search

BitBotFactory / MikaLendingBot

Automated lending on Cryptocurrency exchanges Poloniex and Bitfinex
http://poloniexlendingbot.readthedocs.io/en/latest/index.html
MIT License
1.11k stars 345 forks source link

Add Basic Auth support #348

Open vs4vijay opened 7 years ago

vs4vijay commented 7 years ago

It would be better to add basic auth support in the project. I checked the code and noticed that we are using SimpleHTTPServer. Can we use Flask?

In config file, we could define as follows:

startWebServer = true
basicAuth = **true**
basicAuthUsername = **username**
basicAuthPassword = **base64 password** or **plain password**
vs4vijay commented 7 years ago

I even found the code, will anybody help me to pick this task.

PS: I have worked on Ruby and JavaScript before, Just have basic knowledge on Python.

Code for Auth Handler

import SimpleHTTPServer
import SocketServer
from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer

class AuthHandler(BaseHTTPRequestHandler):
    ''' Main class to present webpages and authentication. '''
    def do_HEAD(self):
        self.send_response(200)
        self.send_header('Content-type', 'text/html')
        self.end_headers()

    def do_AUTHHEAD(self):
        self.send_response(401)
        self.send_header('WWW-Authenticate', 'Basic realm=\"PLB\"')
        self.send_header('Content-type', 'text/html')
        self.end_headers()

    def do_GET(self):
        ''' Present frontpage with user authentication. '''
        if self.headers.getheader('Authorization') == None:
            self.do_AUTHHEAD()
            self.wfile.write('no auth header received')
            pass
        elif self.headers.getheader('Authorization') == 'Basic vs4vijay':
            self.do_HEAD()
            self.wfile.write(self.headers.getheader('Authorization'))
            self.wfile.write('authenticated!')
            pass
        else:
            self.do_AUTHHEAD()
            self.wfile.write(self.headers.getheader('Authorization'))
            self.wfile.write('not authenticated')
            pass
rnevet commented 7 years ago

@vs4vijay You are welcome to make a Pull Request with changes, it will be reviewed.

Look into https://github.com/BitBotFactory/poloniexlendingbot/blob/master/modules/WebServer.py#L39 There is already a custom HTTP handler which you can extend to handle Basic Auth.

If you don't have a Pyton env I recommend PyCharm. Don't forget the Docs. :)

laxdog commented 7 years ago

Yea go for it @vs4vijay .

I've done a bit of Flask stuff before, so give me a shout on Slack or Gitter if you want a hand.

utdrmac commented 7 years ago

I'm sorta for this, but let's not bloat the bot down with extra libraries/dependencies. The idea here is to be a lean piece of software.

kingo55 commented 7 years ago

Yeah - you could just run Nginx in front of it (and you'll have everything you need for SSL etc without more code in this lib).

Personally, I access mine over VPN.

laxdog commented 7 years ago

It can be done in pure python without extra libraries. BaseHTTPServer is part of the standard library.

Loading it will take an extra 2028 bytes (I just checked), so it's really not an issue.

Agreed, you could run behind apache / nginx, but not everyone can do that for themselves.

rnevet commented 7 years ago

How about refactoring the entire WebServer feature into a Plugin? :)