sovonegr/TorrServerJellyfin
1
0
Fork 0
mirror of https://github.com/Ernous/TorrServerJellyfin.git synced 2025-12-19 21:46:11 +05:00
Code Issues Packages Projects Releases Wiki Activity

Refactor auth code

Browse Source
This commit is contained in:
Viacheslav Evseev
2024-02-22 01:50:03 +03:00
parent af14dbbeb8
commit c3f89042f9
11 changed files with 68 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
server/web/auth/auth.go
View File

@@ -6,8 +6,6 @@ import (
"net/http"
"os"
"path/filepath"
"reflect"
"strings"
"unsafe"
"github.com/gin-gonic/gin"
@@ -16,15 +14,15 @@ import (
"server/settings"
)
func SetupAuth(engine *gin.Engine) *gin.RouterGroup {
func SetupAuth(engine *gin.Engine) {
if !settings.HttpAuth {
return nil
return
}
accs := getAccounts()
if accs == nil {
return nil
return
}
return engine.Group("/", BasicAuth(accs))
engine.Use(BasicAuth(accs))
}
func getAccounts() gin.Accounts {
@@ -60,22 +58,28 @@ func (a authPairs) searchCredential(authValue string) (string, bool) {
func BasicAuth(accounts gin.Accounts) gin.HandlerFunc {
pairs := processAccounts(accounts)
return func(c *gin.Context) {
return func(c *gin.Context) {
c.Set("auth_required", true)
user, found := pairs.searchCredential(c.Request.Header.Get("Authorization"))
if !found { // always accessible
if strings.HasPrefix(c.FullPath(), "/stream") ||
c.FullPath() == "/site.webmanifest" ||
// https://github.com/YouROK/TorrServer/issues/172
(strings.HasPrefix(c.FullPath(), "/play") && c.FullPath() != "/playlistall/all.m3u") ||
(settings.SearchWA && strings.HasPrefix(c.FullPath(), "/search")) {
c.Set("not_auth", true)
return
}
c.Header("WWW-Authenticate", "Basic realm=Authorization Required")
c.AbortWithStatus(http.StatusUnauthorized)
if found {
c.Set(gin.AuthUserKey, user)
}
}
}
func CheckAuth() gin.HandlerFunc {
return func(c *gin.Context) {
if !settings.HttpAuth {
return
}
c.Set(gin.AuthUserKey, user)
if _, ok := c.Get(gin.AuthUserKey); ok {
return
}
c.Header("WWW-Authenticate", "Basic realm=Authorization Required")
c.AbortWithStatus(http.StatusUnauthorized)
}
}
@@ -97,8 +101,5 @@ func authorizationHeader(user, password string) string {
}
func StringToBytes(s string) (b []byte) {
sh := *(*reflect.StringHeader)(unsafe.Pointer(&s))
bh := (*reflect.SliceHeader)(unsafe.Pointer(&b))
bh.Data, bh.Len, bh.Cap = sh.Data, sh.Len, sh.Len
return b
return unsafe.Slice(unsafe.StringData(s), len(s))
}