Query directly and authenticate only if required

Signed-off-by: Christian König <ckoenig@posteo.de>
This commit is contained in:
Christian König 2023-10-14 14:01:20 +02:00
parent e374950915
commit f7ba059b94
No known key found for this signature in database
2 changed files with 31 additions and 5 deletions

View file

@ -82,10 +82,25 @@ DeleteSession() {
}
GetFTLData() {
local data
local data response status
# get the data from querying the API as well as the http status code
data=$(curl -s -X GET "http://localhost:${PORT}/api$1" -H "Accept: application/json" -H "sid: ${SID}" )
response=$(curl -s -w "%{http_code}" -X GET "http://localhost:${PORT}/api$1" -H "Accept: application/json" -H "sid: ${SID}" )
# status are the last 3 characters
status=$(printf %s "${response#"${response%???}"}")
# data is everything from response without the last 3 characters
data=$(printf %s "${response%???}")
if [ "${status}" = 200 ]; then
# response OK
echo "${data}"
elif [ "${status}" = 000 ]; then
# connection lost
echo "000"
elif [ "${status}" = 401 ]; then
# unauthorized
echo "401"
fi
}
secretRead() {

View file

@ -118,10 +118,21 @@ Main(){
# Test if the authentication endpoint is available
TestAPIAvailability
# Authenticate with the FTL server
Authenthication
# Users can configure FTL in a way, that for accessing a) all endpoints (webserver.api.localAPIauth)
# or b) for the /search endpoint (webserver.api.searchAPIauth) no authentication is required.
# Therefore, we try to query directly without authentication but do authenticat if 401 is returned
data=$(GetFTLData "/search/${domain}?N=${max_results}&partial=${partial}")
if [ "${data}" = 401 ]; then
# Unauthenticated, so authenticate with the FTL server required
Authenthication
# send query again
data=$(GetFTLData "/search/${domain}?N=${max_results}&partial=${partial}")
fi
GenerateOutput "${data}"
DeleteSession
}