From fe234598eae648edc2263996e230d421ebd87928 Mon Sep 17 00:00:00 2001
From: Yeastplume <yeastplume@protonmail.com>
Date: Wed, 11 Sep 2019 11:59:23 +0100
Subject: [PATCH 1/2] api::BasicAuthMiddleware: Add option to ignore
 authentication for a particular URI

---
 api/src/auth.rs     | 9 ++++++++-
 api/src/handlers.rs | 2 +-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/api/src/auth.rs b/api/src/auth.rs
index 073c9374ca..2dd913ede6 100644
--- a/api/src/auth.rs
+++ b/api/src/auth.rs
@@ -28,13 +28,15 @@ lazy_static! {
 pub struct BasicAuthMiddleware {
 	api_basic_auth: String,
 	basic_realm: &'static HeaderValue,
+	ignore_uri: Option<String>,
 }
 
 impl BasicAuthMiddleware {
-	pub fn new(api_basic_auth: String, basic_realm: &'static HeaderValue) -> BasicAuthMiddleware {
+	pub fn new(api_basic_auth: String, basic_realm: &'static HeaderValue, ignore_uri: Option<String>) -> BasicAuthMiddleware {
 		BasicAuthMiddleware {
 			api_basic_auth,
 			basic_realm,
+			ignore_uri,
 		}
 	}
 }
@@ -52,6 +54,11 @@ impl Handler for BasicAuthMiddleware {
 		if req.method().as_str() == "OPTIONS" {
 			return next_handler.call(req, handlers);
 		}
+		if let Some(u) = self.ignore_uri.as_ref() {
+			if req.uri().path() == u {
+				return next_handler.call(req, handlers);
+			}
+		}
 		if req.headers().contains_key(AUTHORIZATION)
 			&& verify_slices_are_equal(
 				req.headers()[AUTHORIZATION].as_bytes(),
diff --git a/api/src/handlers.rs b/api/src/handlers.rs
index b64c7c5a7b..c499bd674c 100644
--- a/api/src/handlers.rs
+++ b/api/src/handlers.rs
@@ -70,7 +70,7 @@ pub fn start_rest_apis(
 	if let Some(api_secret) = api_secret {
 		let api_basic_auth = format!("Basic {}", util::to_base64(&format!("grin:{}", api_secret)));
 		let basic_auth_middleware =
-			Arc::new(BasicAuthMiddleware::new(api_basic_auth, &GRIN_BASIC_REALM));
+			Arc::new(BasicAuthMiddleware::new(api_basic_auth, &GRIN_BASIC_REALM, None));
 		router.add_middleware(basic_auth_middleware);
 	}
 

From ec68fe3ed50d2a18f507469e4bbf49e15459df27 Mon Sep 17 00:00:00 2001
From: Yeastplume <yeastplume@protonmail.com>
Date: Wed, 11 Sep 2019 11:59:30 +0100
Subject: [PATCH 2/2] rustfmt

---
 api/src/auth.rs     | 6 +++++-
 api/src/handlers.rs | 7 +++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/api/src/auth.rs b/api/src/auth.rs
index 2dd913ede6..4339ae1eef 100644
--- a/api/src/auth.rs
+++ b/api/src/auth.rs
@@ -32,7 +32,11 @@ pub struct BasicAuthMiddleware {
 }
 
 impl BasicAuthMiddleware {
-	pub fn new(api_basic_auth: String, basic_realm: &'static HeaderValue, ignore_uri: Option<String>) -> BasicAuthMiddleware {
+	pub fn new(
+		api_basic_auth: String,
+		basic_realm: &'static HeaderValue,
+		ignore_uri: Option<String>,
+	) -> BasicAuthMiddleware {
 		BasicAuthMiddleware {
 			api_basic_auth,
 			basic_realm,
diff --git a/api/src/handlers.rs b/api/src/handlers.rs
index c499bd674c..14ec832b29 100644
--- a/api/src/handlers.rs
+++ b/api/src/handlers.rs
@@ -69,8 +69,11 @@ pub fn start_rest_apis(
 	let mut router = build_router(chain, tx_pool, peers).expect("unable to build API router");
 	if let Some(api_secret) = api_secret {
 		let api_basic_auth = format!("Basic {}", util::to_base64(&format!("grin:{}", api_secret)));
-		let basic_auth_middleware =
-			Arc::new(BasicAuthMiddleware::new(api_basic_auth, &GRIN_BASIC_REALM, None));
+		let basic_auth_middleware = Arc::new(BasicAuthMiddleware::new(
+			api_basic_auth,
+			&GRIN_BASIC_REALM,
+			None,
+		));
 		router.add_middleware(basic_auth_middleware);
 	}