From 5be87d8adb9188d02e1fe8d68c18648b83fe560c Mon Sep 17 00:00:00 2001
From: j <0x006A@0x2620.org>
Date: Wed, 18 Aug 2010 14:02:10 +0200
Subject: [PATCH] add auth key

---
 OxFF/bin/oxd.py         | 12 ++++++------
 OxFF/components/OxFF.js | 18 ++++++++++--------
 2 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/OxFF/bin/oxd.py b/OxFF/bin/oxd.py
index cfd05f6..a81f09e 100755
--- a/OxFF/bin/oxd.py
+++ b/OxFF/bin/oxd.py
@@ -613,12 +613,8 @@ class OxControl(Resource):
 
         self.db = Database(self.db_path)
         self.putChild("media", File(self.db.get('media_cache', 'media')))
-
-        '''
-        #FIXME: this is just for debugging
-        if not 'Test' in self.db.volumes('0xdb.org', 'j'):
-            self.db.add_volume('0xdb.org', 'Test', '/media/2010/Movies')
-        '''
+        
+        self.authkey = self.db.get('username', 'fix')
 
     def putChild(self, name, child):
         self._children.append(name)
@@ -641,6 +637,10 @@ class OxControl(Resource):
                 args[arg] = request.args.get(arg)[0]
             return args
 
+        if request.args.get('key', '') != self.authkey: 
+            response = {'status': '403', 'text': 'wrong authentication key provided'}
+            return json_response(request, response)
+
         if request.path == '/add_volume':
             args = required_args('site', 'user', 'name', 'path')
             self.db.add_volume(**args)
diff --git a/OxFF/components/OxFF.js b/OxFF/components/OxFF.js
index 21ca62a..f9857c4 100644
--- a/OxFF/components/OxFF.js
+++ b/OxFF/components/OxFF.js
@@ -46,10 +46,11 @@ function OxFF() {
     oxff.set('username', ox.makeRandomString(8));
     oxff.set('password', ox.makeRandomString(8));
   }
-  this.username = oxff.get('username');
+  this.authkey = oxff.get('username');
   this.password = oxff.get('password');
 
   try {
+    //FF3.6 fallback
     var em = Cc["@mozilla.org/extensions/manager;1"]
                .getService(Ci.nsIExtensionManager);
     var f = em.getInstallLocation('firefogg@firefogg.org').getItemFile('firefogg@firefogg.org', 'ffmpeg2theora');
@@ -187,6 +188,7 @@ OxFF.prototype = {
     if(!this.canAccess())
       return false;
 
+    data["key"] = this.authkey;
     data["site"] = this._site;
     data["user"] = this._user;
 
@@ -207,7 +209,7 @@ OxFF.prototype = {
     var base = this.base; //later base can not be a public property
     var url = base + action;
 
-    //req.open("POST", url, true, this.username, this.password);
+    //req.open("POST", url, true, this.authkey, this.password);
     req.open("POST", url, true);
 
     try {
@@ -218,6 +220,7 @@ OxFF.prototype = {
         }
     }
     } catch(e) {
+      //FF3.6 fallback
       var converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"].createInstance(Ci.nsIScriptableUnicodeConverter);
       converter.charset = "UTF-8";
       var boundary = "--------XX" + Math.random();
@@ -356,11 +359,11 @@ OxFF.prototype = {
   },
   canAccess: function() {
       if(!this._access) {
-        this.debug('permission deinied', action, data);
+        this.debug('permission deinied');
         return false;
     }
     if(!this._user) {
-        this.debug('login first', action, data);
+        this.debug('login first');
         return false;
     }
     return true;
@@ -373,11 +376,9 @@ OxFF.prototype = {
       return false;
     }
     var osString = Cc["@mozilla.org/xre/app-info;1"].getService(Ci.nsIXULRuntime).OS;  
-    var daemon = "";
+    var daemon = "oxd.py";
     if (osString == "WINNT")
-         daemon = 'oxd.exe';
-    else
-         daemon = 'oxd.py';
+      daemon = 'oxd.exe';
 
     function runDaemon(file) {
       try {
@@ -390,6 +391,7 @@ OxFF.prototype = {
     }
 
     try {
+      //FF3.6 fallback
       var em = Cc["@mozilla.org/extensions/manager;1"]
                  .getService(Ci.nsIExtensionManager);
       var file = em.getInstallLocation(this.extensionID).getItemFile(this.extensionID, daemon);