Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-11-03 19:17:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

Adding authentifications via cookies too

Browse Source
This commit is contained in:
Zoe Roux 2020-04-02 02:09:20 +02:00
parent 10eb7d57a8
commit 7d59785235
6 changed files with 32 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
Kyoo/Startup.cs
View File

@ -79,7 +79,7 @@ namespace Kyoo
.AddProfileService<AccountController>()
.AddDeveloperSigningCredential(); // TODO remove the developer signin
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
services.AddAuthentication()
.AddJwtBearer(options =>
{
options.Authority = publicUrl;
@ -89,31 +89,25 @@ namespace Kyoo
services.AddAuthorization(options =>
{
options.AddPolicy("Read", policy => policy.RequireAssertion(context =>
AuthorizationPolicyBuilder scheme = new AuthorizationPolicyBuilder(IdentityConstants.ApplicationScheme, JwtBearerDefaults.AuthenticationScheme);
options.DefaultPolicy = scheme.RequireAuthenticatedUser().Build();
string[] permissions = {"Read", "Write", "Play", "Download", "Admin"};
foreach (string permission in permissions)
{
options.AddPolicy(permission, policy =>
{
policy.AuthenticationSchemes.Add(IdentityConstants.ApplicationScheme);
policy.AuthenticationSchemes.Add(JwtBearerDefaults.AuthenticationScheme);
policy.RequireAuthenticatedUser();
policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("read");
}).RequireScope("kyoo.read"));
options.AddPolicy("Write", policy => policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("write");
}).RequireScope("kyoo.write"));
options.AddPolicy("Play", policy => policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("play");
}).RequireScope("kyoo.play"));
options.AddPolicy("Download", policy => policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("download");
}).RequireScope("kyoo.download"));
options.AddPolicy("Admin", policy => policy.RequireAssertion(context =>
{
Claim perms = context.User.Claims.FirstOrDefault(x => x.Type == "permissions");
return perms != null && perms.Value.Split(",").Contains("admin");
}).RequireScope("kyoo.admin"));
return perms != null && perms.Value.Split(",").Contains(permission.ToLower());
});
// policy.RequireScope($"kyoo.{permission.ToLower()}");
});
}
});
services.AddScoped<ILibraryManager, LibraryManager>();

11
Kyoo/Views/API/AccountAPI.cs
View File

@ -55,9 +55,8 @@ namespace Kyoo.Api
public Claim[] defaultClaims =
{
new Claim("kyoo.read", ""),
new Claim("kyoo.play", "")
}; // TODO should add this field on the server's configuration page.
new Claim("permissions", "read,play") // TODO should add this field on the server's configuration page.
};
public AccountController(UserManager<User> userManager, SignInManager<User> siginInManager, IConfiguration configuration)
{
@ -126,9 +125,9 @@ namespace Kyoo.Api
new Claim("picture", $"api/account/picture/{user.UserName}")
};
IList<Claim> userClaims = await _userManager.GetClaimsAsync(user);
IEnumerable<string> permissions = from claim in userClaims where claim.Type.StartsWith("kyoo.") select claim.Type.Substring(claim.Type.IndexOf(".") + 1);
claims.Add(new Claim("permissions", string.Join(",", permissions)));
Claim perms = (await _userManager.GetClaimsAsync(user)).FirstOrDefault(x => x.Type == "permissions");
if (perms != null)
claims.Add(perms);
context.IssuedClaims.AddRange(claims);
}

1
Kyoo/Views/API/ShowsAPI.cs
View File

@ -2,6 +2,7 @@
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;
using Kyoo.Controllers;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
namespace Kyoo.Api

5
Kyoo/Views/API/ThumbnailAPI.cs
View File

@ -19,6 +19,7 @@ namespace Kyoo.Api
}
[HttpGet("poster/{showSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetShowThumb(string showSlug)
{
string path = _libraryManager.GetShowBySlug(showSlug)?.Path;
@ -33,6 +34,7 @@ namespace Kyoo.Api
}
[HttpGet("logo/{showSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetShowLogo(string showSlug)
{
string path = _libraryManager.GetShowBySlug(showSlug)?.Path;
@ -47,6 +49,7 @@ namespace Kyoo.Api
}
[HttpGet("backdrop/{showSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetShowBackdrop(string showSlug)
{
string path = _libraryManager.GetShowBySlug(showSlug)?.Path;
@ -61,6 +64,7 @@ namespace Kyoo.Api
}
[HttpGet("peopleimg/{peopleSlug}")]
[Authorize(Policy="Read")]
public IActionResult GetPeopleIcon(string peopleSlug)
{
string thumbPath = Path.Combine(_peoplePath, peopleSlug + ".jpg");
@ -71,6 +75,7 @@ namespace Kyoo.Api
}
[HttpGet("thumb/{showSlug}-s{seasonNumber}e{episodeNumber}")]
[Authorize(Policy="Read")]
public IActionResult GetEpisodeThumb(string showSlug, long seasonNumber, long episodeNumber)
{
string path = _libraryManager.GetEpisode(showSlug, seasonNumber, episodeNumber)?.Path;

2
Kyoo/Views/API/VideoAPI.cs
View File

@ -90,7 +90,7 @@ namespace Kyoo.Api
WatchItem episode = _libraryManager.GetMovieWatchItem(movieSlug);
if (episode != null && System.IO.File.Exists(episode.Path))
return PhysicalFile(episode.Path, "video/x-matroska", true);
return PhysicalFile(episode.Path, "video/webm", true);
return NotFound();
}

2
Kyoo/Views/WebClient

@ -1 +1 @@
Subproject commit ee72f573bd4815ebf7918e76a797310c140cf454
Subproject commit e975a4f055f45cc48fd0ceedfe73fb6616bd1dbe