Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2024-11-25 07:33:43 +00:00
Code Issues Projects Releases Packages Wiki Activity

Try to use the CLI password for logins (if enabled and readable by the current user)

Browse source 
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2024-06-19 22:18:11 +02:00
parent ca9eaf9688
commit 520641fa5e
No known key found for this signature in database
GPG key ID: 00135ACBD90B28DD
2 changed files with 13 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
advanced/Scripts/api.sh
View file

@ -75,9 +75,15 @@ TestAPIAvailability() {
} }
Authentication() { Authentication() {
# Try to authenticate # Try to read the CLI password (if enabled and readable by the current user)
LoginAPI if [ -r /etc/pihole/cli_pw ]; then
password=$(cat /etc/pihole/cli_pw)
# Try to authenticate using the CLI password
LoginAPI
fi
# If this did not work, ask the user for the password
while [ "${validSession}" = false ] || [ -z "${validSession}" ] ; do while [ "${validSession}" = false ] || [ -z "${validSession}" ] ; do
echo "Authentication failed. Please enter your Pi-hole password" echo "Authentication failed. Please enter your Pi-hole password"
@ -105,7 +111,7 @@ LoginAPI() {
SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null) SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null)
} }
DeleteSession() { LogoutAPI() {
# if a valid Session exists (no password required or successful Authentication) and # if a valid Session exists (no password required or successful Authentication) and
# SID is not null (successful Authentication only), delete the session # SID is not null (successful Authentication only), delete the session
if [ "${validSession}" = true ] && [ ! "${SID}" = null ]; then if [ "${validSession}" = true ] && [ ! "${SID}" = null ]; then

16
advanced/Scripts/query.sh
View file

@ -128,22 +128,14 @@ Main() {
# Test if the authentication endpoint is available # Test if the authentication endpoint is available
TestAPIAvailability TestAPIAvailability
# Users can configure FTL in a way, that for accessing a) all endpoints (webserver.api.localAPIauth) # Authenticate with FTL
# or b) for the /search endpoint (webserver.api.searchAPIauth) no authentication is required. Authentication
# Therefore, we try to query directly without authentication but do authenticat if 401 is returned
# send query again
data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}") data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
if [ "${data}" = 401 ]; then
# Unauthenticated, so authenticate with the FTL server required
Authentication
# send query again
data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
fi
GenerateOutput "${data}" GenerateOutput "${data}"
DeleteSession LogoutAPI
} }
# Process all options (if present) # Process all options (if present)