API + Data changes to support split up of stream keys and admin passwords
This commit is contained in:
parent
1645451faa
commit
c9e3ccad45
@ -20,7 +20,8 @@ type Defaults struct {
|
||||
WebServerPort int
|
||||
WebServerIP string
|
||||
RTMPServerPort int
|
||||
StreamKey string
|
||||
AdminPassword string
|
||||
StreamKeys []string
|
||||
|
||||
YPEnabled bool
|
||||
YPServer string
|
||||
@ -42,6 +43,8 @@ func GetDefaults() Defaults {
|
||||
Summary: "This is a new live video streaming server powered by Owncast.",
|
||||
ServerWelcomeMessage: "",
|
||||
Logo: "logo.svg",
|
||||
AdminPassword: "abc123",
|
||||
StreamKeys: []string{"abc123"},
|
||||
Tags: []string{
|
||||
"owncast",
|
||||
"streaming",
|
||||
@ -71,7 +74,6 @@ func GetDefaults() Defaults {
|
||||
WebServerPort: 8080,
|
||||
WebServerIP: "0.0.0.0",
|
||||
RTMPServerPort: 1935,
|
||||
StreamKey: "abc123",
|
||||
|
||||
ChatEstablishedUserModeTimeDuration: time.Minute * 15,
|
||||
|
||||
|
@ -198,8 +198,8 @@ func SetExtraPageContent(w http.ResponseWriter, r *http.Request) {
|
||||
controllers.WriteSimpleResponse(w, true, "changed")
|
||||
}
|
||||
|
||||
// SetStreamKey will handle the web config request to set the server stream key.
|
||||
func SetStreamKey(w http.ResponseWriter, r *http.Request) {
|
||||
// SetAdminPassword will handle the web config request to set the server admin password.
|
||||
func SetAdminPassword(w http.ResponseWriter, r *http.Request) {
|
||||
if !requirePOST(w, r) {
|
||||
return
|
||||
}
|
||||
@ -209,7 +209,7 @@ func SetStreamKey(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if err := data.SetStreamKey(configValue.Value.(string)); err != nil {
|
||||
if err := data.SetAdminPassword(configValue.Value.(string)); err != nil {
|
||||
controllers.WriteSimpleResponse(w, false, err.Error())
|
||||
return
|
||||
}
|
||||
@ -789,3 +789,27 @@ func getValuesFromRequest(w http.ResponseWriter, r *http.Request) ([]ConfigValue
|
||||
|
||||
return values, true
|
||||
}
|
||||
|
||||
// SetStreamKeys will set the valid stream keys.
|
||||
func SetStreamKeys(w http.ResponseWriter, r *http.Request) {
|
||||
if !requirePOST(w, r) {
|
||||
return
|
||||
}
|
||||
|
||||
configValues, success := getValuesFromRequest(w, r)
|
||||
if !success {
|
||||
return
|
||||
}
|
||||
|
||||
streamKeyStrings := make([]string, 0)
|
||||
for _, key := range configValues {
|
||||
streamKeyStrings = append(streamKeyStrings, key.Value.(string))
|
||||
}
|
||||
|
||||
if err := data.SetStreamKeys(streamKeyStrings); err != nil {
|
||||
controllers.WriteSimpleResponse(w, false, err.Error())
|
||||
return
|
||||
}
|
||||
|
||||
controllers.WriteSimpleResponse(w, true, "changed")
|
||||
}
|
||||
|
@ -49,7 +49,8 @@ func GetServerConfig(w http.ResponseWriter, r *http.Request) {
|
||||
AppearanceVariables: data.GetCustomColorVariableValues(),
|
||||
},
|
||||
FFmpegPath: ffmpeg,
|
||||
StreamKey: data.GetStreamKey(),
|
||||
AdminPassword: data.GetAdminPassword(),
|
||||
StreamKeys: data.GetStreamKeys(),
|
||||
WebServerPort: config.WebServerPort,
|
||||
WebServerIP: config.WebServerIP,
|
||||
RTMPServerPort: data.GetRTMPPortNumber(),
|
||||
@ -98,7 +99,8 @@ func GetServerConfig(w http.ResponseWriter, r *http.Request) {
|
||||
type serverConfigAdminResponse struct {
|
||||
InstanceDetails webConfigResponse `json:"instanceDetails"`
|
||||
FFmpegPath string `json:"ffmpegPath"`
|
||||
StreamKey string `json:"streamKey"`
|
||||
AdminPassword string `json:"adminPassword"`
|
||||
StreamKeys []string `json:"streamKeys"`
|
||||
WebServerPort int `json:"webServerPort"`
|
||||
WebServerIP string `json:"webServerIP"`
|
||||
RTMPServerPort int `json:"rtmpServerPort"`
|
||||
|
@ -18,7 +18,7 @@ import (
|
||||
const (
|
||||
extraContentKey = "extra_page_content"
|
||||
streamTitleKey = "stream_title"
|
||||
streamKeyKey = "stream_key"
|
||||
adminPasswordKey = "admin_password_key"
|
||||
logoPathKey = "logo_path"
|
||||
logoUniquenessKey = "logo_uniqueness"
|
||||
serverSummaryKey = "server_summary"
|
||||
@ -68,6 +68,7 @@ const (
|
||||
hideViewerCountKey = "hide_viewer_count"
|
||||
customOfflineMessageKey = "custom_offline_message"
|
||||
customColorVariableValuesKey = "custom_color_variable_values"
|
||||
streamKeysKey = "stream_keys"
|
||||
)
|
||||
|
||||
// GetExtraPageBodyContent will return the user-supplied body content.
|
||||
@ -101,20 +102,15 @@ func SetStreamTitle(title string) error {
|
||||
return _datastore.SetString(streamTitleKey, title)
|
||||
}
|
||||
|
||||
// GetStreamKey will return the inbound streaming password.
|
||||
func GetStreamKey() string {
|
||||
key, err := _datastore.GetString(streamKeyKey)
|
||||
if err != nil {
|
||||
log.Traceln(streamKeyKey, err)
|
||||
return config.GetDefaults().StreamKey
|
||||
}
|
||||
|
||||
// GetAdminPassword will return the admin password.
|
||||
func GetAdminPassword() string {
|
||||
key, _ := _datastore.GetString(adminPasswordKey)
|
||||
return key
|
||||
}
|
||||
|
||||
// SetStreamKey will set the inbound streaming password.
|
||||
func SetStreamKey(key string) error {
|
||||
return _datastore.SetString(streamKeyKey, key)
|
||||
// SetAdminPassword will set the admin password.
|
||||
func SetAdminPassword(key string) error {
|
||||
return _datastore.SetString(adminPasswordKey, key)
|
||||
}
|
||||
|
||||
// GetLogoPath will return the path for the logo, relative to webroot.
|
||||
@ -582,10 +578,14 @@ func GetVideoCodec() string {
|
||||
|
||||
// VerifySettings will perform a sanity check for specific settings values.
|
||||
func VerifySettings() error {
|
||||
if GetStreamKey() == "" {
|
||||
if len(GetStreamKeys()) == 0 {
|
||||
return errors.New("no stream key set. Please set one via the admin or command line arguments")
|
||||
}
|
||||
|
||||
if GetAdminPassword() == "" {
|
||||
return errors.New("no admin password set. Please set one via the admin or command line arguments")
|
||||
}
|
||||
|
||||
logoPath := GetLogoPath()
|
||||
if !utils.DoesFileExists(filepath.Join(config.DataDirectory, logoPath)) {
|
||||
log.Traceln(logoPath, "not found in the data directory. copying a default logo.")
|
||||
@ -944,3 +944,14 @@ func GetCustomColorVariableValues() map[string]string {
|
||||
values, _ := _datastore.GetStringMap(customColorVariableValuesKey)
|
||||
return values
|
||||
}
|
||||
|
||||
// GetStreamKeys will return valid stream keys.
|
||||
func GetStreamKeys() []string {
|
||||
keys, _ := _datastore.GetStringSlice(streamKeysKey)
|
||||
return keys
|
||||
}
|
||||
|
||||
// SetStreamKeys will set valid stream keys.
|
||||
func SetStreamKeys(keys []string) error {
|
||||
return _datastore.SetStringSlice(streamKeysKey, keys)
|
||||
}
|
||||
|
@ -7,18 +7,23 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
datastoreValuesVersion = 1
|
||||
datastoreValuesVersion = 2
|
||||
datastoreValueVersionKey = "DATA_STORE_VERSION"
|
||||
)
|
||||
|
||||
func migrateDatastoreValues(datastore *Datastore) {
|
||||
currentVersion, _ := _datastore.GetNumber(datastoreValueVersionKey)
|
||||
if currentVersion == 0 {
|
||||
currentVersion = datastoreValuesVersion
|
||||
}
|
||||
|
||||
for v := currentVersion; v < datastoreValuesVersion; v++ {
|
||||
log.Tracef("Migration datastore values from %d to %d\n", int(v), int(v+1))
|
||||
log.Infof("Migration datastore values from %d to %d\n", int(v), int(v+1))
|
||||
switch v {
|
||||
case 0:
|
||||
migrateToDatastoreValues1(datastore)
|
||||
case 1:
|
||||
migrateToDatastoreValues2(datastore)
|
||||
default:
|
||||
log.Fatalln("missing datastore values migration step")
|
||||
}
|
||||
@ -47,3 +52,9 @@ func migrateToDatastoreValues1(datastore *Datastore) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func migrateToDatastoreValues2(datastore *Datastore) {
|
||||
oldAdminPassword, _ := datastore.GetString("stream_key")
|
||||
_ = SetAdminPassword(oldAdminPassword)
|
||||
_ = SetStreamKeys([]string{oldAdminPassword})
|
||||
}
|
||||
|
@ -32,7 +32,8 @@ func PopulateDefaults() {
|
||||
return
|
||||
}
|
||||
|
||||
_ = SetStreamKey(defaults.StreamKey)
|
||||
_ = SetAdminPassword(defaults.AdminPassword)
|
||||
_ = SetStreamKeys(defaults.StreamKeys)
|
||||
_ = SetHTTPPortNumber(float64(defaults.WebServerPort))
|
||||
_ = SetRTMPPortNumber(float64(defaults.RTMPServerPort))
|
||||
_ = SetLogoPath(defaults.Logo)
|
||||
@ -40,7 +41,6 @@ func PopulateDefaults() {
|
||||
_ = SetServerSummary(defaults.Summary)
|
||||
_ = SetServerWelcomeMessage("")
|
||||
_ = SetServerName(defaults.Name)
|
||||
_ = SetStreamKey(defaults.StreamKey)
|
||||
_ = SetExtraPageBodyContent(defaults.PageBodyContent)
|
||||
_ = SetFederationGoLiveMessage(defaults.FederationGoLiveMessage)
|
||||
_ = SetSocialHandles([]models.SocialHandle{
|
||||
|
@ -15,15 +15,17 @@ import (
|
||||
"github.com/owncast/owncast/models"
|
||||
)
|
||||
|
||||
var _hasInboundRTMPConnection = false
|
||||
|
||||
var (
|
||||
_hasInboundRTMPConnection = false
|
||||
_pipe *io.PipeWriter
|
||||
_rtmpConnection net.Conn
|
||||
)
|
||||
|
||||
var _pipe *io.PipeWriter
|
||||
var _rtmpConnection net.Conn
|
||||
|
||||
var _setStreamAsConnected func(*io.PipeReader)
|
||||
var _setBroadcaster func(models.Broadcaster)
|
||||
var (
|
||||
_setStreamAsConnected func(*io.PipeReader)
|
||||
_setBroadcaster func(models.Broadcaster)
|
||||
)
|
||||
|
||||
// Start starts the rtmp service, listening on specified RTMP port.
|
||||
func Start(setStreamAsConnected func(*io.PipeReader), setBroadcaster func(models.Broadcaster)) {
|
||||
@ -75,12 +77,28 @@ func HandleConn(c *rtmp.Conn, nc net.Conn) {
|
||||
return
|
||||
}
|
||||
|
||||
if !secretMatch(data.GetStreamKey(), c.URL.Path) {
|
||||
accessGranted := false
|
||||
validStreamingKeys := data.GetStreamKeys()
|
||||
|
||||
for _, key := range validStreamingKeys {
|
||||
if secretMatch(key, c.URL.Path) {
|
||||
accessGranted = true
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
if !accessGranted {
|
||||
log.Errorln("invalid streaming key; rejecting incoming stream")
|
||||
_ = nc.Close()
|
||||
return
|
||||
}
|
||||
|
||||
// if !secretMatch(data.GetAdminPassword(), c.URL.Path) {
|
||||
// log.Errorln("invalid streaming key; rejecting incoming stream")
|
||||
// _ = nc.Close()
|
||||
// return
|
||||
// }
|
||||
|
||||
rtmpOut, rtmpIn := io.Pipe()
|
||||
_pipe = rtmpIn
|
||||
log.Infoln("Inbound stream connected.")
|
||||
|
6
main.go
6
main.go
@ -42,7 +42,7 @@ func main() {
|
||||
|
||||
// Create the data directory if needed
|
||||
if !utils.DoesFileExists("data") {
|
||||
if err := os.Mkdir("./data", 0700); err != nil {
|
||||
if err := os.Mkdir("./data", 0o700); err != nil {
|
||||
log.Fatalln("Cannot create data directory", err)
|
||||
}
|
||||
}
|
||||
@ -54,7 +54,7 @@ func main() {
|
||||
log.Fatalln("Unable to remove temp dir!")
|
||||
}
|
||||
}
|
||||
if err := os.Mkdir(config.TempDir, 0700); err != nil {
|
||||
if err := os.Mkdir(config.TempDir, 0o700); err != nil {
|
||||
log.Fatalln("Unable to create temp dir!", err)
|
||||
}
|
||||
|
||||
@ -102,7 +102,7 @@ func main() {
|
||||
|
||||
func handleCommandLineFlags() {
|
||||
if *newStreamKey != "" {
|
||||
if err := data.SetStreamKey(*newStreamKey); err != nil {
|
||||
if err := data.SetAdminPassword(*newStreamKey); err != nil {
|
||||
log.Errorln("Error setting your stream key.", err)
|
||||
log.Exit(1)
|
||||
} else {
|
||||
|
@ -22,7 +22,7 @@ type UserAccessTokenHandlerFunc func(user.User, http.ResponseWriter, *http.Reque
|
||||
func RequireAdminAuth(handler http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
username := "admin"
|
||||
password := data.GetStreamKey()
|
||||
password := data.GetAdminPassword()
|
||||
realm := "Owncast Authenticated Request"
|
||||
|
||||
// The following line is kind of a work around.
|
||||
|
@ -159,7 +159,10 @@ func Start() error {
|
||||
// Update config values
|
||||
|
||||
// Change the current streaming key in memory
|
||||
http.HandleFunc("/api/admin/config/key", middleware.RequireAdminAuth(admin.SetStreamKey))
|
||||
http.HandleFunc("/api/admin/config/adminpass", middleware.RequireAdminAuth(admin.SetAdminPassword))
|
||||
|
||||
// Set an array of valid stream keys
|
||||
http.HandleFunc("/api/admin/config/streamkeys", middleware.RequireAdminAuth(admin.SetStreamKeys))
|
||||
|
||||
// Change the extra page content in memory
|
||||
http.HandleFunc("/api/admin/config/pagecontent", middleware.RequireAdminAuth(admin.SetExtraPageContent))
|
||||
|
@ -7,6 +7,8 @@ const serverSummary = randomString();
|
||||
const offlineMessage = randomString();
|
||||
const pageContent = `<p>${randomString()}</p>`;
|
||||
const tags = [randomString(), randomString(), randomString()];
|
||||
const streamKeys = [randomString(), randomString(), randomString()];
|
||||
|
||||
const latencyLevel = Math.floor(Math.random() * 4);
|
||||
const appearanceValues = {
|
||||
variable1: randomString(),
|
||||
@ -65,6 +67,11 @@ test('set tags', async (done) => {
|
||||
done();
|
||||
});
|
||||
|
||||
test('set stream keys', async (done) => {
|
||||
const res = await sendConfigChangeRequest('streamkeys', streamKeys);
|
||||
done();
|
||||
});
|
||||
|
||||
test('set latency level', async (done) => {
|
||||
const res = await sendConfigChangeRequest(
|
||||
'video/streamlatencylevel',
|
||||
@ -157,6 +164,7 @@ test('admin configuration is correct', (done) => {
|
||||
socialHandles
|
||||
);
|
||||
expect(res.body.forbiddenUsernames).toStrictEqual(forbiddenUsernames);
|
||||
expect(res.body.streamKeys).toStrictEqual(streamKeys);
|
||||
|
||||
expect(res.body.videoSettings.latencyLevel).toBe(latencyLevel);
|
||||
expect(res.body.videoSettings.videoQualityVariants[0].framerate).toBe(
|
||||
@ -167,7 +175,7 @@ test('admin configuration is correct', (done) => {
|
||||
);
|
||||
|
||||
expect(res.body.yp.enabled).toBe(false);
|
||||
expect(res.body.streamKey).toBe('abc123');
|
||||
expect(res.body.adminPassword).toBe('abc123');
|
||||
|
||||
expect(res.body.s3.enabled).toBe(s3Config.enabled);
|
||||
expect(res.body.s3.endpoint).toBe(s3Config.endpoint);
|
||||
|
Loading…
Reference in New Issue
Block a user