Update authentication.cr

2025-08-28 15:38:30 +00:00 · 2023-06-12 21:07:15 -07:00 · 2023-06-12 21:07:15 -07:00 · e4ea243ce5
commit e4ea243ce5
parent 4a85198ef6
1 changed files with 57 additions and 43 deletions
--- a/src/invidious/routes/api/v1/authentication.cr
+++ b/src/invidious/routes/api/v1/authentication.cr
@ -1,24 +1,14 @@
 module Invidious::Routes::API::V1::Authentication
  def self.register(env)
    env.response.content_type = "application/json"
-    if !CONFIG.registration_enabled
-      return error_json(400, "Registration has been disabled by administrator")
-    else
-      # check if user is registering or responding to captcha
+    if CONFIG.registration_enabled
      begin
        creds = Credentials.from_json(env.request.body || "{}")
      rescue JSON::SerializableError
        creds = nil
      end
-
-      # begin
-      #   captcha_response = CaptchaResponse.from_json(env.request.body || "{}")
-      # rescue JSON::SerializableError
-      #   captcha_response = nil
-      # end
-
+      # get user info
      if creds
-        # user is registering
        username = creds.username.downcase
        password = creds.password
        username = "" if username.nil?
@ -43,16 +33,16 @@ module Invidious::Routes::API::V1::Authentication

        username = username.byte_slice(0, 254)
        password = password.byte_slice(0, 55)
-
+        # send captcha if enabled
        if CONFIG.captcha_enabled
-          # if captcha is enabled, send captcha
-          captcha = Invidious::User::Captcha.generate_text(HMAC_KEY)
-          # puts captcha
-          return captcha
+          begin
+            captcha_response = CaptchaResponse.from_json(env.request.body || "{}")
+          rescue JSON::SerializableError
+            captcha_response = nil
          end
-      end
-      # if captcha_response
-      #   # process captcha response
+          # check if user is responding to captcha
+          if captcha_response
+            # process captcha response
            # answer = captcha_response.answer
            # answer = answer.lstrip('0')
            # answer = OpenSSL::HMAC.hexdigest(:sha256, HMAC_KEY, answer)
@ -61,8 +51,14 @@ module Invidious::Routes::API::V1::Authentication
            # rescue ex
            #  return error_jsonror(400, ex)
            # end
-      # end
-      # create user if we made it past credentials and captcha
+          else
+            # send captcha
+            captcha = Invidious::User::Captcha.generate_text(HMAC_KEY)
+            # puts captcha
+            return captcha
+          end
+        end
+        # create user
        sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
        user, sid = create_user(sid, username, password)
        Invidious::Database::Users.insert(user)
@ -79,7 +75,15 @@ module Invidious::Routes::API::V1::Authentication
        else
          return error_json(500, "Token not found")
        end
+      else
+        return error_json(400, "No credentials")
      end
+    else
+      return error_json(400, "Registration has been disabled by administrator")
+    end
+  end
+
+  def self.captcha(env)
  end

  def self.login(env)
@ -131,6 +135,8 @@ struct CaptchaResponse
  include JSON::Serializable
  include YAML::Serializable

+  property username : String
+  property password : String
  property answer : String
  # property tokens : Array()
 end
@ -139,6 +145,14 @@ struct Credentials
  include JSON::Serializable
  include YAML::Serializable

+  property username : String
+  property password : String
+end
+
+struct Login
+  include JSON::Serializable
+  include YAML::Serializable
+
  property username : String
  property password : String
  property token : String