mirror of
https://github.com/advplyr/audiobookshelf.git
synced 2025-01-08 00:08:14 +01:00
No auth and req.user for cover images
This commit is contained in:
parent
9e990d7927
commit
4224b8a486
@ -18,6 +18,26 @@ class Auth {
|
|||||||
constructor() {
|
constructor() {
|
||||||
// Map of openId sessions indexed by oauth2 state-variable
|
// Map of openId sessions indexed by oauth2 state-variable
|
||||||
this.openIdAuthSession = new Map()
|
this.openIdAuthSession = new Map()
|
||||||
|
this.ignorePattern = /\/api\/items\/[^/]+\/cover/
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if the request should not be authenticated.
|
||||||
|
* @param {import('express').Request} req
|
||||||
|
* @returns {boolean}
|
||||||
|
* @private
|
||||||
|
*/
|
||||||
|
authNotNeeded(req) {
|
||||||
|
return req.method === 'GET' && this.ignorePattern.test(req.originalUrl)
|
||||||
|
}
|
||||||
|
|
||||||
|
ifAuthNeeded(middleware) {
|
||||||
|
return (req, res, next) => {
|
||||||
|
if (this.authNotNeeded(req)) {
|
||||||
|
return next()
|
||||||
|
}
|
||||||
|
middleware(req, res, next)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -238,7 +238,7 @@ class Server {
|
|||||||
// init passport.js
|
// init passport.js
|
||||||
app.use(passport.initialize())
|
app.use(passport.initialize())
|
||||||
// register passport in express-session
|
// register passport in express-session
|
||||||
app.use(passport.session())
|
app.use(this.auth.ifAuthNeeded(passport.session()))
|
||||||
// config passport.js
|
// config passport.js
|
||||||
await this.auth.initPassportJs()
|
await this.auth.initPassportJs()
|
||||||
|
|
||||||
@ -268,6 +268,10 @@ class Server {
|
|||||||
router.use(express.urlencoded({ extended: true, limit: '5mb' }))
|
router.use(express.urlencoded({ extended: true, limit: '5mb' }))
|
||||||
router.use(express.json({ limit: '5mb' }))
|
router.use(express.json({ limit: '5mb' }))
|
||||||
|
|
||||||
|
router.use('/api', this.auth.ifAuthNeeded(this.authMiddleware.bind(this)), this.apiRouter.router)
|
||||||
|
router.use('/hls', this.authMiddleware.bind(this), this.hlsRouter.router)
|
||||||
|
router.use('/public', this.publicRouter.router)
|
||||||
|
|
||||||
// Static path to generated nuxt
|
// Static path to generated nuxt
|
||||||
const distPath = Path.join(global.appRoot, '/client/dist')
|
const distPath = Path.join(global.appRoot, '/client/dist')
|
||||||
router.use(express.static(distPath))
|
router.use(express.static(distPath))
|
||||||
@ -275,10 +279,6 @@ class Server {
|
|||||||
// Static folder
|
// Static folder
|
||||||
router.use(express.static(Path.join(global.appRoot, 'static')))
|
router.use(express.static(Path.join(global.appRoot, 'static')))
|
||||||
|
|
||||||
router.use('/api', this.authMiddleware.bind(this), this.apiRouter.router)
|
|
||||||
router.use('/hls', this.authMiddleware.bind(this), this.hlsRouter.router)
|
|
||||||
router.use('/public', this.publicRouter.router)
|
|
||||||
|
|
||||||
// RSS Feed temp route
|
// RSS Feed temp route
|
||||||
router.get('/feed/:slug', (req, res) => {
|
router.get('/feed/:slug', (req, res) => {
|
||||||
Logger.info(`[Server] Requesting rss feed ${req.params.slug}`)
|
Logger.info(`[Server] Requesting rss feed ${req.params.slug}`)
|
||||||
@ -296,7 +296,7 @@ class Server {
|
|||||||
await this.auth.initAuthRoutes(router)
|
await this.auth.initAuthRoutes(router)
|
||||||
|
|
||||||
// Client dynamic routes
|
// Client dynamic routes
|
||||||
const dyanimicRoutes = [
|
const dynamicRoutes = [
|
||||||
'/item/:id',
|
'/item/:id',
|
||||||
'/author/:id',
|
'/author/:id',
|
||||||
'/audiobook/:id/chapters',
|
'/audiobook/:id/chapters',
|
||||||
@ -319,7 +319,7 @@ class Server {
|
|||||||
'/playlist/:id',
|
'/playlist/:id',
|
||||||
'/share/:slug'
|
'/share/:slug'
|
||||||
]
|
]
|
||||||
dyanimicRoutes.forEach((route) => router.get(route, (req, res) => res.sendFile(Path.join(distPath, 'index.html'))))
|
dynamicRoutes.forEach((route) => router.get(route, (req, res) => res.sendFile(Path.join(distPath, 'index.html'))))
|
||||||
|
|
||||||
router.post('/init', (req, res) => {
|
router.post('/init', (req, res) => {
|
||||||
if (Database.hasRootUser) {
|
if (Database.hasRootUser) {
|
||||||
|
Loading…
Reference in New Issue
Block a user