Webserver: simplify access to apikey/password

diff --git a/pdns/webserver.cc b/pdns/webserver.cc
index a168559e178505720390c4f6c9957c6f8bc8ce17..5c221d1e7c0b30c847bc8cb097acdf035e5428fa 100644 (file)
--- a/pdns/webserver.cc
+++ b/pdns/webserver.cc
@@ -125,16 +125,17 @@ static bool optionsHandler(HttpRequest* req, HttpResponse* resp) {
   return false;
 }
 
-static void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp, const string &apikey) {
+void WebServer::apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp) {
   if (optionsHandler(req, resp)) return;
 
   resp->headers["access-control-allow-origin"] = "*";
 
-  if (apikey.empty()) {
+  if (d_apikey.empty()) {
     g_log<<Logger::Error<<req->logprefix<<"HTTP API Request \"" << req->url.path << "\": Authentication failed, API Key missing in config" << endl;
     throw HttpUnauthorizedException("X-API-Key");
   }
-  bool auth_ok = req->compareHeader("x-api-key", apikey) || req->getvars["api-key"] == apikey;
+
+  bool auth_ok = req->compareHeader("x-api-key", d_apikey) || req->getvars["api-key"] == d_apikey;
   
   if (!auth_ok) {
     g_log<<Logger::Error<<req->logprefix<<"HTTP Request \"" << req->url.path << "\": Authentication by API Key failed" << endl;
@@ -170,14 +171,13 @@ static void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, Htt
 }
 
 void WebServer::registerApiHandler(const string& url, HandlerFunction handler) {
-  HandlerFunction f = boost::bind(&apiWrapper, handler, _1, _2, d_apikey);
+  HandlerFunction f = boost::bind(&WebServer::apiWrapper, this, handler, _1, _2);
   registerBareHandler(url, f);
-  d_registerApiHandlerCalled = true;
 }
 
-static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp, const string &password) {
-  if (!password.empty()) {
-    bool auth_ok = req->compareAuthorization(password);
+void WebServer::webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp) {
+  if (!d_webserverPassword.empty()) {
+    bool auth_ok = req->compareAuthorization(d_webserverPassword);
     if (!auth_ok) {
       g_log<<Logger::Debug<<req->logprefix<<"HTTP Request \"" << req->url.path << "\": Web Authentication failed" << endl;
       throw HttpUnauthorizedException("Basic");
@@ -188,7 +188,7 @@ static void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, Htt
 }
 
 void WebServer::registerWebHandler(const string& url, HandlerFunction handler) {
-  HandlerFunction f = boost::bind(&webWrapper, handler, _1, _2, d_webserverPassword);
+  HandlerFunction f = boost::bind(&WebServer::webWrapper, this, handler, _1, _2);
   registerBareHandler(url, f);
 }
 

diff --git a/pdns/webserver.hh b/pdns/webserver.hh
index 500f157044fb358e0607b5b067ae3c6343a8d214..e7d94b948941c4f2458669ed40e5e24d919c67cc 100644 (file)
--- a/pdns/webserver.hh
+++ b/pdns/webserver.hh
@@ -158,16 +158,10 @@ public:
   virtual ~WebServer() { };
 
   void setApiKey(const string &apikey) {
-    if (d_registerApiHandlerCalled) {
-      throw PDNSException("registerApiHandler has been called, can not change apikey");
-    }
     d_apikey = apikey;
   }
 
   void setPassword(const string &password) {
-    if (d_registerWebHandlerCalled) {
-      throw PDNSException("registerWebHandler has been called, can not change password");
-    }
     d_webserverPassword = password;
   }
 
@@ -233,10 +227,9 @@ protected:
   std::shared_ptr<Server> d_server;
 
   std::string d_apikey;
-  bool d_registerApiHandlerCalled{false};
-
+  void apiWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp);
   std::string d_webserverPassword;
-  bool d_registerWebHandlerCalled{false};
+  void webWrapper(WebServer::HandlerFunction handler, HttpRequest* req, HttpResponse* resp);
 
   NetmaskGroup d_acl;