source: mythtv/mythtv/html/setup/js/password.js

Last change on this file was f3de8a1fc, checked in by Bill Meek <billmeek@…>, 6 years ago

Services API: Adds ManageDigestUser? and ManageUrlProtection? endpoints

Restores the ability to change the admin password from Webfrontend
and any clients that may have digest users.

Adds new options to add and remove users, but prevents removal of
user "admin".

Myth/ManageDigestUser? has 3 values for the Action parameter:

Add requires: UserName?, Password and AdminPassword?

Remove requires: UserName? and Password

ChangePassword? requires: UserName?, Password and OldPassword?

Note that adding user: abcd and: ABCD are considered the same.
Something unexpected in MythSessionManager? testing here.

Fixes #13274

Gives users the ability to configure which services require a
digest user/password:

Requires: AdminPassword? and Services, All, None, Myth;Dvr etc.

Command line examples, to turn on protection for all services:

curl --digest --user admin:mythtv --data Services=All \

--data AdminPassword?=mythtv \
localhost:6544/Myth/ManageUrlProtection

wget -O- --http-user=admin --http-password=mythtv \

--method=POST \
localhost:6544/Myth/ManageUrlProtection?Services=All\&AdminPassword=mythtv

[--post-data doesn't work]

Tested WebFrontend? authentication on: Android Chrome 66.0, Chromium
65.0/66.0, Firefox 60.0. Python requests/requests.auth with
HTTPDigestAuth work.

Note the addition of the new verb "Manage", which allows consolidation
of multiple POST methods (thanks Roger.) This adds to the "Naming
standardization" in commit: ce52b5e in 11/11/2011. The Action parameter
should honor the Add and Remove verbs previously established. If any of
the above, or in the future, need to retrieve data, then a similar Get-
endpoint would need to be added using the GET method.
  • Property mode set to 100644
File size: 1.3 KB
Line 
1
2function changePassword() {
3    var result = false;
4    var oldPassword = $("#oldPassword").val();
5    var newPassword = $("#newPassword").val();
6    var newPasswordConfirm = $("#newPasswordConfirm").val();
7
8    if (newPassword.length == 0) {
9        setErrorMessage("New password is empty.");
10    } else if (newPassword != newPasswordConfirm) {
11        setErrorMessage("New passwords do not match.");
12    } else {
13        $.post("/Myth/ManageDigestUser",
14            { Action: "ChangePassword",
15              UserName: "admin",
16              Password: oldPassword,
17              NewPassword: newPassword },
18            function(data) {
19                if (data.bool == "true")
20                    setStatusMessage("Password successfully changed.");
21                else
22                    setErrorMessage("Error changing password, check backend logs for detailed information.");
23            }, "json").error(function(data) {
24                setErrorMessage("Error changing password, check backend logs for detailed information.");
25            });
26    }
27}
28
29$("#edit").dialog({
30    modal: true,
31    width: 850,
32    height: 500,
33    'title': 'Change Password',
34    closeOnEscape: false,
35    buttons: {
36       'Change Password': function() {changePassword()},
37       'Cancel': function() { $(this).dialog('close'); }
38    }
39});
40showEditWindow();
Note: See TracBrowser for help on using the repository browser.