relay: allow password hash authentication in api relay, add option re…

…lay.network.time_window (issue #2066)

ChangeLog.adoc

@@ -19,7 +19,7 @@ New features::
   * core: use function util_strftimeval in evaluation of expression `date:xxx`
   * api: add support of specifier `%!` for timestamp in function util_strftimeval
   * api: add support of base64url in encode/decode functions
-  * relay: add "api" protocol (HTTP REST API), add option relay.look.display_clients, change option type relay.look.auto_open_buffer to string, rename option relay.weechat.commands to relay.network.commands (issue #2066)
+  * relay: add "api" protocol (HTTP REST API), add option relay.look.display_clients, change option type relay.look.auto_open_buffer to string, rename option relay.weechat.commands to relay.network.commands, add option relay.network.time_window (issue #2066)
   * relay: add support of websocket extension "permessage-deflate" (issue #1549)
 
 Bug fixes::

src/plugins/relay/api/relay-api-protocol.c

@@ -38,60 +38,6 @@
 #include "relay-api-protocol.h"
 
 
-/*
- * Checks authentication from client.
- *
- * Returns:
- *   1: OK, client authenticated
- *   0: client NOT authenticated
- */
-
-int
-relay_api_protocol_check_auth (struct t_relay_client *client,
-                               struct t_relay_http_request *request)
-{
-    if (client->status == RELAY_STATUS_CONNECTED)
-        return 1;
-
-    switch (relay_http_check_auth (request))
-    {
-        case 0: /* OK */
-            return 1;
-        case -1: /* missing password */
-            relay_api_msg_send_error_json (client,
-                                           RELAY_HTTP_401_UNAUTHORIZED,
-                                           "WWW-Authenticate: Basic realm=Password",
-                                           RELAY_HTTP_ERROR_MISSING_PASSWORD);
-            break;
-        case -2: /* invalid password */
-            relay_api_msg_send_error_json (client,
-                                           RELAY_HTTP_401_UNAUTHORIZED,
-                                           NULL,
-                                           RELAY_HTTP_ERROR_INVALID_PASSWORD);
-            break;
-        case -3: /* missing TOTP */
-            relay_api_msg_send_error_json (client,
-                                           RELAY_HTTP_401_UNAUTHORIZED,
-                                           NULL,
-                                           RELAY_HTTP_ERROR_MISSING_TOTP);
-            break;
-        case -4: /* invalid TOTP */
-            relay_api_msg_send_error_json (client,
-                                           RELAY_HTTP_401_UNAUTHORIZED,
-                                           NULL,
-                                           RELAY_HTTP_ERROR_INVALID_TOTP);
-            break;
-        case -5: /* out of memory */
-            relay_api_msg_send_error_json (client,
-                                           RELAY_HTTP_503_SERVICE_UNAVAILABLE,
-                                           NULL,
-                                           RELAY_HTTP_ERROR_OUT_OF_MEMORY);
-            break;
-    }
-
-    return 0;
-}
-
 /*
  * Returns value of an URL parameter as boolean (0 or 1), using a default value
  * if the parameter is not set or if it's not a valid boolean.
@@ -677,7 +623,8 @@ relay_api_protocol_recv_http (struct t_relay_client *client,
     if (!request || RELAY_CLIENT_HAS_ENDED(client))
         return;
 
-    if (!relay_api_protocol_check_auth (client, request))
+    if ((client->status != RELAY_STATUS_CONNECTED)
+        && !relay_http_check_auth (client, request))
     {
         relay_client_set_status (client, RELAY_STATUS_AUTH_FAILED);
         return;

src/plugins/relay/api/relay-api.c

@@ -134,7 +134,7 @@ relay_api_unhook_signals (struct t_relay_client *client)
 
 void
 relay_api_recv_http (struct t_relay_client *client,
-                struct t_relay_http_request *request)
+                     struct t_relay_http_request *request)
 {
     relay_api_protocol_recv_http (client, request);
 }