feat: Moonraker user authorization

[goesta]

This PR adds Support for Moonraker user authorization.

https://moonraker.readthedocs.io/en/latest/web_api/#authorization
https://moonraker.readthedocs.io/en/latest/configuration/#authorization

How to use it:

1. In the Machine Tap create a new user using the new "users panel". 🤪
2. add force_logins: True to the [authorization] section in your moonraker.cfg
3. hit refresh

Whats missing:

The refresh token handling. The remember me checkbox is just a dummy for now.

closes(#267)

[bubnikv]

Having no authorization at all in Mainsail is quite a bummer for using Mainsail in a company environment or with a hyperactive teenager in house. Without any authorization, one will easily manipulate other's printer by a mistake. Would you please consider implementing some kind of authorization? Thanks for great work.

[Arti4ever]

Any news on when this feature will be added to Mainsail ?
from what I see, it’s been a year that this PR exist.

[albertsj1]

Looking forward to this being implemented so I can use mainsail again with moonraker auth.

[aimzaimz]

I tested your implementation and really like it.
Whenever I refresh the site i have to login again. What is required to make the "remember me" button functional?

[fabio-s-franco]

bummer this seems not be given any attention

[goesta]

I tested your implementation and really like it.
Whenever I refresh the site i have to login again. What is required to make the "remember me" button functional?

Yeah as the description says the refresh token handling is missing. I guess you would need to store it in local storage.

I stopped working on this PR because at the time Mete was not willing to merge it because he was working on his own implementation.

[meteyou]

@goesta that must have been a communication problem then. I only uploaded my branch so that you could possibly take over parts of it. that's why I didn't work on it any further.

[aimzaimz]

Would love to see this implemented. Been using the feature for a few weeks now, I have two issues:

1. Login is not remembered (I know thats just because it hasnt been implemented)
2. If the website is opened for some time, I cannot download logs and configfiles anymore and have to refresh the site to log in again in order to download those files.

This is what my browser shows:

Uncaught (in promise)
Object { message: "Request failed with status code 401", name: "AxiosError", code: "ERR_BAD_REQUEST", config: {…}, request: XMLHttpRequest, response: {…}, stack: "" }
​
code: "ERR_BAD_REQUEST"
​
config: Object { timeout: 0, xsrfCookieName: "XSRF-TOKEN", xsrfHeaderName: "X-XSRF-TOKEN", … }
​
message: "Request failed with status code 401"
​
name: "AxiosError"
​
request: XMLHttpRequest { readyState: 4, timeout: 0, withCredentials: false, … }
​
response: Object { data: Blob, status: 401, statusText: "Unauthorized", … }
​
stack: ""
​
: Object { constructor: AxiosError$2(o, l, p, S, M), toJSON: toJSON(), stack: "", … }

[hdabor-sooner]

hello, i am new to all this authorization stuff and i need help. i have a voron that operates using mainsail, i would like to password protect the mainsail webserver from students trying to access the printer. i am trying to implement the PR, i just added the authorization code block into the mookraker.conf file and am stuck with what to do next. any help would be greatly appreciated.

[samwiseg0]

hello, i am new to all this authorization stuff and i need help. i have a voron that operates using mainsail, i would like to password protect the mainsail webserver from students trying to access the printer. i am trying to implement the PR, i just added the authorization code block into the mookraker.conf file and am stuck with what to do next. any help would be greatly appreciated.

I would suggest you use Fluidd instead since it supports authentication natively.

Alternatively you can use basic Auth in nginx.

[meteyou]

hello, i am new to all this authorization stuff and i need help. i have a voron that operates using mainsail, i would like to password protect the mainsail webserver from students trying to access the printer. i am trying to implement the PR, i just added the authorization code block into the mookraker.conf file and am stuck with what to do next. any help would be greatly appreciated.

I would suggest you use Fluidd instead since it supports authentication natively.

Alternatively you can use basic Auth in nginx.

keep in mind that moonraker authentication (which uses fluidd) is NOT intended for the public internet! this is at most an intranet protection!

[hdabor-sooner]

hello, i am new to all this authorization stuff and i need help. i have a voron that operates using mainsail, i would like to password protect the mainsail webserver from students trying to access the printer. i am trying to implement the PR, i just added the authorization code block into the mookraker.conf file and am stuck with what to do next. any help would be greatly appreciated.

I would suggest you use Fluidd instead since it supports authentication natively.

Alternatively you can use basic Auth in nginx.

I initially tried to use nginx on ubuntu using their example on their website here: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/. To sum up, the example code is shown below. However, I kept running into errors and I couldn't find the api key on mainsail. I am pretty sure there is something I am not understanding though.
` {
server {
listen 192.168.1.23:8080;
root /usr/share/nginx/html;
location /api {
api;
satisfy all;

        deny  192.168.1.2;
        allow 192.168.1.1/24;
        allow 127.0.0.1;
        deny  all;

        auth_basic           "Administrator’s Area";
        auth_basic_user_file /etc/apache2/.htpasswd; 
    }
}

}`