diff --git a/back/src/Kyoo.Authentication/Controllers/PermissionValidator.cs b/back/src/Kyoo.Authentication/Controllers/PermissionValidator.cs index 37385010..7ffddd7f 100644 --- a/back/src/Kyoo.Authentication/Controllers/PermissionValidator.cs +++ b/back/src/Kyoo.Authentication/Controllers/PermissionValidator.cs @@ -173,7 +173,8 @@ namespace Kyoo.Authentication string overallStr = $"{_group.ToString().ToLower()}.{kind.ToString()!.ToLower()}"; AuthenticateResult res = _ApiKeyCheck(context); if (res.None) - res = await context.HttpContext.AuthenticateAsync(JwtBearerDefaults.AuthenticationScheme); + res = await _JwtCheck(context); + if (res.Succeeded) { ICollection permissions = res.Principal.GetPermissions(); @@ -190,6 +191,8 @@ namespace Kyoo.Authentication } else if (res.Failure != null) context.Result = _ErrorResult(res.Failure.Message, StatusCodes.Status403Forbidden); + else + context.Result = _ErrorResult("Authentication panic", StatusCodes.Status500InternalServerError); } private AuthenticateResult _ApiKeyCheck(ActionContext context) @@ -214,6 +217,15 @@ namespace Kyoo.Authentication ) ); } + + private async Task _JwtCheck(ActionContext context) + { + AuthenticateResult ret = await context.HttpContext.AuthenticateAsync(JwtBearerDefaults.AuthenticationScheme); + // Change the failure message to make the API nice to use. + if (ret.Failure != null) + return AuthenticateResult.Fail("Invalid JWT token. The token may have expired."); + return ret; + } } /// diff --git a/back/src/Kyoo.Host/Application.cs b/back/src/Kyoo.Host/Application.cs index 3cfb3f04..a5b958b9 100644 --- a/back/src/Kyoo.Host/Application.cs +++ b/back/src/Kyoo.Host/Application.cs @@ -82,11 +82,7 @@ namespace Kyoo.Host /// A task representing the whole process public async Task Start(string[] args, Action configure) { - IConfiguration parsed = new ConfigurationBuilder() - .AddEnvironmentVariables() - .AddEnvironmentVariables("KYOO_") - .AddCommandLine(args) - .Build(); + IConfiguration parsed = _SetupConfig(new ConfigurationBuilder(), args).Build(); string path = Path.GetFullPath(parsed.GetValue("DATADIR", "/kyoo")); if (!Directory.Exists(path)) Directory.CreateDirectory(path); @@ -161,7 +157,6 @@ namespace Kyoo.Host private IConfigurationBuilder _SetupConfig(IConfigurationBuilder builder, string[] args) { return builder - .AddJsonFile(Path.Join(AppDomain.CurrentDomain.BaseDirectory, "./settings.json"), false, true) .AddEnvironmentVariables() .AddEnvironmentVariables("KYOO_") .AddCommandLine(args); diff --git a/back/src/Kyoo.Host/PluginsStartup.cs b/back/src/Kyoo.Host/PluginsStartup.cs index f5c58f78..45c857ab 100644 --- a/back/src/Kyoo.Host/PluginsStartup.cs +++ b/back/src/Kyoo.Host/PluginsStartup.cs @@ -70,7 +70,7 @@ namespace Kyoo.Host { _plugins = plugins; _configuration = configuration; - _hostModule = new HostModule(_plugins); + _hostModule = new HostModule(_plugins, configuration); _plugins.LoadPlugins( typeof(CoreModule), typeof(AuthenticationModule), diff --git a/back/src/Kyoo.Postgresql/PostgresModule.cs b/back/src/Kyoo.Postgresql/PostgresModule.cs index 5152dad5..7129cc73 100644 --- a/back/src/Kyoo.Postgresql/PostgresModule.cs +++ b/back/src/Kyoo.Postgresql/PostgresModule.cs @@ -17,7 +17,6 @@ // along with Kyoo. If not, see . using System; -using System.Collections.Generic; using System.Data.Common; using Kyoo.Abstractions.Controllers; using Microsoft.AspNetCore.Hosting;