Try to use the CLI password for logins (if enabled and readable by the current user)

Signed-off-by: DL6ER <dl6er@dl6er.de>
2024-06-19 22:18:11 +02:00 · 2024-06-19 22:18:11 +02:00 · 520641fa5e
parent ca9eaf9688
commit 520641fa5e
2 changed files with 13 additions and 15 deletions
--- a/advanced/Scripts/api.sh
+++ b/advanced/Scripts/api.sh
@ -75,9 +75,15 @@ TestAPIAvailability() {
 }

 Authentication() {
-    # Try to authenticate
-    LoginAPI
+    # Try to read the CLI password (if enabled and readable by the current user)
+    if [ -r /etc/pihole/cli_pw ]; then
+        password=$(cat /etc/pihole/cli_pw)

+        # Try to authenticate using the CLI password
+        LoginAPI
+    fi
+
+    # If this did not work, ask the user for the password
    while [ "${validSession}" = false ] || [ -z "${validSession}" ] ; do
        echo "Authentication failed. Please enter your Pi-hole password"

@ -105,7 +111,7 @@ LoginAPI() {
  SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null)
 }

-DeleteSession() {
+LogoutAPI() {
    # if a valid Session exists (no password required or successful Authentication) and
    # SID is not null (successful Authentication only), delete the session
    if [ "${validSession}" = true ] && [ ! "${SID}" = null ]; then
--- a/advanced/Scripts/query.sh
+++ b/advanced/Scripts/query.sh
@ -128,22 +128,14 @@ Main() {
    # Test if the authentication endpoint is available
    TestAPIAvailability

-    # Users can configure FTL in a way, that for accessing a) all endpoints (webserver.api.localAPIauth)
-    # or b) for the /search endpoint (webserver.api.searchAPIauth) no authentication is required.
-    # Therefore, we try to query directly without authentication but do authenticat if 401 is returned
+    # Authenticate with FTL
+    Authentication

+    # send query again
    data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")

-    if [ "${data}" = 401 ]; then
-        # Unauthenticated, so authenticate with the FTL server required
-        Authentication
-
-        # send query again
-        data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
-    fi
-
    GenerateOutput "${data}"
-    DeleteSession
+    LogoutAPI
 }

 # Process all options (if present)