!feat: secure most of api behind api_key

.env.example

@@ -15,6 +15,9 @@ HARD_RESET=false
 # This will attempt to fix broken symlinks in the library, and then exit after running!
 REPAIR_SYMLINKS=false
 
+# Manual api key, must be 32 characters long
+API_KEY=1234567890qwertyuiopas
+
 # This is the number of workers to use for reindexing symlinks after a database reset. 
 # More workers = faster symlinking but uses more memory.
 # For lower end machines, stick to around 1-3.

pyproject.toml

@@ -37,6 +37,7 @@ rank-torrent-name = "^1.0.2"
 jsonschema = "^4.23.0"
 scalar-fastapi = "^1.0.3"
 psutil = "^6.0.0"
+python-dotenv = "^1.0.1"
 
 [tool.poetry.group.dev.dependencies]
 pyright = "^1.1.352"

src/auth.py

@@ -0,0 +1,14 @@
+from fastapi import HTTPException, Security, status
+from fastapi.security import APIKeyHeader
+from program.settings.manager import settings_manager
+
+api_key_header =  APIKeyHeader(name="x-api-key")
+
+def resolve_api_key(api_key_header: str = Security(api_key_header)):
+    if api_key_header == settings_manager.settings.api_key:
+        return True
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Missing or invalid API key"
+        )

src/main.py

@@ -8,21 +8,17 @@
 import uvicorn
 from fastapi import FastAPI
 from fastapi.middleware.cors import CORSMiddleware
-from starlette.middleware.base import BaseHTTPMiddleware
-from starlette.requests import Request
-
-from controllers.default import router as default_router
-from controllers.items import router as items_router
-from controllers.scrape import router as scrape_router
-from controllers.settings import router as settings_router
-from controllers.tmdb import router as tmdb_router
-from controllers.webhooks import router as webhooks_router
-from controllers.ws import router as ws_router
-from scalar_fastapi import get_scalar_api_reference
 from program import Program
 from program.settings.models import get_version
+from routers import app_router
+from scalar_fastapi import get_scalar_api_reference
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.requests import Request
 from utils.cli import handle_args
-from utils.logger import logger
+from loguru import logger
+from dotenv import load_dotenv
+
+load_dotenv()
 
 
 class LoguruMiddleware(BaseHTTPMiddleware):
@@ -62,7 +58,6 @@ async def scalar_html():
     )
 
 app.program = Program()
-
 app.add_middleware(LoguruMiddleware)
 app.add_middleware(
     CORSMiddleware,
@@ -72,14 +67,7 @@ async def scalar_html():
     allow_headers=["*"],
 )
 
-app.include_router(default_router)
-app.include_router(settings_router)
-app.include_router(items_router)
-app.include_router(scrape_router)
-app.include_router(webhooks_router)
-app.include_router(tmdb_router)
-app.include_router(ws_router)
-
+app.include_router(app_router)
 
 class Server(uvicorn.Server):
     def install_signal_handlers(self):

src/program/content/listrr.py

@@ -6,7 +6,7 @@
 from program.indexers.trakt import get_imdbid_from_tmdb
 from program.media.item import MediaItem
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.request import get, ping
 
 

src/program/content/mdblist.py

@@ -4,7 +4,7 @@
 
 from program.media.item import MediaItem
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 from utils.request import get, ping
 

src/program/content/overseerr.py

@@ -8,7 +8,7 @@
 from program.indexers.trakt import get_imdbid_from_tmdb
 from program.media.item import MediaItem
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.request import delete, get, ping, post
 
 

src/program/content/plex_watchlist.py

@@ -7,7 +7,7 @@
 
 from program.media.item import Episode, MediaItem, Movie, Season, Show
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.request import get, ping
 
 

src/program/content/trakt.py

@@ -8,7 +8,7 @@
 
 from program.media.item import MediaItem
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter
 from utils.request import get, post
 

src/program/db/db.py

@@ -8,7 +8,7 @@
 
 from program.settings.manager import settings_manager
 from utils import data_dir_path
-from utils.logger import logger
+from loguru import logger
 
 engine_options = {
     "pool_size": 25, # Prom: Set to 1 when debugging sql queries

src/program/db/db_functions.py

@@ -11,7 +11,7 @@
 from program.media.stream import Stream, StreamBlacklistRelation, StreamRelation
 from program.settings.manager import settings_manager
 from utils import alembic_dir
-from utils.logger import logger
+from loguru import logger
 
 from .db import alembic, db
 

src/program/downloaders/torbox.py

@@ -14,7 +14,7 @@
 from program.media.state import States
 from program.media.stream import Stream
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.request import get, post
 
 API_URL = "https://api.torbox.app/v1/api"

src/program/indexers/tmdb.py

@@ -3,7 +3,7 @@
 from typing import Generic, Literal, Optional, TypeVar
 
 from pydantic import BaseModel
-from utils.logger import logger
+from loguru import logger
 from utils.request import get
 
 TMDB_READ_ACCESS_TOKEN = "eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJlNTkxMmVmOWFhM2IxNzg2Zjk3ZTE1NWY1YmQ3ZjY1MSIsInN1YiI6IjY1M2NjNWUyZTg5NGE2MDBmZjE2N2FmYyIsInNjb3BlcyI6WyJhcGlfcmVhZCJdLCJ2ZXJzaW9uIjoxfQ.xrIXsMFJpI1o1j5g2QpQcFP1X3AfRjFA5FlBFO5Naw8"  # noqa: S105

src/program/indexers/trakt.py

@@ -7,7 +7,7 @@
 from program.db.db import db
 from program.media.item import Episode, MediaItem, Movie, Season, Show
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.request import get
 
 CLIENT_ID = "0183a05ad97098d87287fe46da4ae286f434f32e8e951caad4cc147c947d79a3"

src/program/libraries/symlink.py

@@ -10,7 +10,7 @@
 from program.db.db import db
 from program.media.subtitle import Subtitle
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 
 if TYPE_CHECKING:
     from program.media.item import Episode, MediaItem, Movie, Show

src/program/media/item.py

@@ -6,14 +6,14 @@
 
 import sqlalchemy
 from RTN import parse
-from sqlalchemy import Index, UniqueConstraint
+from sqlalchemy import Index
 from sqlalchemy.orm import Mapped, mapped_column, object_session, relationship
 
-import utils.websockets.manager as ws_manager
+from utils.sse_manager import sse_manager
 from program.db.db import db
 from program.media.state import States
 from program.media.subtitle import Subtitle
-from utils.logger import logger
+from loguru import logger
 
 from ..db.db_functions import blacklist_stream, reset_streams
 from .stream import Stream
@@ -133,9 +133,10 @@ def __init__(self, item: dict | None) -> None:
         self.subtitles = item.get("subtitles", [])
 
     def store_state(self) -> None:
-        if self.last_state and self.last_state != self._determine_state():
-            ws_manager.send_item_update(json.dumps(self.to_dict()))
-        self.last_state = self._determine_state()
+        new_state = self._determine_state()
+        if self.last_state and self.last_state != new_state:
+            sse_manager.publish_event("item_update", {"last_state": self.last_state, "new_state": new_state, "item_id": self._id})
+        self.last_state = new_state
 
     def is_stream_blacklisted(self, stream: Stream):
         """Check if a stream is blacklisted for this item."""
@@ -458,9 +459,7 @@ def _determine_state(self):
     def store_state(self) -> None:
         for season in self.seasons:
             season.store_state()
-        if self.last_state and self.last_state != self._determine_state():
-            ws_manager.send_item_update(json.dumps(self.to_dict()))
-        self.last_state = self._determine_state()
+        super().store_state()
 
     def __repr__(self):
         return f"Show:{self.log_string}:{self.state.name}"
@@ -531,9 +530,7 @@ class Season(MediaItem):
     def store_state(self) -> None:
         for episode in self.episodes:
             episode.store_state()
-        if self.last_state and self.last_state != self._determine_state():
-            ws_manager.send_item_update(json.dumps(self.to_dict()))
-        self.last_state = self._determine_state()
+        super().store_state()
 
     def __init__(self, item):
         self.type = "season"

src/program/media/stream.py

@@ -6,7 +6,7 @@
 from sqlalchemy.orm import Mapped, mapped_column, relationship
 
 from program.db.db import db
-from utils.logger import logger
+from loguru import logger
 
 if TYPE_CHECKING:
     from program.media.item import MediaItem
@@ -24,7 +24,7 @@ class StreamRelation(db.Model):
         Index('ix_streamrelation_parent_id', 'parent_id'),
         Index('ix_streamrelation_child_id', 'child_id'),
     )
-    
+
 class StreamBlacklistRelation(db.Model):
     __tablename__ = "StreamBlacklistRelation"
 
@@ -66,6 +66,6 @@ def __init__(self, torrent: Torrent):
 
     def __hash__(self):
         return self.infohash
-    
+
     def __eq__(self, other):
         return isinstance(other, Stream) and self.infohash == other.infohash

src/program/program.py

@@ -5,12 +5,10 @@
 from concurrent.futures import ThreadPoolExecutor, as_completed
 from datetime import datetime
 from queue import Empty
-from typing import Iterator, List
 
 from apscheduler.schedulers.background import BackgroundScheduler
 from rich.live import Live
 
-import utils.websockets.manager as ws_manager
 from program.content import Listrr, Mdblist, Overseerr, PlexWatchlist, TraktContent
 from program.downloaders import Downloader
 from program.indexers.trakt import TraktIndexer
@@ -25,7 +23,7 @@
 from program.updaters import Updater
 from utils import data_dir_path
 from utils.event_manager import EventManager
-from utils.logger import create_progress_bar, log_cleaner, logger
+from utils.logging import create_progress_bar, log_cleaner, logger
 
 from .state_transition import process_event
 from .symlink import Symlinker
@@ -170,7 +168,6 @@ def start(self):
         super().start()
         self.scheduler.start()
         logger.success("Riven is running!")
-        ws_manager.send_health_update("running")
         self.initialized = True
 
     def _retry_library(self) -> None:

src/program/scrapers/__init__.py

@@ -17,7 +17,7 @@
 from program.scrapers.torrentio import Torrentio
 from program.scrapers.zilean import Zilean
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 
 
 class Scraping:

src/program/scrapers/annatar.py

@@ -7,7 +7,7 @@
 from program.media.item import MediaItem
 from program.settings.manager import settings_manager
 from program.scrapers.shared import _get_stremio_identifier
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 from utils.request import get
 

src/program/scrapers/comet.py

@@ -10,7 +10,7 @@
 from program.media.item import MediaItem, Show
 from program.settings.manager import settings_manager
 from program.scrapers.shared import _get_stremio_identifier
-from utils.logger import logger
+from loguru import logger
 from utils.request import RateLimiter, RateLimitExceeded, get, ping
 
 

src/program/scrapers/jackett.py

@@ -12,7 +12,7 @@
 
 from program.media.item import Episode, MediaItem, Movie, Season, Show
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 
 

src/program/scrapers/knightcrawler.py

@@ -7,7 +7,7 @@
 from program.media.item import Episode, MediaItem
 from program.scrapers.shared import _get_stremio_identifier
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 from utils.request import get, ping
 

src/program/scrapers/mediafusion.py

@@ -10,7 +10,7 @@
 from program.scrapers.shared import _get_stremio_identifier
 from program.settings.manager import settings_manager
 from program.settings.models import AppModel
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 from utils.request import get, ping
 

src/program/scrapers/orionoid.py

@@ -3,7 +3,7 @@
 
 from program.media.item import MediaItem
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 from utils.request import get
 

src/program/scrapers/prowlarr.py

@@ -13,7 +13,7 @@
 
 from program.media.item import Episode, MediaItem, Movie, Season, Show
 from program.settings.manager import settings_manager
-from utils.logger import logger
+from loguru import logger
 from utils.ratelimiter import RateLimiter, RateLimitExceeded
 
 

src/program/scrapers/shared.py

@@ -9,7 +9,7 @@
 from program.media.stream import Stream
 from program.settings.manager import settings_manager
 from program.settings.versions import models
-from utils.logger import logger
+from loguru import logger
 
 enable_aliases = settings_manager.settings.scraping.enable_aliases
 settings_model = settings_manager.settings.ranking