1
0
mirror of https://github.com/esphome/esphome.git synced 2025-03-15 15:18:16 +00:00

Update cookie check logic

This commit is contained in:
Otto Winter 2018-11-23 21:14:42 +01:00
parent 73e95bc80f
commit 8433856fc9
No known key found for this signature in database
GPG Key ID: DB66C0BE6013F97E

View File

@ -44,12 +44,10 @@ HASSIO_MQTT_CONFIG = {}
# pylint: disable=abstract-method # pylint: disable=abstract-method
class BaseHandler(tornado.web.RequestHandler): class BaseHandler(tornado.web.RequestHandler):
def is_authenticated(self): def is_authenticated(self):
has_cookie = self.get_secure_cookie('authenticated') == 'yes' if not USING_HASSIO_AUTH and not USING_PASSWORD:
return True
if USING_HASSIO_AUTH: return self.get_secure_cookie('authenticated') == 'yes'
return has_cookie
return not USING_PASSWORD or has_cookie
# pylint: disable=abstract-method, arguments-differ # pylint: disable=abstract-method, arguments-differ
@ -60,11 +58,9 @@ class EsphomeyamlCommandWebSocket(tornado.websocket.WebSocketHandler):
self.closed = False self.closed = False
def on_message(self, message): def on_message(self, message):
has_cookie = self.get_secure_cookie('authenticated') == 'yes' if USING_HASSIO_AUTH or USING_PASSWORD:
if USING_PASSWORD and not has_cookie: if not self.get_secure_cookie('authenticated') == 'yes':
return return
if ON_HASSIO and (USING_HASSIO_AUTH and not has_cookie):
return
if self.proc is not None: if self.proc is not None:
return return
command = self.build_command(message) command = self.build_command(message)
@ -493,11 +489,15 @@ def start_web_server(args):
if not os.path.exists(CONFIG_DIR): if not os.path.exists(CONFIG_DIR):
os.makedirs(CONFIG_DIR) os.makedirs(CONFIG_DIR)
if args.hassio: ON_HASSIO = args.hassio
ON_HASSIO = True if ON_HASSIO:
USING_HASSIO_AUTH = not bool(os.getenv('DISABLE_HA_AUTHENTICATION')) USING_HASSIO_AUTH = not bool(os.getenv('DISABLE_HA_AUTHENTICATION'))
elif args.password: USING_PASSWORD = False
USING_PASSWORD = True else:
USING_HASSIO_AUTH = False
USING_PASSWORD = args.password
if USING_PASSWORD:
PASSWORD_DIGEST = hmac.new(args.password).digest() PASSWORD_DIGEST = hmac.new(args.password).digest()
if USING_HASSIO_AUTH or USING_PASSWORD: if USING_HASSIO_AUTH or USING_PASSWORD: