mirrors/invidious
1
0
Fork 0
mirror of https://github.com/iv-org/invidious.git synced 2025-08-28 15:38:30 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update authentication.cr

Browse Source
This commit is contained in:
Ryan G 2023-06-12 21:07:15 -07:00
parent 4a85198ef6
commit e4ea243ce5
1 changed files with 57 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
src/invidious/routes/api/v1/authentication.cr
View File

@ -1,24 +1,14 @@
module Invidious::Routes::API::V1::Authentication module Invidious::Routes::API::V1::Authentication
def self.register(env) def self.register(env)
env.response.content_type = "application/json" env.response.content_type = "application/json"
if !CONFIG.registration_enabled if CONFIG.registration_enabled
return error_json(400, "Registration has been disabled by administrator")
else
# check if user is registering or responding to captcha
begin begin
creds = Credentials.from_json(env.request.body || "{}") creds = Credentials.from_json(env.request.body || "{}")
rescue JSON::SerializableError rescue JSON::SerializableError
creds = nil creds = nil
end end
# get user info
# begin
# captcha_response = CaptchaResponse.from_json(env.request.body || "{}")
# rescue JSON::SerializableError
# captcha_response = nil
# end
if creds if creds
# user is registering
username = creds.username.downcase username = creds.username.downcase
password = creds.password password = creds.password
username = "" if username.nil? username = "" if username.nil?
@ -43,45 +33,59 @@ module Invidious::Routes::API::V1::Authentication
username = username.byte_slice(0, 254) username = username.byte_slice(0, 254)
password = password.byte_slice(0, 55) password = password.byte_slice(0, 55)
# send captcha if enabled
if CONFIG.captcha_enabled if CONFIG.captcha_enabled
# if captcha is enabled, send captcha begin
captcha = Invidious::User::Captcha.generate_text(HMAC_KEY) captcha_response = CaptchaResponse.from_json(env.request.body || "{}")
# puts captcha rescue JSON::SerializableError
return captcha captcha_response = nil
end end
end # check if user is responding to captcha
# if captcha_response if captcha_response
# # process captcha response # process captcha response
# answer = captcha_response.answer # answer = captcha_response.answer
# answer = answer.lstrip('0') # answer = answer.lstrip('0')
# answer = OpenSSL::HMAC.hexdigest(:sha256, HMAC_KEY, answer) # answer = OpenSSL::HMAC.hexdigest(:sha256, HMAC_KEY, answer)
# begin # begin
# validate_request(, answer, env.request, HMAC_KEY, locale) # validate_request(, answer, env.request, HMAC_KEY, locale)
# rescue ex # rescue ex
# return error_jsonror(400, ex) # return error_jsonror(400, ex)
# end # end
# end else
# create user if we made it past credentials and captcha # send captcha
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32)) captcha = Invidious::User::Captcha.generate_text(HMAC_KEY)
user, sid = create_user(sid, username, password) # puts captcha
Invidious::Database::Users.insert(user) return captcha
Invidious::Database::SessionIDs.insert(sid, username)
# send user info
if token = Invidious::Database::SessionIDs.select_one(sid: sid)
response = JSON.build do |json|
json.object do
json.field "session", token[:session]
json.field "issued", token[:issued].to_unix
end end
end end
return response # create user
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
user, sid = create_user(sid, username, password)
Invidious::Database::Users.insert(user)
Invidious::Database::SessionIDs.insert(sid, username)
# send user info
if token = Invidious::Database::SessionIDs.select_one(sid: sid)
response = JSON.build do |json|
json.object do
json.field "session", token[:session]
json.field "issued", token[:issued].to_unix
end
end
return response
else
return error_json(500, "Token not found")
end
else else
return error_json(500, "Token not found") return error_json(400, "No credentials")
end end
else
return error_json(400, "Registration has been disabled by administrator")
end end
end end
def self.captcha(env)
end
def self.login(env) def self.login(env)
env.response.content_type = "application/json" env.response.content_type = "application/json"
# locale = env.get("preferences").as(Preferences).locale # locale = env.get("preferences").as(Preferences).locale
@ -131,6 +135,8 @@ struct CaptchaResponse
include JSON::Serializable include JSON::Serializable
include YAML::Serializable include YAML::Serializable
property username : String
property password : String
property answer : String property answer : String
# property tokens : Array() # property tokens : Array()
end end
@ -139,6 +145,14 @@ struct Credentials
include JSON::Serializable include JSON::Serializable
include YAML::Serializable include YAML::Serializable
property username : String
property password : String
end
struct Login
include JSON::Serializable
include YAML::Serializable
property username : String property username : String
property password : String property password : String
property token : String property token : String