weyne/dcs-retribution
1
0
Fork 0
mirror of https://github.com/dcs-retribution/dcs-retribution.git synced 2025-11-10 15:41:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add API key authentication.

Browse Source 
We don't have any sensitive data, but we do access the file system. On
the off chance that some phishing website decides to try to use
Liberation as an attack vector, prevent access to the API by
unauthorized applications. An API key is generated at each program start
and passed to the front end via the QWebChannel.
This commit is contained in:
Dan Albert
2022-02-19 14:41:39 -08:00
parent 09457d8aab
commit 77d29e314c
5 changed files with 36 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
qt_ui/windows/QLiberationWindow.py
View File

@@ -21,6 +21,7 @@ import qt_ui.uiconstants as CONST
from game import Game, VERSION, persistency
from game.debriefing import Debriefing
from game.server import EventStream
from game.server.security import ApiKeyManager
from qt_ui import liberation_install
from qt_ui.dialogs import Dialog
from qt_ui.models import GameModel
@@ -88,6 +89,8 @@ class QLiberationWindow(QMainWindow):
else:
self.onGameGenerated(self.game)
logging.debug(f"API Key: {ApiKeyManager.KEY}")
def initUi(self):
hbox = QSplitter(Qt.Horizontal)
vbox = QSplitter(Qt.Vertical)