mirrors/invidious
1
0
Fork 0
mirror of https://github.com/iv-org/invidious.git synced 2025-08-28 15:38:30 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Added Registration API

Browse Source
This commit is contained in:
Ryan G 2023-06-12 18:23:46 -07:00
parent d9194854e2
commit 5f09fe66ee
1 changed files with 77 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
src/invidious/routes/api/v1/authentication.cr
View File

@ -1,4 +1,74 @@
module Invidious::Routes::API::V1::Authentication module Invidious::Routes::API::V1::Authentication
def self.register(env)
env.response.content_type = "application/json"
if !CONFIG.registration_enabled
return error_json(400, "Registration has been disabled by administrator")
else
# check if user is registering or responding to captcha
begin
creds = Credentials.from_json(env.request.body || "{}")
rescue JSON::SerializableError
creds = nil
end
begin
captcha_response = CaptchaRespone.from_json(env.request.body || "{}")
rescue JSON::SerializableError
captcha_response = nil
end
if creds
# user is registering
password = creds.password
username = creds.username
if creds.password.empty?
return error_json(401, "Password cannot be empty")
end
# See https://security.stackexchange.com/a/39851
if creds.password.bytesize > 55
return error_json(400, "Password cannot be longer than 55 characters")
end
password = password.byte_slice(0, 55)
if CONFIG.captcha_enabled
# if captcha is enabled, send captcha
captcha = Invidious::User::Captcha.generate_text(HMAC_KEY)
# puts captcha
return captcha
end
end
if captcha_response
# process captcha response
answer = captcha_response.answer
answer = answer.lstrip('0')
answer = OpenSSL::HMAC.hexdigest(:sha256, HMAC_KEY, answer)
begin
validate_request(tokens[0], answer, env.request, HMAC_KEY, locale)
rescue ex
return error_jsonror(400, ex)
end
end
# create user if we made it past credentials and captcha
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
user, sid = create_user(sid, email, password)
Invidious::Database::Users.insert(user)
Invidious::Database::SessionIDs.insert(sid, email)
# send user info
if token = Invidious::Database::SessionIDs.select_one(sid: sid)
response = JSON.build do |json|
json.object do
json.field "session", token[:session]
json.field "issued", token[:issued].to_unix
end
end
return response
else
return error_json(500, "Token not found")
end
end
end
def self.login(env) def self.login(env)
env.response.content_type = "application/json" env.response.content_type = "application/json"
# locale = env.get("preferences").as(Preferences).locale # locale = env.get("preferences").as(Preferences).locale
@ -44,6 +114,13 @@ module Invidious::Routes::API::V1::Authentication
end end
end end
struct CaptchaResponse
include JSON::Serializable
include YAML::Serializable
property answer : String
end
struct Credentials struct Credentials
include JSON::Serializable include JSON::Serializable
include YAML::Serializable include YAML::Serializable