From ef584c62d79784c5bfc442b63937afab587fdeb1 Mon Sep 17 00:00:00 2001 From: Zack Piispanen Date: Tue, 17 Sep 2013 18:44:58 -0400 Subject: [PATCH] Added Application tokens that can never be deleted, and are loaded either by the command line arg, or the list in the config file. Other plugins can easily add their own tokens into the dictionary as well, however, I believe the config file approach works best for transparency to the user. Currently, this is an extremely complex looking field in the config file now. I don't think we should add a placeholder tho as servers wouldn't realize they had a rest token there. Perhaps when we do a dump of the config file, someone can add the format for this field. Closes #520 --- TShockAPI/ConfigFile.cs | 5 +++++ TShockAPI/Rest/SecureRest.cs | 11 +++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/TShockAPI/ConfigFile.cs b/TShockAPI/ConfigFile.cs index 64c9fabb..46c99fab 100644 --- a/TShockAPI/ConfigFile.cs +++ b/TShockAPI/ConfigFile.cs @@ -17,11 +17,13 @@ along with this program. If not, see . */ using System; +using System.Collections.Generic; using System.ComponentModel; using System.IO; using System.Linq; using System.Text; using Newtonsoft.Json; +using Rests; namespace TShockAPI { @@ -258,6 +260,9 @@ namespace TShockAPI "Whether the REST API should use the new permission model. Note: The old permission model will become depracted in the future." )] public bool RestUseNewPermissionModel = true; + [Description("A dictionary of REST tokens that external applications may use to make queries to your server.")] + public Dictionary ApplicationRestTokens = new Dictionary(); + /// /// Reads a configuration file from a given path /// diff --git a/TShockAPI/Rest/SecureRest.cs b/TShockAPI/Rest/SecureRest.cs index d53915aa..3443d56c 100644 --- a/TShockAPI/Rest/SecureRest.cs +++ b/TShockAPI/Rest/SecureRest.cs @@ -37,11 +37,13 @@ namespace Rests } public Dictionary Tokens { get; protected set; } + public Dictionary AppTokens { get; protected set; } public SecureRest(IPAddress ip, int port) : base(ip, port) { Tokens = new Dictionary(); + AppTokens = new Dictionary(); Register(new RestCommand("/token/create/{username}/{password}", NewToken) { DoLog = false }); Register(new RestCommand("/v2/token/create/{password}", NewTokenV2) { DoLog = false }); @@ -50,9 +52,14 @@ namespace Rests foreach (KeyValuePair t in TShockAPI.TShock.RESTStartupTokens) { - Tokens.Add(t.Key, t.Value); + AppTokens.Add(t.Key, t.Value); } + foreach (KeyValuePair t in TShock.Config.ApplicationRestTokens) + { + AppTokens.Add(t.Key, t.Value); + } + // TODO: Get rid of this when the old REST permission model is removed. if (TShock.Config.RestApiEnabled && !TShock.Config.RestUseNewPermissionModel) { @@ -163,7 +170,7 @@ namespace Rests SecureRestCommand secureCmd = (SecureRestCommand)cmd; TokenData tokenData; - if (!Tokens.TryGetValue(token, out tokenData)) + if (!Tokens.TryGetValue(token, out tokenData) && !AppTokens.TryGetValue(token, out tokenData)) return new RestObject("403") { Error = "Not authorized. The specified API endpoint requires a token, but the provided token was not valid." };