extern/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2024-11-07 08:34:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

No auth and req.user for cover images

Browse Source
This commit is contained in:
mikiher 2024-11-02 15:17:11 +02:00
parent 9e990d7927
commit 4224b8a486
2 changed files with 27 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
server/Auth.js
View File

@ -18,6 +18,26 @@ class Auth {
constructor() { constructor() {
// Map of openId sessions indexed by oauth2 state-variable // Map of openId sessions indexed by oauth2 state-variable
this.openIdAuthSession = new Map() this.openIdAuthSession = new Map()
this.ignorePattern = /\/api\/items\/[^/]+\/cover/
}
/**
* Checks if the request should not be authenticated.
* @param {import('express').Request} req
* @returns {boolean}
* @private
*/
authNotNeeded(req) {
return req.method === 'GET' && this.ignorePattern.test(req.originalUrl)
}
ifAuthNeeded(middleware) {
return (req, res, next) => {
if (this.authNotNeeded(req)) {
return next()
}
middleware(req, res, next)
}
} }
/** /**

14
server/Server.js
View File

@ -238,7 +238,7 @@ class Server {
// init passport.js // init passport.js
app.use(passport.initialize()) app.use(passport.initialize())
// register passport in express-session // register passport in express-session
app.use(passport.session()) app.use(this.auth.ifAuthNeeded(passport.session()))
// config passport.js // config passport.js
await this.auth.initPassportJs() await this.auth.initPassportJs()
@ -268,6 +268,10 @@ class Server {
router.use(express.urlencoded({ extended: true, limit: '5mb' })) router.use(express.urlencoded({ extended: true, limit: '5mb' }))
router.use(express.json({ limit: '5mb' })) router.use(express.json({ limit: '5mb' }))
router.use('/api', this.auth.ifAuthNeeded(this.authMiddleware.bind(this)), this.apiRouter.router)
router.use('/hls', this.authMiddleware.bind(this), this.hlsRouter.router)
router.use('/public', this.publicRouter.router)
// Static path to generated nuxt // Static path to generated nuxt
const distPath = Path.join(global.appRoot, '/client/dist') const distPath = Path.join(global.appRoot, '/client/dist')
router.use(express.static(distPath)) router.use(express.static(distPath))
@ -275,10 +279,6 @@ class Server {
// Static folder // Static folder
router.use(express.static(Path.join(global.appRoot, 'static'))) router.use(express.static(Path.join(global.appRoot, 'static')))
router.use('/api', this.authMiddleware.bind(this), this.apiRouter.router)
router.use('/hls', this.authMiddleware.bind(this), this.hlsRouter.router)
router.use('/public', this.publicRouter.router)
// RSS Feed temp route // RSS Feed temp route
router.get('/feed/:slug', (req, res) => { router.get('/feed/:slug', (req, res) => {
Logger.info(`[Server] Requesting rss feed ${req.params.slug}`) Logger.info(`[Server] Requesting rss feed ${req.params.slug}`)
@ -296,7 +296,7 @@ class Server {
await this.auth.initAuthRoutes(router) await this.auth.initAuthRoutes(router)
// Client dynamic routes // Client dynamic routes
const dyanimicRoutes = [ const dynamicRoutes = [
'/item/:id', '/item/:id',
'/author/:id', '/author/:id',
'/audiobook/:id/chapters', '/audiobook/:id/chapters',
@ -319,7 +319,7 @@ class Server {
'/playlist/:id', '/playlist/:id',
'/share/:slug' '/share/:slug'
] ]
dyanimicRoutes.forEach((route) => router.get(route, (req, res) => res.sendFile(Path.join(distPath, 'index.html')))) dynamicRoutes.forEach((route) => router.get(route, (req, res) => res.sendFile(Path.join(distPath, 'index.html'))))
router.post('/init', (req, res) => { router.post('/init', (req, res) => {
if (Database.hasRootUser) { if (Database.hasRootUser) {