95 lines
2.9 KiB
Bash
95 lines
2.9 KiB
Bash
#!/usr/bin/env bash
|
|
# UniFi API helper - handles login and authenticated calls
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
CONFIG_FILE="${UNIFI_CONFIG_FILE:-$HOME/.clawdbot/credentials/unifi/config.json}"
|
|
|
|
# Load config
|
|
if [ ! -f "$CONFIG_FILE" ]; then
|
|
echo "Error: UniFi not configured. Create $CONFIG_FILE with {\"url\": \"https://...\", \"username\": \"...\", \"password\": \"...\", \"site\": \"default\"}" >&2
|
|
exit 1
|
|
fi
|
|
|
|
UNIFI_URL=$(jq -r '.url' "$CONFIG_FILE")
|
|
UNIFI_USER=$(jq -r '.username' "$CONFIG_FILE")
|
|
UNIFI_PASS=$(jq -r '.password' "$CONFIG_FILE")
|
|
UNIFI_SITE=$(jq -r '.site // "default"' "$CONFIG_FILE")
|
|
|
|
# Login and store cookie
|
|
# Usage: unifi_login [cookie_file_path]
|
|
unifi_login() {
|
|
local cookie_file="${1:-${UNIFI_COOKIE_FILE:-$(mktemp)}}"
|
|
|
|
# If it's a temp file we created just now, export it so subsequent calls use it
|
|
if [ -z "${UNIFI_COOKIE_FILE:-}" ]; then
|
|
export UNIFI_COOKIE_FILE="$cookie_file"
|
|
fi
|
|
|
|
local payload
|
|
payload=$(jq -nc --arg username "$UNIFI_USER" --arg password "$UNIFI_PASS" '{username:$username,password:$password}')
|
|
|
|
# Try UniFi OS login first, fallback to classic controller
|
|
local login_response
|
|
login_response=$(curl -sk -c "$cookie_file" \
|
|
-H "Content-Type: application/json" \
|
|
-X POST \
|
|
"$UNIFI_URL/api/auth/login" \
|
|
--data "$payload" 2>/dev/null)
|
|
|
|
# Check if UniFi OS login succeeded
|
|
if echo "$login_response" | jq -e '.meta.rc == "ok"' >/dev/null 2>&1; then
|
|
return 0
|
|
fi
|
|
|
|
# Fallback to classic controller login
|
|
curl -sk -c "$cookie_file" \
|
|
-H "Content-Type: application/json" \
|
|
-X POST \
|
|
"$UNIFI_URL/api/login" \
|
|
--data "$payload" >/dev/null 2>&1
|
|
|
|
if [ ! -s "$cookie_file" ]; then
|
|
echo "Error: Login failed (empty cookie file)" >&2
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# Make authenticated GET request
|
|
# Usage: unifi_get <endpoint>
|
|
# Endpoint should be like "stat/sta" or "rest/portforward" - site path is added automatically
|
|
# Uses UNIFI_COOKIE_FILE if set, otherwise logs in temporarily
|
|
unifi_get() {
|
|
local endpoint="$1"
|
|
local temp_cookie=false
|
|
|
|
# Ensure we have a cookie
|
|
if [ -z "${UNIFI_COOKIE_FILE:-}" ] || [ ! -f "$UNIFI_COOKIE_FILE" ]; then
|
|
temp_cookie=true
|
|
export UNIFI_COOKIE_FILE=$(mktemp)
|
|
unifi_login "$UNIFI_COOKIE_FILE"
|
|
fi
|
|
|
|
# Handle both old format (/api/s/site/...) and new format (stat/...)
|
|
local full_url
|
|
if [[ "$endpoint" == /api/* ]]; then
|
|
# Old format - use as-is
|
|
full_url="$UNIFI_URL$endpoint"
|
|
else
|
|
# New format - try UniFi OS first, fallback to classic
|
|
full_url="$UNIFI_URL/proxy/network/api/s/$UNIFI_SITE/$endpoint"
|
|
fi
|
|
|
|
curl -sk -b "$UNIFI_COOKIE_FILE" "$full_url"
|
|
|
|
# Cleanup if we created a temp cookie just for this request
|
|
if [ "$temp_cookie" = true ]; then
|
|
rm -f "$UNIFI_COOKIE_FILE"
|
|
unset UNIFI_COOKIE_FILE
|
|
fi
|
|
}
|
|
|
|
export -f unifi_login
|
|
export -f unifi_get
|
|
export UNIFI_URL UNIFI_SITE
|