audiobookshelf/server/controllers/SessionController.js

const Logger = require('../Logger')
const Database = require('../Database')
const { toNumber } = require('../utils/index')

class SessionController {
  constructor() { }

  async findOne(req, res) {
    return res.json(req.session)
  }

  async getAllWithUserData(req, res) {
    if (!req.user.isAdminOrUp) {
      Logger.error(`[SessionController] getAllWithUserData: Non-admin user requested all session data ${req.user.id}/"${req.user.username}"`)
      return res.sendStatus(404)
    }

    let listeningSessions = []
    if (req.query.user) {
      listeningSessions = await this.getUserListeningSessionsHelper(req.query.user)
    } else {
      listeningSessions = await this.getAllSessionsWithUserData()
    }

    const itemsPerPage = toNumber(req.query.itemsPerPage, 10) || 10
    const page = toNumber(req.query.page, 0)

    const start = page * itemsPerPage
    const sessions = listeningSessions.slice(start, start + itemsPerPage)

    const payload = {
      total: listeningSessions.length,
      numPages: Math.ceil(listeningSessions.length / itemsPerPage),
      page,
      itemsPerPage,
      sessions
    }

    if (req.query.user) {
      payload.userFilter = req.query.user
    }

    res.json(payload)
  }

  async getOpenSessions(req, res) {
    if (!req.user.isAdminOrUp) {
      Logger.error(`[SessionController] getOpenSessions: Non-admin user requested open session data ${req.user.id}/"${req.user.username}"`)
      return res.sendStatus(404)
    }

    const minifiedUserObjects = await Database.userModel.getMinifiedUserObjects()
    const openSessions = this.playbackSessionManager.sessions.map(se => {
      return {
        ...se.toJSON(),
        user: minifiedUserObjects.find(u => u.id === se.userId) || null
      }
    })

    res.json({
      sessions: openSessions
    })
  }

  async getOpenSession(req, res) {
    const libraryItem = await Database.libraryItemModel.getOldById(req.session.libraryItemId)
    const sessionForClient = req.session.toJSONForClient(libraryItem)
    res.json(sessionForClient)
  }

  // POST: api/session/:id/sync
  sync(req, res) {
    this.playbackSessionManager.syncSessionRequest(req.user, req.session, req.body, res)
  }

  // POST: api/session/:id/close
  close(req, res) {
    let syncData = req.body
    if (syncData && !Object.keys(syncData).length) syncData = null
    this.playbackSessionManager.closeSessionRequest(req.user, req.session, syncData, res)
  }

  // DELETE: api/session/:id
  async delete(req, res) {
    // if session is open then remove it
    const openSession = this.playbackSessionManager.getSession(req.session.id)
    if (openSession) {
      await this.playbackSessionManager.removeSession(req.session.id)
    }

    await Database.removePlaybackSession(req.session.id)
    res.sendStatus(200)
  }

  // POST: api/session/local
  syncLocal(req, res) {
    this.playbackSessionManager.syncLocalSessionRequest(req, res)
  }

  // POST: api/session/local-all
  syncLocalSessions(req, res) {
    this.playbackSessionManager.syncLocalSessionsRequest(req, res)
  }

  openSessionMiddleware(req, res, next) {
    var playbackSession = this.playbackSessionManager.getSession(req.params.id)
    if (!playbackSession) return res.sendStatus(404)

    if (playbackSession.userId !== req.user.id) {
      Logger.error(`[SessionController] User "${req.user.username}" attempting to access session belonging to another user "${req.params.id}"`)
      return res.sendStatus(404)
    }

    req.session = playbackSession
    next()
  }

  async middleware(req, res, next) {
    const playbackSession = await Database.getPlaybackSession(req.params.id)
    if (!playbackSession) {
      Logger.error(`[SessionController] Unable to find playback session with id=${req.params.id}`)
      return res.sendStatus(404)
    }

    if (req.method == 'DELETE' && !req.user.canDelete) {
      Logger.warn(`[SessionController] User attempted to delete without permission`, req.user)
      return res.sendStatus(403)
    } else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
      Logger.warn('[SessionController] User attempted to update without permission', req.user.username)
      return res.sendStatus(403)
    }

    req.session = playbackSession
    next()
  }
}
module.exports = new SessionController()
New data model play media entity, PlaybackSessionManager 2022-03-18 01:10:47 +01:00			`const Logger = require('../Logger')`
Init sqlite take 2 2023-07-05 01:14:44 +02:00			`const Database = require('../Database')`
Add:All listening sessions config page 2022-06-04 19:44:42 +02:00			`const { toNumber } = require('../utils/index')`
New data model play media entity, PlaybackSessionManager 2022-03-18 01:10:47 +01:00
			`class SessionController {`
			`constructor() { }`

			`async findOne(req, res) {`
			`return res.json(req.session)`
			`}`

Add:All listening sessions config page 2022-06-04 19:44:42 +02:00			`async getAllWithUserData(req, res) {`
			`if (!req.user.isAdminOrUp) {`
			Logger.error(`[SessionController] getAllWithUserData: Non-admin user requested all session data ${req.user.id}/"${req.user.username}"`)
			`return res.sendStatus(404)`
			`}`

Update listening sessions per device and show open sessions 2023-04-09 01:01:24 +02:00			`let listeningSessions = []`
Add:All listening sessions config page 2022-06-04 19:44:42 +02:00			`if (req.query.user) {`
			`listeningSessions = await this.getUserListeningSessionsHelper(req.query.user)`
			`} else {`
			`listeningSessions = await this.getAllSessionsWithUserData()`
			`}`

			`const itemsPerPage = toNumber(req.query.itemsPerPage, 10) \|\| 10`
			`const page = toNumber(req.query.page, 0)`

			`const start = page * itemsPerPage`
			`const sessions = listeningSessions.slice(start, start + itemsPerPage)`

			`const payload = {`
			`total: listeningSessions.length,`
			`numPages: Math.ceil(listeningSessions.length / itemsPerPage),`
			`page,`
			`itemsPerPage,`
			`sessions`
			`}`

			`if (req.query.user) {`
			`payload.userFilter = req.query.user`
			`}`

			`res.json(payload)`
			`}`

Update:Only load Users when needed 2023-07-22 22:32:20 +02:00			`async getOpenSessions(req, res) {`
Update listening sessions per device and show open sessions 2023-04-09 01:01:24 +02:00			`if (!req.user.isAdminOrUp) {`
			Logger.error(`[SessionController] getOpenSessions: Non-admin user requested open session data ${req.user.id}/"${req.user.username}"`)
			`return res.sendStatus(404)`
			`}`

Update db model references 2023-08-20 20:34:03 +02:00			`const minifiedUserObjects = await Database.userModel.getMinifiedUserObjects()`
Update listening sessions per device and show open sessions 2023-04-09 01:01:24 +02:00			`const openSessions = this.playbackSessionManager.sessions.map(se => {`
			`return {`
			`...se.toJSON(),`
Update:Only load Users when needed 2023-07-22 22:32:20 +02:00			`user: minifiedUserObjects.find(u => u.id === se.userId) \|\| null`
Update listening sessions per device and show open sessions 2023-04-09 01:01:24 +02:00			`}`
			`})`

			`res.json({`
			`sessions: openSessions`
			`})`
			`}`

Update match all books to load items from DB, remove library items loading to memory on init 2023-09-04 23:33:55 +02:00			`async getOpenSession(req, res) {`
			`const libraryItem = await Database.libraryItemModel.getOldById(req.session.libraryItemId)`
			`const sessionForClient = req.session.toJSONForClient(libraryItem)`
Update:API route for getting playback session and getting media progress 2022-06-04 01:59:42 +02:00			`res.json(sessionForClient)`
			`}`

New data model play media entity, PlaybackSessionManager 2022-03-18 01:10:47 +01:00			`// POST: api/session/:id/sync`
			`sync(req, res) {`
			`this.playbackSessionManager.syncSessionRequest(req.user, req.session, req.body, res)`
			`}`

			`// POST: api/session/:id/close`
			`close(req, res) {`
Fix:Close player resetting progress #1807 2023-05-30 23:08:30 +02:00			`let syncData = req.body`
			`if (syncData && !Object.keys(syncData).length) syncData = null`
			`this.playbackSessionManager.closeSessionRequest(req.user, req.session, syncData, res)`
New data model play media entity, PlaybackSessionManager 2022-03-18 01:10:47 +01:00			`}`

Add:Delete playback session button and api route 2022-08-13 19:24:19 +02:00			`// DELETE: api/session/:id`
			`async delete(req, res) {`
			`// if session is open then remove it`
			`const openSession = this.playbackSessionManager.getSession(req.session.id)`
			`if (openSession) {`
			`await this.playbackSessionManager.removeSession(req.session.id)`
			`}`

Init sqlite take 2 2023-07-05 01:14:44 +02:00			`await Database.removePlaybackSession(req.session.id)`
Add:Delete playback session button and api route 2022-08-13 19:24:19 +02:00			`res.sendStatus(200)`
			`}`

Add sync local media progress routes for offline mobile playback session support 2022-04-10 00:56:51 +02:00			`// POST: api/session/local`
			`syncLocal(req, res) {`
Fixes for db migration & local playback sessions 2023-07-16 22:05:51 +02:00			`this.playbackSessionManager.syncLocalSessionRequest(req, res)`
Add sync local media progress routes for offline mobile playback session support 2022-04-10 00:56:51 +02:00			`}`

Update:API endpoint for syncing multiple local sessions. New API endpoint to get current user. Deprecate /me/sync-local-progress endpoint 2023-02-05 23:52:17 +01:00			`// POST: api/session/local-all`
			`syncLocalSessions(req, res) {`
			`this.playbackSessionManager.syncLocalSessionsRequest(req, res)`
			`}`

Add:Delete playback session button and api route 2022-08-13 19:24:19 +02:00			`openSessionMiddleware(req, res, next) {`
New data model play media entity, PlaybackSessionManager 2022-03-18 01:10:47 +01:00			`var playbackSession = this.playbackSessionManager.getSession(req.params.id)`
			`if (!playbackSession) return res.sendStatus(404)`

			`if (playbackSession.userId !== req.user.id) {`
			Logger.error(`[SessionController] User "${req.user.username}" attempting to access session belonging to another user "${req.params.id}"`)
			`return res.sendStatus(404)`
			`}`

			`req.session = playbackSession`
			`next()`
			`}`
Add:Delete playback session button and api route 2022-08-13 19:24:19 +02:00
			`async middleware(req, res, next) {`
Init sqlite take 2 2023-07-05 01:14:44 +02:00			`const playbackSession = await Database.getPlaybackSession(req.params.id)`
Add debug logs to playback sessions 2023-02-02 23:24:34 +01:00			`if (!playbackSession) {`
			Logger.error(`[SessionController] Unable to find playback session with id=${req.params.id}`)
			`return res.sendStatus(404)`
			`}`
Add:Delete playback session button and api route 2022-08-13 19:24:19 +02:00
			`if (req.method == 'DELETE' && !req.user.canDelete) {`
			Logger.warn(`[SessionController] User attempted to delete without permission`, req.user)
			`return res.sendStatus(403)`
			`} else if ((req.method == 'PATCH' \|\| req.method == 'POST') && !req.user.canUpdate) {`
			`Logger.warn('[SessionController] User attempted to update without permission', req.user.username)`
			`return res.sendStatus(403)`
			`}`

			`req.session = playbackSession`
			`next()`
			`}`
New data model play media entity, PlaybackSessionManager 2022-03-18 01:10:47 +01:00			`}`
			`module.exports = new SessionController()`