Cutlery/Kavita
1
0
Fork 0
mirror of https://github.com/Kareadita/Kavita.git synced 2026-06-06 14:55:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

No more JWTs for Scripts + Polish (#4274)

Browse Source 
Co-authored-by: Amelia <77553571+Fesaa@users.noreply.github.com>
This commit is contained in:
Joe Milazzo
2025-12-13 06:55:02 -07:00
committed by GitHub
parent b67680c639
commit 8043650aa5
131 changed files with 7804 additions and 1849 deletions
Download Patch File Download Diff File Expand all files Collapse all files
API/Controllers/AccountController.cs
+27 -9
View File
@@ -20,6 +20,7 @@ using API.Helpers;
using API.Helpers.Builders;
using API.Middleware;
using API.Services;
using API.Services.Caching;
using API.SignalR;
using AutoMapper;
using Hangfire;
@@ -56,6 +57,7 @@ public class AccountController : BaseApiController
private readonly IEventHub _eventHub;
private readonly ILocalizationService _localizationService;
private readonly IAuthenticationSchemeProvider _authenticationSchemeProvider;
private readonly IAuthKeyCacheInvalidator _authKeyCacheInvalidator;
/// <inheritdoc />
public AccountController(UserManager<AppUser> userManager,
@@ -65,7 +67,8 @@ public class AccountController : BaseApiController
IMapper mapper, IAccountService accountService,
IEmailService emailService, IEventHub eventHub,
ILocalizationService localizationService,
IAuthenticationSchemeProvider authenticationSchemeProvider)
IAuthenticationSchemeProvider authenticationSchemeProvider,
IAuthKeyCacheInvalidator authKeyCacheInvalidator)
{
_userManager = userManager;
_signInManager = signInManager;
@@ -78,6 +81,7 @@ public class AccountController : BaseApiController
_eventHub = eventHub;
_localizationService = localizationService;
_authenticationSchemeProvider = authenticationSchemeProvider;
_authKeyCacheInvalidator = authKeyCacheInvalidator;
}
/// <summary>
@@ -717,6 +721,10 @@ public class AccountController : BaseApiController
{
roles.Add(PolicyConstants.PlebRole);
}
else
{
roles.Remove(PolicyConstants.ReadOnlyRole);
}
foreach (var role in roles)
{
@@ -1190,17 +1198,26 @@ public class AccountController : BaseApiController
var authKey = await _unitOfWork.UserRepository.GetAuthKeyById(authKeyId);
if (authKey?.AppUserId != UserId) return BadRequest();
var oldKeyValue = authKey.Key;
// Get original expiresAt - createdAt for offset to reset expiresAt
if (authKey.ExpiresAtUtc != null)
{
var originalDuration = authKey.ExpiresAtUtc.Value - authKey.CreatedAtUtc;
authKey.ExpiresAtUtc = DateTime.UtcNow.Add(originalDuration);
}
authKey.Key = AuthKeyHelper.GenerateKey(dto.KeyLength);
await _unitOfWork.CommitAsync();
return Ok(_mapper.Map<AuthKeyDto>(authKey));
await _authKeyCacheInvalidator.InvalidateAsync(oldKeyValue);
var newDto = _mapper.Map<AuthKeyDto>(authKey);
await _eventHub.SendMessageToAsync(MessageFactory.AuthKeyUpdate, MessageFactory.AuthKeyUpdatedEvent(newDto), UserId);
return Ok(newDto);
}
/// <summary>
@@ -1212,12 +1229,6 @@ public class AccountController : BaseApiController
[DisallowRole(PolicyConstants.ReadOnlyRole)]
public async Task<ActionResult<AuthKeyDto>> CreateAuthKey(RotateAuthKeyRequestDto dto)
{
// Upper bound check might not be needed, it doesn't *realy* matter if users have bigger keys
if (string.IsNullOrEmpty(dto.Name) || dto.KeyLength < 8 || dto.KeyLength > 32)
{
return BadRequest();
}
// Validate the name doesn't collide
var authKeys = await _unitOfWork.UserRepository.GetAuthKeysForUserId(UserId);
if (authKeys.Any(k => string.Equals(k.Name, dto.Name, StringComparison.InvariantCultureIgnoreCase)))
@@ -1237,7 +1248,11 @@ public class AccountController : BaseApiController
_unitOfWork.UserRepository.Add(newKey);
await _unitOfWork.CommitAsync();
return Ok(_mapper.Map<AuthKeyDto>(newKey));
var newDto = _mapper.Map<AuthKeyDto>(newKey);
await _eventHub.SendMessageToAsync(MessageFactory.AuthKeyUpdate, MessageFactory.AuthKeyUpdatedEvent(newDto), UserId);
return Ok(newDto);
}
/// <summary>
@@ -1255,6 +1270,9 @@ public class AccountController : BaseApiController
_unitOfWork.UserRepository.Delete(authKey);
await _unitOfWork.CommitAsync();
await _eventHub.SendMessageToAsync(MessageFactory.AuthKeyUpdate, MessageFactory.AuthKeyDeletedEvent(authKeyId), UserId);
return Ok();
}
}