Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-07-09 03:04:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

Adding authentifications via cookies too

Browse Source
This commit is contained in:
Zoe Roux 2020-04-02 02:09:20 +02:00
parent 10eb7d57a8
commit 7d59785235
6 changed files with 32 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
Kyoo/Startup.cs
View File

@ -79,7 +79,7 @@ namespace Kyoo
.AddProfileService<AccountController>() .AddProfileService<AccountController>()
.AddDeveloperSigningCredential(); // TODO remove the developer signin .AddDeveloperSigningCredential(); // TODO remove the developer signin
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) services.AddAuthentication()
.AddJwtBearer(options => .AddJwtBearer(options =>
{ {
options.Authority = publicUrl; options.Authority = publicUrl;
@ -89,31 +89,25 @@ namespace Kyoo
services.AddAuthorization(options => services.AddAuthorization(options =>
{ {
options.AddPolicy("Read", policy => policy.RequireAssertion(context => AuthorizationPolicyBuilder scheme = new AuthorizationPolicyBuilder(IdentityConstants.ApplicationScheme, JwtBearerDefaults.AuthenticationScheme);
options.DefaultPolicy = scheme.RequireAuthenticatedUser().Build();
string[] permissions = {"Read", "Write", "Play", "Download", "Admin"};
foreach (string permission in permissions)
{ {
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions"); options.AddPolicy(permission, policy =>
return perms != null && perms.Value.Split(",").Contains("read"); {
}).RequireScope("kyoo.read")); policy.AuthenticationSchemes.Add(IdentityConstants.ApplicationScheme);
options.AddPolicy("Write", policy => policy.RequireAssertion(context => policy.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme);
{ policy.RequireAuthenticatedUser();
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions"); policy.RequireAssertion(context =>
return perms != null && perms.Value.Split(",").Contains("write"); {
}).RequireScope("kyoo.write")); Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
options.AddPolicy("Play", policy => policy.RequireAssertion(context => return perms != null && perms.Value.Split(",").Contains(permission.ToLower());
{ });
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions"); // policy.RequireScope($"kyoo.{permission.ToLower()}");
return perms != null && perms.Value.Split(",").Contains("play"); });
}).RequireScope("kyoo.play")); }
options.AddPolicy("Download", policy => policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("download");
}).RequireScope("kyoo.download"));
options.AddPolicy("Admin", policy => policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("admin");
}).RequireScope("kyoo.admin"));
}); });
services.AddScoped<ILibraryManager, LibraryManager>(); services.AddScoped<ILibraryManager, LibraryManager>();

11
Kyoo/Views/API/AccountAPI.cs
View File

@ -55,9 +55,8 @@ namespace Kyoo.Api
public Claim[] defaultClaims = public Claim[] defaultClaims =
{ {
new Claim("kyoo.read", ""), new Claim("permissions", "read,play") // TODO should add this field on the server's configuration page.
new Claim("kyoo.play", "") };
}; // TODO should add this field on the server's configuration page.
public AccountController(UserManager<User> userManager, SignInManager<User> siginInManager, IConfiguration configuration) public AccountController(UserManager<User> userManager, SignInManager<User> siginInManager, IConfiguration configuration)
{ {
@ -126,9 +125,9 @@ namespace Kyoo.Api
new Claim("picture", $"api/account/picture/{user.UserName}") new Claim("picture", $"api/account/picture/{user.UserName}")
}; };
IList<Claim> userClaims = await _userManager.GetClaimsAsync(user); Claim perms = (await _userManager.GetClaimsAsync(user)).FirstOrDefault(x => x.Type == "permissions");
IEnumerable<string> permissions = from claim in userClaims where claim.Type.StartsWith("kyoo.") select claim.Type.Substring(claim.Type.IndexOf(".") + 1); if (perms != null)
claims.Add(new Claim("permissions", string.Join(",", permissions))); claims.Add(perms);
context.IssuedClaims.AddRange(claims); context.IssuedClaims.AddRange(claims);
} }

1
Kyoo/Views/API/ShowsAPI.cs
View File

@ -2,6 +2,7 @@
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic; using System.Collections.Generic;
using Kyoo.Controllers; using Kyoo.Controllers;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
namespace Kyoo.Api namespace Kyoo.Api

5
Kyoo/Views/API/ThumbnailAPI.cs
View File

@ -19,6 +19,7 @@ namespace Kyoo.Api
} }
[HttpGet("poster/{showSlug}")] [HttpGet("poster/{showSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetShowThumb(string showSlug) public IActionResult GetShowThumb(string showSlug)
{ {
string path = _libraryManager.GetShowBySlug(showSlug)?.Path; string path = _libraryManager.GetShowBySlug(showSlug)?.Path;
@ -33,6 +34,7 @@ namespace Kyoo.Api
} }
[HttpGet("logo/{showSlug}")] [HttpGet("logo/{showSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetShowLogo(string showSlug) public IActionResult GetShowLogo(string showSlug)
{ {
string path = _libraryManager.GetShowBySlug(showSlug)?.Path; string path = _libraryManager.GetShowBySlug(showSlug)?.Path;
@ -47,6 +49,7 @@ namespace Kyoo.Api
} }
[HttpGet("backdrop/{showSlug}")] [HttpGet("backdrop/{showSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetShowBackdrop(string showSlug) public IActionResult GetShowBackdrop(string showSlug)
{ {
string path = _libraryManager.GetShowBySlug(showSlug)?.Path; string path = _libraryManager.GetShowBySlug(showSlug)?.Path;
@ -61,6 +64,7 @@ namespace Kyoo.Api
} }
[HttpGet("peopleimg/{peopleSlug}")] [HttpGet("peopleimg/{peopleSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetPeopleIcon(string peopleSlug) public IActionResult GetPeopleIcon(string peopleSlug)
{ {
string thumbPath = Path.Combine(_peoplePath, peopleSlug + ".jpg"); string thumbPath = Path.Combine(_peoplePath, peopleSlug + ".jpg");
@ -71,6 +75,7 @@ namespace Kyoo.Api
} }
[HttpGet("thumb/{showSlug}-s{seasonNumber}e{episodeNumber}")] [HttpGet("thumb/{showSlug}-s{seasonNumber}e{episodeNumber}")]
[Authorize(Policy="Read")]
public IActionResult GetEpisodeThumb(string showSlug, long seasonNumber, long episodeNumber) public IActionResult GetEpisodeThumb(string showSlug, long seasonNumber, long episodeNumber)
{ {
string path = _libraryManager.GetEpisode(showSlug, seasonNumber, episodeNumber)?.Path; string path = _libraryManager.GetEpisode(showSlug, seasonNumber, episodeNumber)?.Path;

2
Kyoo/Views/API/VideoAPI.cs
View File

@ -90,7 +90,7 @@ namespace Kyoo.Api
WatchItem episode = _libraryManager.GetMovieWatchItem(movieSlug); WatchItem episode = _libraryManager.GetMovieWatchItem(movieSlug);
if (episode != null && System.IO.File.Exists(episode.Path)) if (episode != null && System.IO.File.Exists(episode.Path))
return PhysicalFile(episode.Path, "video/x-matroska", true); return PhysicalFile(episode.Path, "video/webm", true);
return NotFound(); return NotFound();
} }

2
Kyoo/Views/WebClient

@ -1 +1 @@
Subproject commit ee72f573bd4815ebf7918e76a797310c140cf454 Subproject commit e975a4f055f45cc48fd0ceedfe73fb6616bd1dbe