Try to use the CLI password for logins (if enabled and readable by the current user)

Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2024-06-19 22:18:11 +02:00
parent ca9eaf9688
commit 520641fa5e
No known key found for this signature in database
GPG key ID: 00135ACBD90B28DD
2 changed files with 13 additions and 15 deletions

View file

@ -75,9 +75,15 @@ TestAPIAvailability() {
}
Authentication() {
# Try to authenticate
LoginAPI
# Try to read the CLI password (if enabled and readable by the current user)
if [ -r /etc/pihole/cli_pw ]; then
password=$(cat /etc/pihole/cli_pw)
# Try to authenticate using the CLI password
LoginAPI
fi
# If this did not work, ask the user for the password
while [ "${validSession}" = false ] || [ -z "${validSession}" ] ; do
echo "Authentication failed. Please enter your Pi-hole password"
@ -105,7 +111,7 @@ LoginAPI() {
SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null)
}
DeleteSession() {
LogoutAPI() {
# if a valid Session exists (no password required or successful Authentication) and
# SID is not null (successful Authentication only), delete the session
if [ "${validSession}" = true ] && [ ! "${SID}" = null ]; then

View file

@ -128,22 +128,14 @@ Main() {
# Test if the authentication endpoint is available
TestAPIAvailability
# Users can configure FTL in a way, that for accessing a) all endpoints (webserver.api.localAPIauth)
# or b) for the /search endpoint (webserver.api.searchAPIauth) no authentication is required.
# Therefore, we try to query directly without authentication but do authenticat if 401 is returned
data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
if [ "${data}" = 401 ]; then
# Unauthenticated, so authenticate with the FTL server required
# Authenticate with FTL
Authentication
# send query again
data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
fi
GenerateOutput "${data}"
DeleteSession
LogoutAPI
}
# Process all options (if present)