quasarr 1.31.0__py3-none-any.whl → 2.0.0__py3-none-any.whl

quasarr/providers/auth.py

@@ -0,0 +1,250 @@
+# -*- coding: utf-8 -*-
+# Quasarr
+# Project by https://github.com/rix1337
+
+import base64
+import hashlib
+import hmac
+import os
+import time
+
+from bottle import request, response, redirect
+
+import quasarr.providers.html_images as images
+from quasarr.providers.version import get_version
+
+# Auth configuration from environment
+AUTH_USER = os.environ.get('USER', '')
+AUTH_PASS = os.environ.get('PASS', '')
+AUTH_TYPE = os.environ.get('AUTH', '').lower()
+
+# Cookie settings
+COOKIE_NAME = 'quasarr_session'
+COOKIE_MAX_AGE = 30 * 24 * 60 * 60  # 30 days
+
+
+def is_auth_enabled():
+    """Check if authentication is enabled (both USER and PASS set)."""
+    return bool(AUTH_USER and AUTH_PASS)
+
+
+def is_form_auth():
+    """Check if form-based auth is enabled."""
+    return AUTH_TYPE == 'form'
+
+
+def _sign_cookie(user, expiry):
+    """Create HMAC signature for cookie."""
+    msg = f"{user}:{expiry}".encode()
+    return hmac.new(AUTH_PASS.encode(), msg, hashlib.sha256).hexdigest()
+
+
+def _create_session_cookie(user):
+    """Create a signed session cookie value."""
+    expiry = int(time.time()) + COOKIE_MAX_AGE
+    signature = _sign_cookie(user, expiry)
+    return f"{user}:{expiry}:{signature}"
+
+
+def _verify_session_cookie(cookie_value):
+    """Verify a session cookie. Returns True if valid."""
+    try:
+        parts = cookie_value.split(':')
+        if len(parts) != 3:
+            return False
+        user, expiry, signature = parts
+        expiry = int(expiry)
+        if time.time() > expiry:
+            return False
+        expected_sig = _sign_cookie(user, expiry)
+        return hmac.compare_digest(signature, expected_sig)
+    except:
+        return False
+
+
+def check_basic_auth():
+    """Check HTTP Basic Auth header. Returns True if valid."""
+    auth = request.headers.get('Authorization', '')
+    if not auth.startswith('Basic '):
+        return False
+    try:
+        decoded = base64.b64decode(auth[6:]).decode('utf-8')
+        user, passwd = decoded.split(':', 1)
+        return user == AUTH_USER and passwd == AUTH_PASS
+    except:
+        return False
+
+
+def check_form_auth():
+    """Check session cookie. Returns True if valid."""
+    cookie = request.get_cookie(COOKIE_NAME)
+    return cookie and _verify_session_cookie(cookie)
+
+
+def require_basic_auth():
+    """Send 401 response for Basic Auth."""
+    response.status = 401
+    response.set_header('WWW-Authenticate', 'Basic realm="Quasarr"')
+    return "Authentication required"
+
+
+def _render_login_page(error=None):
+    """Render login form page using Quasarr styling."""
+    error_html = f'<p style="color: #dc3545; margin-bottom: 1rem;"><b>{error}</b></p>' if error else ''
+    next_url = request.query.get('next', '/')
+
+    # Inline the centered HTML to avoid circular import
+    return f'''<html>
+    <head>
+        <meta charset="utf-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1">
+        <title>Quasarr - Login</title>
+        <link rel="icon" href="{images.logo}" type="image/png">
+        <style>
+            :root {{
+                --bg-color: #ffffff;
+                --fg-color: #212529;
+                --card-bg: #ffffff;
+                --card-shadow: rgba(0, 0, 0, 0.1);
+                --primary: #0d6efd;
+                --secondary: #6c757d;
+                --spacing: 1rem;
+            }}
+            @media (prefers-color-scheme: dark) {{
+                :root {{
+                    --bg-color: #181a1b;
+                    --fg-color: #f1f1f1;
+                    --card-bg: #242526;
+                    --card-shadow: rgba(0, 0, 0, 0.5);
+                }}
+            }}
+            *, *::before, *::after {{ box-sizing: border-box; }}
+            html, body {{
+                margin: 0; padding: 0; width: 100%; height: 100%;
+                background-color: var(--bg-color); color: var(--fg-color);
+                font-family: system-ui, -apple-system, 'Segoe UI', Roboto, sans-serif;
+                line-height: 1.6; display: flex; flex-direction: column; min-height: 100vh;
+            }}
+            .outer {{ flex: 1; display: flex; justify-content: center; align-items: center; padding: var(--spacing); }}
+            .inner {{
+                background-color: var(--card-bg); border-radius: 1rem;
+                box-shadow: 0 0.5rem 1.5rem var(--card-shadow);
+                padding: calc(var(--spacing) * 2); text-align: center; width: 100%; max-width: 400px;
+            }}
+            .logo {{ height: 64px; width: 64px; vertical-align: middle; margin-right: 0.5rem; }}
+            h1 {{ margin: 0 0 1rem 0; font-size: 1.75rem; }}
+            h2 {{ margin: 0 0 1.5rem 0; font-size: 1.25rem; font-weight: 500; }}
+            label {{ display: block; text-align: left; margin-bottom: 0.25rem; font-weight: 500; }}
+            input[type="text"], input[type="password"] {{
+                width: 100%; padding: 0.5rem; margin-bottom: 1rem;
+                border: 1px solid var(--secondary); border-radius: 0.5rem;
+                font-size: 1rem; background: var(--card-bg); color: var(--fg-color);
+            }}
+            .btn-primary {{
+                background-color: var(--primary); color: #fff; border: 1.5px solid #0856c7;
+                padding: 0.5rem 1.5rem; font-size: 1rem; border-radius: 0.5rem;
+                font-weight: 500; cursor: pointer; width: 100%;
+            }}
+            .btn-primary:hover {{ background-color: #0b5ed7; }}
+            footer {{ text-align: center; font-size: 0.75rem; color: var(--secondary); padding: 0.5rem 0; }}
+        </style>
+    </head>
+    <body>
+        <div class="outer">
+            <div class="inner">
+                <h1><img src="{images.logo}" class="logo" alt="Quasarr"/>Quasarr</h1>
+                {error_html}
+                <form method="post" action="/login">
+                    <input type="hidden" name="next" value="{next_url}">
+                    <label for="username">Username</label>
+                    <input type="text" id="username" name="username" autocomplete="username" required>
+                    <label for="password">Password</label>
+                    <input type="password" id="password" name="password" autocomplete="current-password" required>
+                    <button type="submit" class="btn-primary">Login</button>
+                </form>
+            </div>
+        </div>
+        <footer>Quasarr v.{get_version()}</footer>
+    </body>
+    </html>'''
+
+
+def _handle_login_post():
+    """Handle login form submission."""
+    username = request.forms.get('username', '')
+    password = request.forms.get('password', '')
+    next_url = request.forms.get('next', '/')
+
+    if username == AUTH_USER and password == AUTH_PASS:
+        cookie_value = _create_session_cookie(username)
+        response.set_cookie(COOKIE_NAME, cookie_value, max_age=COOKIE_MAX_AGE, path='/', httponly=True)
+        redirect(next_url)
+    else:
+        return _render_login_page(error="Invalid username or password")
+
+
+def _handle_logout():
+    """Handle logout - clear cookie and redirect to login."""
+    response.delete_cookie(COOKIE_NAME, path='/')
+    redirect('/login')
+
+
+def show_logout_link():
+    """Returns True if logout link should be shown (form auth enabled and authenticated)."""
+    return is_auth_enabled() and is_form_auth() and check_form_auth()
+
+
+def add_auth_routes(app):
+    """Add login/logout routes to a Bottle app (for form auth only)."""
+    if not is_auth_enabled():
+        return
+
+    if is_form_auth():
+        @app.get('/login')
+        def login_get():
+            if check_form_auth():
+                redirect('/')
+            return _render_login_page()
+
+        @app.post('/login')
+        def login_post():
+            return _handle_login_post()
+
+        @app.get('/logout')
+        def logout():
+            return _handle_logout()
+
+
+def add_auth_hook(app, whitelist_prefixes=None):
+    """Add authentication hook to a Bottle app.
+
+    Args:
+        app: Bottle application
+        whitelist_prefixes: List of path prefixes to skip auth (e.g., ['/api/', '/sponsors_helper/'])
+    """
+    if whitelist_prefixes is None:
+        whitelist_prefixes = []
+
+    @app.hook('before_request')
+    def auth_hook():
+        if not is_auth_enabled():
+            return
+
+        path = request.path
+
+        # Always allow login/logout
+        if path in ['/login', '/logout']:
+            return
+
+        # Check whitelist prefixes
+        for prefix in whitelist_prefixes:
+            if path.startswith(prefix):
+                return
+
+        # Check authentication
+        if is_form_auth():
+            if not check_form_auth():
+                redirect(f'/login?next={path}')
+        else:
+            if not check_basic_auth():
+                return require_basic_auth()

quasarr/providers/jd_cache.py

@@ -2,8 +2,18 @@
 # Quasarr
 # Project by https://github.com/rix1337
 
+from quasarr.providers.log import debug
 from quasarr.providers.myjd_api import TokenExpiredException, RequestTimeoutException, MYJDException
 
+# Known archive extensions for fallback detection
+ARCHIVE_EXTENSIONS = frozenset([
+    '.rar', '.zip', '.7z', '.tar', '.gz', '.bz2', '.xz',
+    '.001', '.002', '.003', '.004', '.005', '.006', '.007', '.008', '.009',
+    '.r00', '.r01', '.r02', '.r03', '.r04', '.r05', '.r06', '.r07', '.r08', '.r09',
+    '.part1.rar', '.part01.rar', '.part001.rar',
+    '.part2.rar', '.part02.rar', '.part002.rar',
+])
+
 
 class JDPackageCache:
     """
@@ -16,116 +26,264 @@ class JDPackageCache:
 
     This reduces redundant API calls within a single operation where the same
     data (e.g., linkgrabber_links) is needed multiple times.
-
-    Usage:
-        # Cache is created and discarded within a single function call
-        cache = JDPackageCache(device)
-        packages = cache.linkgrabber_packages  # Fetches from API
-        packages = cache.linkgrabber_packages  # Returns cached (same request)
-        # Cache goes out of scope and is garbage collected
     """
 
     def __init__(self, device):
+        debug("JDPackageCache: Initializing new cache instance")
         self._device = device
         self._linkgrabber_packages = None
         self._linkgrabber_links = None
         self._downloader_packages = None
         self._downloader_links = None
-        self._archive_package_uuids = None  # Set of package UUIDs containing archives
+        self._archive_cache = {}  # package_uuid -> bool (is_archive)
         self._is_collecting = None
+        # Stats tracking
+        self._api_calls = 0
+        self._cache_hits = 0
+
+    def get_stats(self):
+        """Return cache statistics string."""
+        pkg_count = len(self._downloader_packages or []) + len(self._linkgrabber_packages or [])
+        link_count = len(self._downloader_links or []) + len(self._linkgrabber_links or [])
+        return f"{self._api_calls} API calls | {pkg_count} packages, {link_count} links cached"
 
     @property
     def linkgrabber_packages(self):
         if self._linkgrabber_packages is None:
+            debug("JDPackageCache: Fetching linkgrabber_packages from API")
+            self._api_calls += 1
             try:
                 self._linkgrabber_packages = self._device.linkgrabber.query_packages()
-            except (TokenExpiredException, RequestTimeoutException, MYJDException):
+                debug(f"JDPackageCache: Retrieved {len(self._linkgrabber_packages)} linkgrabber packages")
+            except (TokenExpiredException, RequestTimeoutException, MYJDException) as e:
+                debug(f"JDPackageCache: Failed to fetch linkgrabber_packages: {e}")
                 self._linkgrabber_packages = []
+        else:
+            self._cache_hits += 1
+            debug(f"JDPackageCache: Using cached linkgrabber_packages ({len(self._linkgrabber_packages)} packages)")
         return self._linkgrabber_packages
 
     @property
     def linkgrabber_links(self):
         if self._linkgrabber_links is None:
+            debug("JDPackageCache: Fetching linkgrabber_links from API")
+            self._api_calls += 1
             try:
                 self._linkgrabber_links = self._device.linkgrabber.query_links()
-            except (TokenExpiredException, RequestTimeoutException, MYJDException):
+                debug(f"JDPackageCache: Retrieved {len(self._linkgrabber_links)} linkgrabber links")
+            except (TokenExpiredException, RequestTimeoutException, MYJDException) as e:
+                debug(f"JDPackageCache: Failed to fetch linkgrabber_links: {e}")
                 self._linkgrabber_links = []
+        else:
+            self._cache_hits += 1
+            debug(f"JDPackageCache: Using cached linkgrabber_links ({len(self._linkgrabber_links)} links)")
         return self._linkgrabber_links
 
     @property
     def downloader_packages(self):
         if self._downloader_packages is None:
+            debug("JDPackageCache: Fetching downloader_packages from API")
+            self._api_calls += 1
             try:
                 self._downloader_packages = self._device.downloads.query_packages()
-            except (TokenExpiredException, RequestTimeoutException, MYJDException):
+                debug(f"JDPackageCache: Retrieved {len(self._downloader_packages)} downloader packages")
+            except (TokenExpiredException, RequestTimeoutException, MYJDException) as e:
+                debug(f"JDPackageCache: Failed to fetch downloader_packages: {e}")
                 self._downloader_packages = []
+        else:
+            self._cache_hits += 1
+            debug(f"JDPackageCache: Using cached downloader_packages ({len(self._downloader_packages)} packages)")
         return self._downloader_packages
 
     @property
     def downloader_links(self):
         if self._downloader_links is None:
+            debug("JDPackageCache: Fetching downloader_links from API")
+            self._api_calls += 1
             try:
                 self._downloader_links = self._device.downloads.query_links()
-            except (TokenExpiredException, RequestTimeoutException, MYJDException):
+                debug(f"JDPackageCache: Retrieved {len(self._downloader_links)} downloader links")
+            except (TokenExpiredException, RequestTimeoutException, MYJDException) as e:
+                debug(f"JDPackageCache: Failed to fetch downloader_links: {e}")
                 self._downloader_links = []
+        else:
+            self._cache_hits += 1
+            debug(f"JDPackageCache: Using cached downloader_links ({len(self._downloader_links)} links)")
         return self._downloader_links
 
     @property
     def is_collecting(self):
         if self._is_collecting is None:
+            debug("JDPackageCache: Checking is_collecting from API")
+            self._api_calls += 1
             try:
                 self._is_collecting = self._device.linkgrabber.is_collecting()
-            except (TokenExpiredException, RequestTimeoutException, MYJDException):
+                debug(f"JDPackageCache: is_collecting = {self._is_collecting}")
+            except (TokenExpiredException, RequestTimeoutException, MYJDException) as e:
+                debug(f"JDPackageCache: Failed to check is_collecting: {e}")
                 self._is_collecting = False
+        else:
+            self._cache_hits += 1
+            debug(f"JDPackageCache: Using cached is_collecting = {self._is_collecting}")
         return self._is_collecting
 
-    def get_archive_package_uuids(self, downloader_packages, downloader_links):
+    def _has_archive_extension(self, package_uuid, links):
+        """Check if any link in the package has an archive file extension."""
+        for link in links:
+            if link.get("packageUUID") != package_uuid:
+                continue
+            name = link.get("name", "")
+            name_lower = name.lower()
+            for ext in ARCHIVE_EXTENSIONS:
+                if name_lower.endswith(ext):
+                    debug(
+                        f"JDPackageCache: Found archive extension '{ext}' in file '{name}' for package {package_uuid}")
+                    return True
+        return False
+
+    def _bulk_detect_archives(self, package_uuids):
         """
-        Get set of package UUIDs that contain at least one archive file.
+        Detect archives for multiple packages in ONE API call.
+
+        Returns:
+            tuple: (confirmed_archives: set, api_succeeded: bool)
+            - confirmed_archives: Package UUIDs confirmed as archives
+            - api_succeeded: Whether the API call worked (for fallback decisions)
+        """
+        confirmed_archives = set()
+
+        if not package_uuids:
+            debug("JDPackageCache: _bulk_detect_archives called with empty package_uuids")
+            return confirmed_archives, True
 
-        Two-phase detection:
-        1. Check extractionStatus in link data (free - catches in-progress/completed extractions)
-        2. Single API call for all remaining packages (catches pre-extraction archives)
+        package_list = list(package_uuids)
+        debug(f"JDPackageCache: Bulk archive detection for {len(package_list)} packages")
 
-        This correctly handles:
-        - Mixed packages (archive + non-archive files)
-        - Archives before extraction starts
-        - Archives during/after extraction
+        try:
+            self._api_calls += 1
+            archive_infos = self._device.extraction.get_archive_info([], package_list)
+            debug(f"JDPackageCache: get_archive_info returned {len(archive_infos) if archive_infos else 0} results")
+
+            if archive_infos:
+                for i, archive_info in enumerate(archive_infos):
+                    if archive_info:
+                        debug(f"JDPackageCache: archive_info[{i}] = {archive_info}")
+                        # Try to get packageUUID from response
+                        pkg_uuid = archive_info.get("packageUUID")
+                        if pkg_uuid:
+                            debug(f"JDPackageCache: Confirmed archive via packageUUID: {pkg_uuid}")
+                            confirmed_archives.add(pkg_uuid)
+                        else:
+                            # Log what fields ARE available for debugging
+                            debug(
+                                f"JDPackageCache: archive_info has no packageUUID, available keys: {list(archive_info.keys())}")
+                    else:
+                        debug(f"JDPackageCache: archive_info[{i}] is empty/None")
+
+            debug(f"JDPackageCache: Bulk detection confirmed {len(confirmed_archives)} archives: {confirmed_archives}")
+            return confirmed_archives, True
+
+        except Exception as e:
+            debug(f"JDPackageCache: Bulk archive detection API FAILED: {type(e).__name__}: {e}")
+            return confirmed_archives, False
+
+    def detect_all_archives(self, packages, links):
         """
-        if self._archive_package_uuids is not None:
-            return self._archive_package_uuids
+        Detect archives for all packages efficiently.
 
-        self._archive_package_uuids = set()
+        Uses ONE bulk API call, then applies safety fallbacks for packages
+        where detection was uncertain.
 
-        if not downloader_packages:
-            return self._archive_package_uuids
+        Args:
+            packages: List of downloader packages
+            links: List of downloader links (for extension fallback)
 
-        all_package_uuids = {p.get("uuid") for p in downloader_packages if p.get("uuid")}
+        Returns:
+            Set of package UUIDs that should be treated as archives
+        """
+        if not packages:
+            debug("JDPackageCache: detect_all_archives called with no packages")
+            return set()
 
-        # Phase 1: Check extractionStatus in already-fetched link data (free - no API call)
-        # This catches packages where extraction is in progress or completed
-        for link in downloader_links:
-            extraction_status = link.get("extractionStatus")
-            if extraction_status:  # Any non-empty extraction status means it's an archive
-                pkg_uuid = link.get("packageUUID")
-                if pkg_uuid:
-                    self._archive_package_uuids.add(pkg_uuid)
+        all_package_uuids = {p.get("uuid") for p in packages if p.get("uuid")}
+        debug(f"JDPackageCache: detect_all_archives for {len(all_package_uuids)} packages")
 
-        # Phase 2: Single API call for all unchecked packages
-        unchecked_package_uuids = list(all_package_uuids - self._archive_package_uuids)
+        # ONE bulk API call for all packages
+        confirmed_archives, api_succeeded = self._bulk_detect_archives(all_package_uuids)
+        debug(f"JDPackageCache: Bulk API succeeded={api_succeeded}, confirmed={len(confirmed_archives)} archives")
 
-        if unchecked_package_uuids:
-            try:
-                # One API call for ALL unchecked packages
-                archive_infos = self._device.extraction.get_archive_info([], unchecked_package_uuids)
-                if archive_infos:
-                    for archive_info in archive_infos:
-                        if archive_info:
-                            # Extract package UUID from response
-                            pkg_uuid = archive_info.get("packageUUID")
-                            if pkg_uuid:
-                                self._archive_package_uuids.add(pkg_uuid)
-            except:
-                pass
-
-        return self._archive_package_uuids
+        # For packages NOT confirmed as archives, apply safety fallbacks
+        unconfirmed = all_package_uuids - confirmed_archives
+        debug(f"JDPackageCache: {len(unconfirmed)} packages need fallback checking")
+
+        for pkg_uuid in unconfirmed:
+            # Fallback 1: Check file extensions
+            if self._has_archive_extension(pkg_uuid, links):
+                debug(f"JDPackageCache: Package {pkg_uuid} confirmed as archive via extension fallback")
+                confirmed_archives.add(pkg_uuid)
+            # Fallback 2: If bulk API failed completely, assume archive (safe)
+            elif not api_succeeded:
+                debug(f"JDPackageCache: SAFETY - Bulk API failed, assuming package {pkg_uuid} is archive")
+                confirmed_archives.add(pkg_uuid)
+            else:
+                debug(f"JDPackageCache: Package {pkg_uuid} confirmed as NON-archive (API worked, no extension match)")
+
+        # Cache results for is_package_archive() lookups
+        for pkg_uuid in all_package_uuids:
+            self._archive_cache[pkg_uuid] = pkg_uuid in confirmed_archives
+
+        debug(
+            f"JDPackageCache: Final archive detection: {len(confirmed_archives)}/{len(all_package_uuids)} packages are archives")
+        return confirmed_archives
+
+    def is_package_archive(self, package_uuid, links=None):
+        """
+        Check if a package contains archive files.
+
+        Prefer calling detect_all_archives() first for efficiency.
+        This method is for single lookups or cache hits.
+
+        SAFETY: On API error, defaults to True (assume archive) to prevent
+        premature "finished" status.
+        """
+        if package_uuid is None:
+            debug("JDPackageCache: is_package_archive called with None UUID")
+            return False
+
+        if package_uuid in self._archive_cache:
+            self._cache_hits += 1
+            cached = self._archive_cache[package_uuid]
+            debug(f"JDPackageCache: is_package_archive({package_uuid}) = {cached} (cached)")
+            return cached
+
+        debug(f"JDPackageCache: is_package_archive({package_uuid}) - cache miss, querying API")
+
+        # Single package lookup (fallback if detect_all_archives wasn't called)
+        is_archive = None
+        api_failed = False
+
+        try:
+            self._api_calls += 1
+            archive_info = self._device.extraction.get_archive_info([], [package_uuid])
+            debug(f"JDPackageCache: Single get_archive_info returned: {archive_info}")
+            # Original logic: is_archive = True if archive_info and archive_info[0] else False
+            is_archive = True if archive_info and archive_info[0] else False
+            debug(f"JDPackageCache: API says is_archive = {is_archive}")
+        except Exception as e:
+            api_failed = True
+            debug(f"JDPackageCache: Single archive detection API FAILED for {package_uuid}: {type(e).__name__}: {e}")
+
+        # Fallback: check file extensions if API failed or returned False
+        if (api_failed or not is_archive) and links:
+            if self._has_archive_extension(package_uuid, links):
+                debug(f"JDPackageCache: Package {package_uuid} confirmed as archive via extension fallback")
+                is_archive = True
+
+        # SAFETY: If API failed and no extension detected, assume archive (conservative)
+        if is_archive is None:
+            debug(f"JDPackageCache: SAFETY - Detection uncertain for {package_uuid}, assuming archive")
+            is_archive = True
+
+        self._archive_cache[package_uuid] = is_archive
+        debug(f"JDPackageCache: is_package_archive({package_uuid}) = {is_archive} (final)")
+        return is_archive