Implemented the ability to change the JWT key on runtime. (#217)

* Implemented the ability to change the JWT key on runtime.

* Added .7z file extension support

* Cleanup

* Added Feathub link

* Code cleanup

* Fixed up a build issue on CI

API/Controllers/ReaderController.cs

@@ -288,21 +288,6 @@ namespace API.Controllers
             return Ok(-1);
         }
 
-        private int GetNextChapterId(Volume currentVolume, int currentChapterId)
-        {
-            var next = false;
-            foreach (var chapter in currentVolume.Chapters)
-            {
-                if (next)
-                {
-                    return chapter.Id;
-                }
-                if (currentChapterId == chapter.Id) next = true;
-            }
-
-            return -1;
-        }
-        
         private int GetNextChapterId(IEnumerable<Chapter> chapters, int currentChapterId)
         {
             var next = false;

API/Parser/Parser.cs

@@ -9,7 +9,7 @@ namespace API.Parser
 {
     public static class Parser
     {
-        public static readonly string ArchiveFileExtensions = @"\.cbz|\.zip|\.rar|\.cbr|\.tar.gz|\.7zip";
+        public static readonly string ArchiveFileExtensions = @"\.cbz|\.zip|\.rar|\.cbr|\.tar.gz|\.7zip|\.7z";
         public static readonly string BookFileExtensions = @"\.epub";
         public static readonly string ImageFileExtensions = @"^(\.png|\.jpeg|\.jpg)";
         public static readonly Regex FontSrcUrlRegex = new Regex("(src:url\\(\"?'?)([a-z0-9/\\._]+)(\"?'?\\))", RegexOptions.IgnoreCase | RegexOptions.Compiled);

API/Program.cs

@@ -1,5 +1,6 @@
 using System;
 using System.IO;
+using System.Security.Cryptography;
 using System.Threading;
 using System.Threading.Tasks;
 using API.Data;
@@ -14,7 +15,6 @@ using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
 using Sentry;
-using Sentry.Extensions.Logging;
 
 namespace API
 {
@@ -26,12 +26,26 @@ namespace API
         {
         }
         
+        private static string GetAppSettingFilename()
+        {
+            var environment = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
+            var isDevelopment = environment == Environments.Development;
+            return "appSettings" + (isDevelopment ? ".Development" : "") + ".json";
+        }
+        
         public static async Task Main(string[] args)
         {
             // Before anything, check if JWT has been generated properly or if user still has default
+            if (!Configuration.CheckIfJwtTokenSet(GetAppSettingFilename()))
+            {
+                Console.WriteLine("Generating JWT TokenKey for encrypting user sessions...");
+                var rBytes = new byte[24];
+                using (var crypto = new RNGCryptoServiceProvider()) crypto.GetBytes(rBytes);
+                var base64 = Convert.ToBase64String(rBytes).Replace("/", "");
+                Configuration.UpdateJwtToken(GetAppSettingFilename(), base64);
+            }
+
 
-            
-            
             var host = CreateHostBuilder(args).Build();
 
             using var scope = host.Services.CreateScope();

API/Startup.cs

@@ -1,8 +1,6 @@
 using System;
-using System.IO;
 using System.IO.Compression;
 using System.Linq;
-using System.Reflection;
 using API.Extensions;
 using API.Interfaces;
 using API.Middleware;

Kavita.Common/Configuration.cs

@@ -0,0 +1,47 @@
+using System;
+using System.IO;
+using System.Text.Json;
+
+namespace Kavita.Common
+{
+    public static class Configuration
+    {
+
+        public static bool CheckIfJwtTokenSet(string filePath)
+        {
+            try {
+                var json = File.ReadAllText(filePath);
+                var jsonObj = JsonSerializer.Deserialize<dynamic>(json);
+                const string key = "TokenKey";
+
+                JsonElement? tokenElement = null;
+                if (jsonObj?.TryGetProperty(key, out tokenElement))
+                {
+                    return tokenElement?.GetString() != "super secret unguessable key";
+                }
+
+                return false;
+                
+            }
+            catch (Exception ex) {
+                Console.WriteLine("Error writing app settings: " + ex.Message);
+            }
+
+            return false;
+        }
+
+        public static bool UpdateJwtToken(string filePath, string token)
+        {
+            try
+            {
+                var json = File.ReadAllText(filePath).Replace("super secret unguessable key", token);
+                File.WriteAllText(filePath, json);
+                return true;
+            }
+            catch (Exception)
+            {
+                return false;
+            }
+        }
+    }
+}

Kavita.Common/Kavita.Common.csproj

@@ -9,6 +9,7 @@
     </PropertyGroup>
 
     <ItemGroup>
+      <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="5.0.0" />
       <PackageReference Include="Sentry" Version="3.3.4" />
     </ItemGroup>
 
@@ -16,9 +17,6 @@
       <Reference Include="JetBrains.ReSharper.TestRunner.Merged, Version=1.3.1.55, Culture=neutral, PublicKeyToken=5c492ec4f3eccde3">
         <HintPath>D:\Program Files\JetBrains\JetBrains Rider 2020.3.2\lib\ReSharperHost\TestRunner\netcoreapp2.0\JetBrains.ReSharper.TestRunner.Merged.dll</HintPath>
       </Reference>
-      <Reference Include="Microsoft.Win32.Registry, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
-        <HintPath>..\..\..\..\..\..\..\Program Files\dotnet\shared\Microsoft.NETCore.App\5.0.5\Microsoft.Win32.Registry.dll</HintPath>
-      </Reference>
     </ItemGroup>
 
 </Project>

README.md

@@ -7,6 +7,7 @@ your manga collection with your friends and family!
 
 [![Discord](https://img.shields.io/badge/discord-chat-7289DA.svg?maxAge=60)](https://discord.gg/eczRp9eeem)
 ![Github Downloads](https://img.shields.io/github/downloads/Kareadita/Kavita/total.svg)
+[![Feature Requests](https://feathub.com/Kareadita/Kavita?format=svg)](https://feathub.com/Kareadita/Kavita)
 
 
 ## Goals: