mirror of
https://github.com/Kareadita/Kavita.git
synced 2025-05-24 00:52:23 -04:00
b6a38bbd86
* Fixed bookmarks not being able to load due to missing [AllowAnonymous] * Downgraded Docnet to 2.4.0-alpha2 which is the version we added our patches to. This might fix reports of broken PDF reading on ARM * Updated all but one api in collections to admin only policy * Ensure all config folders are created or exist on first load * Ensure plugins can authenticate * Updated some headers we use on Kavita to tighten security. * Tightened up cover upload flow to restrict more APIs to only the admin * Enhanced the reset password flow to ensure that the user passes their existing password in (if already authenticated). Admins can still change other users without having existing password. * Removed an additional copy during build and copied over the prod appsettings and not Development. * Fixed up the caching mechanism for cover resets and migrated to profiles. Left an etag filter for reference. * Fixed up manual jump key calculation to include period in # * Added jumpbar to reading lists page * Fixed a double scrollbar on library detail page * Fixed weird scroll issues with want to read * Fixed a bug where remove from want to read list wasn't hooked up on series card * Cleaned up Clear bookmarks to use a dedicated api for bulk clearing. Converted Bookmark page to OnPush. * Fixed jump bar being offset when clicking a jump key * Ensure we don't overflow on add to reading list * Fixed a bad name format on reading list items
49 lines
1.9 KiB
C#
49 lines
1.9 KiB
C#
using System.Threading.Tasks;
|
|
using API.Data;
|
|
using API.DTOs;
|
|
using API.Services;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.Extensions.Logging;
|
|
|
|
namespace API.Controllers
|
|
{
|
|
public class PluginController : BaseApiController
|
|
{
|
|
private readonly IUnitOfWork _unitOfWork;
|
|
private readonly ITokenService _tokenService;
|
|
private readonly ILogger<PluginController> _logger;
|
|
|
|
public PluginController(IUnitOfWork unitOfWork, ITokenService tokenService, ILogger<PluginController> logger)
|
|
{
|
|
_unitOfWork = unitOfWork;
|
|
_tokenService = tokenService;
|
|
_logger = logger;
|
|
}
|
|
|
|
/// <summary>
|
|
/// Authenticate with the Server given an apiKey. This will log you in by returning the user object and the JWT token.
|
|
/// </summary>
|
|
/// <param name="apiKey"></param>
|
|
/// <param name="pluginName">Name of the Plugin</param>
|
|
/// <returns></returns>
|
|
[AllowAnonymous]
|
|
[HttpPost("authenticate")]
|
|
public async Task<ActionResult<UserDto>> Authenticate(string apiKey, string pluginName)
|
|
{
|
|
// NOTE: In order to log information about plugins, we need some Plugin Description information for each request
|
|
// Should log into access table so we can tell the user
|
|
var userId = await _unitOfWork.UserRepository.GetUserIdByApiKeyAsync(apiKey);
|
|
if (userId <= 0) return Unauthorized();
|
|
var user = await _unitOfWork.UserRepository.GetUserByIdAsync(userId);
|
|
_logger.LogInformation("Plugin {PluginName} has authenticated with {UserName} ({UserId})'s API Key", pluginName, user.UserName, userId);
|
|
return new UserDto
|
|
{
|
|
Username = user.UserName,
|
|
Token = await _tokenService.CreateToken(user),
|
|
ApiKey = user.ApiKey,
|
|
};
|
|
}
|
|
}
|
|
}
|