87 Commits

Author SHA1 Message Date
Eric Callahan
fd5053ecac
app: improve debug logging
Dont log the full response when html is requested.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-08-21 05:22:23 -04:00
Eric Callahan
2314ea74c2
app: report asset path location
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-08-21 05:22:18 -04:00
Eric Callahan
97c8b05eee
app: support binding to all interfaces
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-08-19 12:21:41 -04:00
Eric Callahan
2e4814978f
app: shallow copy arguments before passing to a request
This prevents a scenario where a request handler mutates
the arguments of a WebRequest, which could result in
changing the default "request_arguments" in
"InternalTransport.call_method()".

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-04-05 15:48:36 -04:00
Eric Callahan
13bb624bd7
app: include announcements in welcome page context
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-04-03 08:58:31 -04:00
Eric Callahan
1968beaa0d
app: add a welcome handler
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-03-30 19:59:27 -04:00
Eric Callahan
790d77756e
app: fix blocking I/O
Open and close static files to be read using the default
thread pool executor.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-03-23 10:37:11 -04:00
Eric Callahan
c2861a1391 app: correct location header encoding
SIgned-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-02-15 14:39:33 -05:00
Eric Callahan
b4ddffd5d1 moonraker: refactor KlippyConnection
Move the KlippyConnection class into its own module.  Refactor
init to use loops rather than callbacks, this reduces complexity
of tracking and cancelling callback handles.

All Klippy state previously tracked by the Server is now in the
KlippyConnection.  This improves testing and makes the code
less ambiguous, ie: the `server.make_request()` method is not
as clear as `klippy.request()`.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-02-09 19:15:11 -05:00
Eric Callahan
9911b5c7dd app: don't allow open redirects in '/server/redirect'
Validate that the URL argument against the `cors_domains` option.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-01-28 14:05:48 -05:00
Eric Callahan
04477705b0 app: content disposition fix for file names containing commas
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-01-27 19:21:25 -05:00
Eric Callahan
a652845843 moonraker: add register_component() method
Allow base modules to register themselves as components during
initialization.  This makes them accessible via lookup_component()
across the entire application.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2022-01-12 08:05:17 -05:00
Eric Callahan
27c65e0a64 application: support internal API consumption
Track registered endpoints and allow internal APIs calls through
their JSON-RPC method names.

Signed-off-by: Eric Callahan <arksine.code@gmail.com>
2022-01-12 08:05:17 -05:00
Eric Callahan
e46b4994d4 app: add support for empty responses
If a dynamic request handler returns None with "wrap_result"
disabled, set the return status to 204.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-12-21 18:12:27 -05:00
Eric Callahan
b369173f94 app: refactor upload handler registration
Move upload handler registration out of the file manager.
Register the primary hander in the app module, and the
Octoprint Comptaiblity handler in octoprint_compat.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-12-21 16:53:33 -05:00
Eric Callahan
ac9eaa7681 app: set the status to 201 for uploads
Set the location header when the upload returns a valid result.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-12-21 15:32:28 -05:00
Eric Callahan
c6cddf4b05 moonraker: logging improvements
Move logging setup to the Server class and enable asyncio debugging.
Sanitize debug logging for all "/access" endpoints so tokens and
passwords are not logged.

SIgned-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-12-11 14:16:15 -05:00
Eric Callahan
685bd72274 app: add request debug logging
This mimics the logging available over JSON-RPC requests.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-11-26 06:11:13 -05:00
Eric Callahan
8a3ff7a54a app: replace refrences to ioloop with eventloop
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
2021-07-12 06:16:18 -04:00
Eric Callahan
0527904c48 moonraker: remove references to "system_args"
Rather than add these arguments to the config, use a method to access them from the server object.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-07-06 19:25:10 -04:00
Arksine
2ab63d75fc moonraker: fix imports for type checking
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-07-06 19:25:10 -04:00
Eric Callahan
00f4bd594f app: prevent static file reads from blocking the event loop
Perform reads in a thread so File I/O does not block.

This patch also disables ETags for static files.  Tornado's default behavior of caching file hashes will not work as many of Moonraker's can be updated.  The previous workaround to this was to recalculate the checksum if the modified date changed.  This is inefficient  as its behavior is not much different than using "If-Modified-Since".

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-06-28 07:31:40 -04:00
Eric Callahan
1510f66121 app: Process file uploads in a thread pool executor
This should prevent large file uploads from blocking the asyncio event loop for a long period of time.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-06-27 12:33:52 -04:00
Eric Callahan
40f21b10cd app: allow transport registration
This allows eligible components to register themselves as API transports.  By default the WebsocketManager is registered.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-06-25 17:46:43 -04:00
Eric Callahan
793ab6b24b app: add a redirect endpoint
Clients can use this in situations where a browser may
prompt the user to take action prior to sending the
request.  After the user accepts, Moonraker will redirect the user to the url provided in the request.

SIgned-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-28 21:03:03 -04:00
Arksine
a18987aa59 app: raise an exception if configured ssl cert or key files do not exist
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-22 08:22:46 -04:00
Arksine
dcf1cdf526 moonraker: add support for serving https with self signed certs
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-21 12:45:45 -04:00
Arksine
5d783a743a app: re-enable authorization checks on static files
Image files (.png) are still granted unauthorized access, however all other files require that the request be authorized.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-20 17:07:48 -04:00
Arksine
b8cf0d7fd2 authorization: check the query string for jwts
Clients may pass a json web token via the query string's "access_token" argument to authorize requests that do not allow modified headers.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-19 19:18:23 -04:00
Vladimir Poleh
6b9a3c656d app: Fixed download for the files with non-ASCII characters in name.
Replace non-ASCII characters with "?" and add escaped unicode version of the file name to the "Content-Disposition" header to fix problems with thumbnails and downloading for the gcode file with non-ASCII characters in filename.

Signed-off-by: Uladzimir Palekh <visor.rti@gmail.com>
2021-05-19 17:43:49 -04:00
Arksine
b91df6642d app: add annotations
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-18 19:16:49 -04:00
Arksine
5f9b0e9b86 app: don't require authorization to retreive static files
Generally speaking static files do not require authorization, so there should be little harm in bypassing auth checks.  This allows clients to retrieve assets without XHRs or requesting tokens.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-05-17 17:52:47 -04:00
Arksine
2b79a129aa app: fix unauthorized file upload access
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-20 18:12:30 -04:00
Arksine
9478678ea0 app: Add sha256 checksum validation to file uploads
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-20 18:12:30 -04:00
Arksine
0c765f7b71 app: improve http request logging
Log the current user for each request.   Dont' log requests that return with 200, 204, 206, or 304 in release mode.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-19 20:46:17 -04:00
Arksine
7eba8e58e3 authorization: add support for JWT User Authorizaton
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-19 20:46:17 -04:00
Arksine
43a8d25619 websockets: Store IP Address in WebRequest object
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-18 07:25:12 -04:00
Arksine
0ce53bd98f app: return HTTP errors in json format
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-18 07:25:12 -04:00
Arksine
14991ac3b9 authorization: convert module to component
CONFIG CHANGE:  This deprecates the "enabled" option in the [authorization] section.  Authorization will be enabled if the section is included in moonraker.conf,  otherwise it will be disabled.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-18 07:25:12 -04:00
Arksine
e8f6862fd2 app: cache modified time in static file handler
Force an update to cached file hashes should the modified time change.  Re-enable the "should_return_304" check so clients can re-implement caching.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-17 07:05:31 -04:00
Arksine
daf3b202c3 app: restrict static file size to the detected content length
Some static files, such as logs, can change size during a request.  This results in a content length mismatch and error.   Cap the amount read based on the original content length.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-16 07:49:44 -04:00
Arksine
087240aa67 app: don't return 304 for static files
Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-04-16 07:29:18 -04:00
Arksine
ce78e42065 app: use "lookup_component" instead of "lookup_plugin"
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
2021-03-18 08:14:01 -04:00
Arksine
62265fd086 app: fix bug in type hint conversion method
Signed-off-by: Eric Callahan  <arksine.code@gmail.com>
2021-03-16 09:13:05 -04:00
Arksine
5144508410 app: always log HTTP errors
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
2021-03-08 15:36:19 -05:00
Arksine
15890b9e87 app: add a custom default request handler
This handler provides consistent error reporting in the event that the client attempts to access an unknown endpoint.  If the request is unauthorized, an 401 will be returned.  Otherwise a 404 will be returned, however if CORS is available the CORS headers will be set.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-03-07 06:47:28 -05:00
Arksine
438ffece72 app: initialize all logging options
Moving log level init to the app module and have it explicitly set the level.  This allows the logging level to be toggled with a server restart.  Default debug logging to False.

When debug logging is disabled do not  log HTTP requests.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-03-06 07:34:43 -05:00
Arksine
13ccdb4df1 app: raise a clear exception when request arguments fail to parse
This error is an indication that a JSON body was sent without the content type set to "application/json".

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-03-05 15:10:53 -05:00
Arksine
f1edaa1f61 app: add support for streaming file uploads
This should reduce issues with large file uploads.

Signed-off-by:  Eric Callahan <arksine.code@gmail.com>
2021-03-05 05:25:28 -05:00
Grigi
39ab419c1f octoprint_compat: Compatibility with Cura Octoprint plugin to upload UFP files.
This PR is a minimal implementation of the Octoprint REST API that is required
for Cura to be able to establish a connection and  send gcode/UFP files to
moonraker without errors.
Currently it only supports the "global apikey authentication" method.

Signed-off-by:  Nickolas Grigoriadis <nagrigoriadis@gmail.com>
2021-03-04 20:52:55 -05:00