Remove residual account_type logic

2025-08-28 23:48:31 +00:00 · 2023-07-26 15:57:43 -07:00 · 2023-07-26 15:57:43 -07:00 · 2d289b3d12
commit 2d289b3d12
parent 3b77a2eac1
2 changed files with 21 additions and 34 deletions
--- a/src/invidious/routes/login.cr
+++ b/src/invidious/routes/login.cr
@ -30,45 +30,37 @@ module Invidious::Routes::Login
    email = env.params.body["email"]?.try &.downcase.byte_slice(0, 254)
    password = env.params.body["password"]?
-    account_type = env.params.query["type"]?
+    if email.nil? || email.empty?
-    account_type ||= "invidious"
+      return error_template(401, "User ID is a required field")
    end
-    case account_type
+    if password.nil? || password.empty?
-    when "invidious"
+      return error_template(401, "Password is a required field")
-      if email.nil? || email.empty?
+    end
        return error_template(401, "User ID is a required field")
      end
-      if password.nil? || password.empty?
+    user = Invidious::Database::Users.select(email: email)
        return error_template(401, "Password is a required field")
      end
-      user = Invidious::Database::Users.select(email: email)
+    if user
      if Crypto::Bcrypt::Password.new(user.password.not_nil!).verify(password.byte_slice(0, 55))
        sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
        Invidious::Database::SessionIDs.insert(sid, email)
-      if user
+        env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid)
        if Crypto::Bcrypt::Password.new(user.password.not_nil!).verify(password.byte_slice(0, 55))
          sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
          Invidious::Database::SessionIDs.insert(sid, email)
          env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid)
        else
          return error_template(401, "Wrong username or password")
        end
        # Since this user has already registered, we don't want to overwrite their preferences
        if env.request.cookies["PREFS"]?
          cookie = env.request.cookies["PREFS"]
          cookie.expires = Time.utc(1990, 1, 1)
          env.response.cookies << cookie
        end
      else
        return error_template(401, "Wrong username or password")
      end
-      env.redirect referer
+      # Since this user has already registered, we don't want to overwrite their preferences
      if env.request.cookies["PREFS"]?
        cookie = env.request.cookies["PREFS"]
        cookie.expires = Time.utc(1990, 1, 1)
        env.response.cookies << cookie
      end
    else
-      env.redirect referer
+      return error_template(401, "Wrong username or password")
    end
    env.redirect referer
  end
  def self.signup_page(env)
@ -88,9 +80,6 @@ module Invidious::Routes::Login
    password = nil
    captcha = nil
    account_type = env.params.query["type"]?
    account_type ||= "invidious"
    captcha_type = env.params.query["captcha"]?
    captcha_type ||= "image"
--- a/src/invidious/user/captcha.cr
+++ b/src/invidious/user/captcha.cr
@ -81,8 +81,6 @@ struct Invidious::User
      end
      captcha_type ||= "image"
      account_type = "invidious"
      if captcha_type == "image"
        captcha = Invidious::User::Captcha.generate_image(HMAC_KEY)
      else