salt(username, s, t)