From 708599551e869aa04eb3505c653f1a63264e5038 Mon Sep 17 00:00:00 2001
From: Simon <simon@gb7fr.org.uk>
Date: Sun, 17 Sep 2023 14:42:19 +0100
Subject: [PATCH] systemkey working

---
 API.py           | 26 +++++++++++++++++++-------
 bridge_master.py |  6 +++++-
 config.py        |  8 +++++++-
 3 files changed, 31 insertions(+), 9 deletions(-)

diff --git a/API.py b/API.py
index d138010..c040faa 100644
--- a/API.py
+++ b/API.py
@@ -1,5 +1,4 @@
 
-from hashlib import blake2b
 from spyne import ServiceBase, rpc, Integer, Decimal, UnsignedInteger32, Unicode, Iterable, error
 from dmr_utils3.utils import bytes_3
 
@@ -30,6 +29,12 @@ class FD_APIUserDefinedContext(object):
                     else:
                         return(False)
 
+    def validateSystemKey(self,systemkey):
+        if systemkey == self.CONFIG['GLOBAL']['SYSTEM_API_KEY']:
+            return True
+        else:
+            return False
+
     def reset(self,system):
         self.CONFIG['SYSTEMS'][system]['_reset'] = True
 
@@ -76,10 +81,17 @@ class FD_API(ServiceBase):
     def killserver(ctx,killkey):
         pass
 
-    @rpc(_returns=Unicode())
-    def getconfig(ctx):
-        return ctx.udc.getconfig()
+    @rpc(Unicode,_returns=Unicode())
+    def getconfig(ctx,systemkey):
+        if ctx.udc.validateSystemKey(systemkey):
+            return ctx.udc.getconfig()
+        else:
+            raise error.InvalidCredentialsError()
+
+    @rpc(Unicode,_returns=Unicode())
+    def getbridges(ctx,systemkey):
+        if ctx.udc.validateSystemKey(systemkey):
+            return ctx.udc.getbridges()
+        else:
+            raise error.InvalidCredentialsError()
 
-    @rpc(_returns=Unicode())
-    def getbridges(ctx):
-        return ctx.udc.getbridges()
diff --git a/bridge_master.py b/bridge_master.py
index fefcb92..faf7484 100644
--- a/bridge_master.py
+++ b/bridge_master.py
@@ -2887,9 +2887,13 @@ if __name__ == '__main__':
 
     #Initialize API
     APIQUEUE = []
-    api = config_API(CONFIG,APIQUEUE,BRIDGES)
+    if CONFIG['GLOBAL']['ENABLE_API']:
+        api = config_API(CONFIG,APIQUEUE,BRIDGES)
+    else:
+        api = False
     if api:
         logger.info('(API) API running')
+        logger.info('(API) Random system API Key is %s',CONFIG['GLOBAL']['SYSTEM_API_KEY'])
     else:
         logger.info('(API) API not started')
 
diff --git a/config.py b/config.py
index 8a17948..d0444b8 100755
--- a/config.py
+++ b/config.py
@@ -32,6 +32,7 @@ import const
 
 import socket
 import ipaddress 
+import secrets
 from socket import gethostbyname
 from languages import languages
 
@@ -148,12 +149,17 @@ def build_config(_config_file):
                     'SERVER_ID': config.getint(section, 'SERVER_ID', fallback=0).to_bytes(4, 'big'),
                     'DATA_GATEWAY': config.getboolean(section, 'DATA_GATEWAY', fallback=False),
                     'VALIDATE_SERVER_IDS': config.getboolean(section, 'VALIDATE_SERVER_IDS', fallback=True),
-                    'DEBUG_BRIDGES' : config.getboolean(section, 'DEBUG_BRIDGES', fallback=True)
+                    'DEBUG_BRIDGES' : config.getboolean(section, 'DEBUG_BRIDGES', fallback=True),
+                    'ENABLE_API' : config.getboolean(section, 'ENABLE_API', fallback=True)
+
                     
                 })
                 if not CONFIG['GLOBAL']['ANNOUNCEMENT_LANGUAGES']:
                     CONFIG['GLOBAL']['ANNOUNCEMENT_LANGUAGES'] = languages
 
+                if CONFIG['GLOBAL']['ENABLE_API']:
+                    CONFIG['GLOBAL']['SYSTEM_API_KEY'] = secrets.token_hex(16)
+
             elif section == 'REPORTS':
                 CONFIG['REPORTS'].update({
                     'REPORT': config.getboolean(section, 'REPORT', fallback=True),