added optional anonymous login for clients

2025-07-10 14:15:14 +02:00 · 2023-08-31 09:22:07 +02:00 · 2023-08-31 09:22:07 +02:00 · fdb3c4aa49
commit fdb3c4aa49
parent 662884d405
4 changed files with 42 additions and 12 deletions
--- a/README.md
+++ b/README.md
@ -33,6 +33,7 @@ Parameter | Example | Explanation
 `allowCreate` | true/`false` | allows creation of entries if parameter `create=true` in URL
 `restrictDomain` | true / `false` | allows admin to restrict the domain to update to a given value `domain` and/or `host`. See URL parameters for host parameter explanation
 `allowNetcupCreds` | true / `false` | allows the user to pass netcup credentials directly via the URL. URL creds will be preferred if any still exist in .env file
+`allowAnonymous` | true / `false` | allows anonymous login, recommended only if you do not store any credentials and disable logging

 * alternatively you can use .configure.sh to create your .env file for you (if you are on a *NIX system)

@ -49,7 +50,7 @@ You can now set `allowCreate=true` in .env and pass `create=true` as URL paramet

 Parameter | Example | Explanation
 ---: | :--- | :---
-user | dnsupdater | username to authenticate against this script as defined in .env file
+user | dnsupdater | username to authenticate against this script as defined in .env file. If anonymous login is allowed in .env: `anonymous`
 password | secretpleasechange |password for that user as defined in .env file
 domain | home.example.com | `case A)` If `host` is not specified: the FQDN for your host
 domain | example.com | `case B)` If you want to update the @ or * record
--- a/src/Config.php
+++ b/src/Config.php
@ -60,6 +60,11 @@ final class Config
     */
    private $allowNetcupCreds = false;

+    /**
+     * @var bool
+     */
+    private $allowAnonymous = false;
+
    /**
     * @var bool
     */
@ -91,8 +96,13 @@ final class Config
    public function isValid()
    {
        return
+            (
                !empty($this->username) &&
-            !empty($this->password) &&
+                !empty($this->password)
+            ) ||
+            (
+                $this->isAllowAnonymous()
+            ) &&
            (
                (
                    !empty($this->apiKey) &&
@ -202,6 +212,14 @@ final class Config
        return $this->allowNetcupCreds;
    }

+    /**
+     * @return bool
+     */
+    public function isAllowAnonymous()
+    {
+        return $this->allowAnonymous;
+    }
+
    /**
     * @return string
     */
--- a/src/Handler.php
+++ b/src/Handler.php
@ -58,6 +58,13 @@ final class Handler
            }
        }

+        if ($this->config->isAllowAnonymous()) {
+            if ($this->payload->getUser() == 'anonymous') {
+                if ($this->config->isDebug()) {
+                    $this->doLog('anonymous login by client');
+                }
+            }
+        } else {
            if (
                $this->config->getUsername() !== $this->payload->getUser() ||
                $this->config->getPassword() !== $this->payload->getPassword()
@ -68,6 +75,7 @@ final class Handler
                    exit("credentials invalid\n");
                }
            }
+        }

        if ($this->config->isAllowNetcupCreds()) {
            if ($this->payload->isValidNetcupCreds()) {
--- a/src/Payload.php
+++ b/src/Payload.php
@ -85,7 +85,10 @@ final class Payload
    {
        return
            !empty($this->user) &&
-            !empty($this->password) &&
+            (
+                $this->user == 'anonymous' ||
+                !empty($this->password)
+            ) &&
            !empty($this->domain) &&
            (
                (