Unix sockets never require authentication and it is possible for
Websocket connections to authenticate with the request itself.
In these cases the `identify` endpoint must still process an
access_token if provided, as it allows the front end to assign
the desired user to the connection.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Propagate user state changes to open websockets and unix sockets.
If a websocket's user is logged out require re-authentication.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Don't raise an exception if the authorization header contains an
invalid value, such as Basic auth. Ignore it and move on to the
next step in authentication.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Register all of the "access" endpoints with the websocket. Front
ends may now connect to the websocket without an oneshot token
and login. If the front end already has a JWT for the user it
can be passed to the "identify" endpoint to authenticate directly.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Include the reserved file check in the `can_access_path()` method. This
fixes a potential vulnerability in the notifier where it may be possible
to attach a reserved file to a notification.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Provides an API for front ends to archive a list of files and/or
folders into a single zipped file.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Move logger initialization out of the utils module into its own
module, loghelper.py. This manager class simplifies access to the
underlying logger implementation and the queue listener. Additionally
it allows for endpoint registration.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
On systems where Klipper is installed as a service allow a
manual log rollover. The rollover cannot be called while printing.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Several components throughout Moonraker determine whether or not
Klipper is printing or is ready before taking action. This centralizes
queries in one area. The checks do not query Klipper directly but
rather rely on subscriptions to push state to Moonraker.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This change allows the user to choose the strategy for publishing
klipper states to MQTT. The original strategy where all state
updates are published to a common topic is still the default, but
can be turned off using the "publish_combined_status" config option.
The newly added strategy is publishing individual state updates to
separate mqtt topics. It is disabled by default, and can be enabled
with the "publish_split_status" config option.
Signed-off-by: Matt White <m.w.white@gmail.com>
Wrap all callbacks in a coroutine that handles exceptions. This
should eliminate "task not retreived" errors.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
The "force" argument may be used turn on a device during a print
that is otherwise locked for normal requests.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
While the [update_manager client ...] naming convention is
deprecated it should not be disallowed. This fixes service restart
issues using the old naming convention.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>