fix ws token auth

2022-09-08 11:25:30 -06:00
parent fac6626459
commit b9e7af1ce2
4 changed files with 28 additions and 7 deletions
--- a/freqtrade/rpc/api_server/api_auth.py
+++ b/freqtrade/rpc/api_server/api_auth.py
@@ -62,7 +62,7 @@ async def get_ws_token(
        # Just return the token if it matches
        return token
    else:
-        logger.debug("Denying websocket request")
+        logger.info("Denying websocket request")
        # If it doesn't match, close the websocket connection
        await ws.close(code=status.WS_1008_POLICY_VIOLATION)

--- a/freqtrade/rpc/api_server/api_ws.py
+++ b/freqtrade/rpc/api_server/api_ws.py
@@ -6,6 +6,7 @@ from fastapi import APIRouter, Depends, WebSocket, WebSocketDisconnect
 from starlette.websockets import WebSocketState

 from freqtrade.enums import RPCMessageType, RPCRequestType
+from freqtrade.rpc.api_server.api_auth import get_ws_token
 from freqtrade.rpc.api_server.deps import get_channel_manager, get_rpc
 from freqtrade.rpc.api_server.ws.channel import WebSocketChannel
 from freqtrade.rpc.api_server.ws.schema import (ValidationError, WSAnalyzedDFMessage,
@@ -95,6 +96,7 @@ async def message_endpoint(
    ws: WebSocket,
    rpc: RPC = Depends(get_rpc),
    channel_manager=Depends(get_channel_manager),
+    token: str = Depends(get_ws_token)
 ):
    """
    Message WebSocket endpoint, facilitates sending RPC messages
@@ -105,6 +107,9 @@ async def message_endpoint(
            # Return a channel ID, pass that instead of ws to the rest of the methods
            channel = await channel_manager.on_connect(ws)

+            if not channel:
+                return
+
            logger.info(f"Consumer connected - {channel}")

            # Keep connection open until explicitly closed, and process requests
--- a/freqtrade/rpc/api_server/webserver.py
+++ b/freqtrade/rpc/api_server/webserver.py
@@ -139,8 +139,7 @@ class ApiServer(RPCHandler):
        )

    def configure_app(self, app: FastAPI, config):
-        from freqtrade.rpc.api_server.api_auth import (get_ws_token, http_basic_or_jwt_token,
-                                                       router_login)
+        from freqtrade.rpc.api_server.api_auth import http_basic_or_jwt_token, router_login
        from freqtrade.rpc.api_server.api_backtest import router as api_backtest
        from freqtrade.rpc.api_server.api_v1 import router as api_v1
        from freqtrade.rpc.api_server.api_v1 import router_public as api_v1_public
@@ -155,9 +154,7 @@ class ApiServer(RPCHandler):
        app.include_router(api_backtest, prefix="/api/v1",
                           dependencies=[Depends(http_basic_or_jwt_token)],
                           )
-        app.include_router(ws_router, prefix="/api/v1",
-                           dependencies=[Depends(get_ws_token)]
-                           )
+        app.include_router(ws_router, prefix="/api/v1")
        app.include_router(router_login, prefix="/api/v1", tags=["auth"])
        # UI Router MUST be last!
        app.include_router(router_ui, prefix='')