Cutlery/Kavita
1
0
Fork 0
mirror of https://github.com/Kareadita/Kavita.git synced 2026-06-05 14:25:17 -04:00
Code Issues Packages Projects Releases Wiki Activity

Progress Overhaul + Profile Page and a LOT more! (#4262)

Browse Source 
Co-authored-by: Amelia <77553571+Fesaa@users.noreply.github.com>
Co-authored-by: Robbie Davis <robbie@therobbiedavis.com>
This commit is contained in:
Joe Milazzo
2025-12-09 10:00:11 -07:00
committed by GitHub
parent 4ac13f1f25
commit 9f29fa593d
645 changed files with 25585 additions and 4805 deletions
Download Patch File Download Diff File Expand all files Collapse all files
API/Middleware/SecurityMiddleware.cs
+9 -7
View File
@@ -4,6 +4,7 @@ using System.Linq;
using System.Net;
using System.Text.Json;
using System.Threading.Tasks;
using API.Constants;
using API.Errors;
using Kavita.Common;
using Microsoft.AspNetCore.Http;
@@ -19,6 +20,11 @@ public class SecurityEventMiddleware(RequestDelegate next)
.WriteTo.File(Path.Join(Directory.GetCurrentDirectory(), "config/logs/", "security.log"), rollingInterval: RollingInterval.Day)
.CreateLogger();
private static readonly JsonSerializerOptions JsonSerializeOptions = new()
{
PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
};
public async Task InvokeAsync(HttpContext context)
{
try
@@ -27,7 +33,7 @@ public class SecurityEventMiddleware(RequestDelegate next)
}
catch (KavitaUnauthenticatedUserException ex)
{
var ipAddress = context.Request.Headers["X-Forwarded-For"].FirstOrDefault() ?? context.Connection.RemoteIpAddress?.ToString();
var ipAddress = context.Request.Headers[Headers.ForwardedFor].FirstOrDefault() ?? context.Connection.RemoteIpAddress?.ToString();
var requestMethod = context.Request.Method;
var requestPath = context.Request.Path;
var userAgent = context.Request.Headers.UserAgent;
@@ -40,6 +46,7 @@ public class SecurityEventMiddleware(RequestDelegate next)
CreatedAt = DateTime.Now,
CreatedAtUtc = DateTime.UtcNow,
};
_logger.Information("Unauthorized User attempting to access API. {@Event}", securityEvent);
context.Response.ContentType = "application/json";
context.Response.StatusCode = (int) HttpStatusCode.Unauthorized;
@@ -48,12 +55,7 @@ public class SecurityEventMiddleware(RequestDelegate next)
var response = new ApiException(context.Response.StatusCode, errorMessage, ex.StackTrace);
var options = new JsonSerializerOptions
{
PropertyNamingPolicy = JsonNamingPolicy.CamelCase
};
var json = JsonSerializer.Serialize(response, options);
var json = JsonSerializer.Serialize(response, JsonSerializeOptions);
await context.Response.WriteAsync(json);
}