mirror of
https://gitea.invidious.io/iv-org/invidious.git
synced 2024-08-15 00:53:41 +00:00
Add support for multiple sessions
This commit is contained in:
parent
45ce301bd2
commit
8adb4650a0
4 changed files with 25 additions and 17 deletions
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
CREATE TABLE public.users
|
CREATE TABLE public.users
|
||||||
(
|
(
|
||||||
id text COLLATE pg_catalog."default" NOT NULL,
|
id text[] COLLATE pg_catalog."default" NOT NULL,
|
||||||
updated timestamp with time zone,
|
updated timestamp with time zone,
|
||||||
notifications text[] COLLATE pg_catalog."default",
|
notifications text[] COLLATE pg_catalog."default",
|
||||||
subscriptions text[] COLLATE pg_catalog."default",
|
subscriptions text[] COLLATE pg_catalog."default",
|
||||||
|
|
|
@ -114,10 +114,11 @@ before_all do |env|
|
||||||
|
|
||||||
# Invidious users only have SID
|
# Invidious users only have SID
|
||||||
if !env.request.cookies.has_key? "SSID"
|
if !env.request.cookies.has_key? "SSID"
|
||||||
user = PG_DB.query_one?("SELECT * FROM users WHERE id = $1", sid, as: User)
|
user = PG_DB.query_one?("SELECT * FROM users WHERE $1 = ANY(id)", sid, as: User)
|
||||||
|
|
||||||
if user
|
if user
|
||||||
env.set "user", user
|
env.set "user", user
|
||||||
|
env.set "sid", sid
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
begin
|
begin
|
||||||
|
@ -125,6 +126,7 @@ before_all do |env|
|
||||||
user = get_user(sid, client, headers, PG_DB, false)
|
user = get_user(sid, client, headers, PG_DB, false)
|
||||||
|
|
||||||
env.set "user", user
|
env.set "user", user
|
||||||
|
env.set "sid", sid
|
||||||
rescue ex
|
rescue ex
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -621,8 +623,8 @@ post "/login" do |env|
|
||||||
end
|
end
|
||||||
|
|
||||||
if Crypto::Bcrypt::Password.new(user.password.not_nil!) == password
|
if Crypto::Bcrypt::Password.new(user.password.not_nil!) == password
|
||||||
sid = Base64.encode(Random::Secure.random_bytes(50))
|
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||||
PG_DB.exec("UPDATE users SET id = $1 WHERE email = $2", sid, email)
|
PG_DB.exec("UPDATE users SET id = id || $1 WHERE email = $2", [sid], email)
|
||||||
|
|
||||||
if Kemal.config.ssl || CONFIG.https_only
|
if Kemal.config.ssl || CONFIG.https_only
|
||||||
secure = true
|
secure = true
|
||||||
|
@ -643,7 +645,7 @@ post "/login" do |env|
|
||||||
next templated "error"
|
next templated "error"
|
||||||
end
|
end
|
||||||
|
|
||||||
sid = Base64.encode(Random::Secure.random_bytes(50))
|
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||||
user = create_user(sid, email, password)
|
user = create_user(sid, email, password)
|
||||||
user_array = user.to_a
|
user_array = user.to_a
|
||||||
|
|
||||||
|
@ -673,6 +675,12 @@ get "/signout" do |env|
|
||||||
cookie.expires = Time.new(1990, 1, 1)
|
cookie.expires = Time.new(1990, 1, 1)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if env.get? "user"
|
||||||
|
user = env.get("user").as(User)
|
||||||
|
sid = env.get("sid").as(String)
|
||||||
|
PG_DB.exec("UPDATE users SET id = array_remove(id, $1) WHERE email = $2", sid, user.email)
|
||||||
|
end
|
||||||
|
|
||||||
env.request.cookies.add_response_headers(env.response.headers)
|
env.request.cookies.add_response_headers(env.response.headers)
|
||||||
env.redirect referer
|
env.redirect referer
|
||||||
end
|
end
|
||||||
|
@ -865,7 +873,7 @@ get "/subscription_manager" do |env|
|
||||||
headers["Cookie"] = env.request.headers["Cookie"]
|
headers["Cookie"] = env.request.headers["Cookie"]
|
||||||
|
|
||||||
client = make_client(YT_URL)
|
client = make_client(YT_URL)
|
||||||
user = get_user(user.id, client, headers, PG_DB)
|
user = get_user(user.id[0], client, headers, PG_DB)
|
||||||
end
|
end
|
||||||
|
|
||||||
action_takeout = env.params.query["action_takeout"]?.try &.to_i?
|
action_takeout = env.params.query["action_takeout"]?.try &.to_i?
|
||||||
|
@ -1173,7 +1181,7 @@ get "/feed/subscriptions" do |env|
|
||||||
|
|
||||||
if !user.password
|
if !user.password
|
||||||
client = make_client(YT_URL)
|
client = make_client(YT_URL)
|
||||||
user = get_user(user.id, client, headers, PG_DB)
|
user = get_user(user.id[0], client, headers, PG_DB)
|
||||||
end
|
end
|
||||||
|
|
||||||
max_results = preferences.max_results
|
max_results = preferences.max_results
|
||||||
|
|
|
@ -269,7 +269,7 @@ def generate_captcha(key)
|
||||||
|
|
||||||
answer = "#{hour}:#{minute.to_s.rjust(2, '0')}"
|
answer = "#{hour}:#{minute.to_s.rjust(2, '0')}"
|
||||||
token = OpenSSL::HMAC.digest(:sha256, key, answer)
|
token = OpenSSL::HMAC.digest(:sha256, key, answer)
|
||||||
token = Base64.encode(token)
|
token = Base64.urlsafe_encode(token)
|
||||||
|
|
||||||
return {challenge: challenge, token: token}
|
return {challenge: challenge, token: token}
|
||||||
end
|
end
|
||||||
|
|
|
@ -10,7 +10,7 @@ class User
|
||||||
end
|
end
|
||||||
|
|
||||||
add_mapping({
|
add_mapping({
|
||||||
id: String,
|
id: Array(String),
|
||||||
updated: Time,
|
updated: Time,
|
||||||
notifications: Array(String),
|
notifications: Array(String),
|
||||||
subscriptions: Array(String),
|
subscriptions: Array(String),
|
||||||
|
@ -78,8 +78,8 @@ class Preferences
|
||||||
end
|
end
|
||||||
|
|
||||||
def get_user(sid, client, headers, db, refresh = true)
|
def get_user(sid, client, headers, db, refresh = true)
|
||||||
if db.query_one?("SELECT EXISTS (SELECT true FROM users WHERE id = $1)", sid, as: Bool)
|
if db.query_one?("SELECT EXISTS (SELECT true FROM users WHERE $1 = ANY(id))", sid, as: Bool)
|
||||||
user = db.query_one("SELECT * FROM users WHERE id = $1", sid, as: User)
|
user = db.query_one("SELECT * FROM users WHERE $1 = ANY(id)", sid, as: User)
|
||||||
|
|
||||||
if refresh && Time.now - user.updated > 1.minute
|
if refresh && Time.now - user.updated > 1.minute
|
||||||
user = fetch_user(sid, client, headers, db)
|
user = fetch_user(sid, client, headers, db)
|
||||||
|
@ -89,7 +89,7 @@ def get_user(sid, client, headers, db, refresh = true)
|
||||||
args = arg_array(user_array)
|
args = arg_array(user_array)
|
||||||
|
|
||||||
db.exec("INSERT INTO users VALUES (#{args}) \
|
db.exec("INSERT INTO users VALUES (#{args}) \
|
||||||
ON CONFLICT (email) DO UPDATE SET id = $1, updated = $2, subscriptions = $4", user_array)
|
ON CONFLICT (email) DO UPDATE SET id = users.id || $1, updated = $2, subscriptions = $4", user_array)
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
user = fetch_user(sid, client, headers, db)
|
user = fetch_user(sid, client, headers, db)
|
||||||
|
@ -99,7 +99,7 @@ def get_user(sid, client, headers, db, refresh = true)
|
||||||
args = arg_array(user.to_a)
|
args = arg_array(user.to_a)
|
||||||
|
|
||||||
db.exec("INSERT INTO users VALUES (#{args}) \
|
db.exec("INSERT INTO users VALUES (#{args}) \
|
||||||
ON CONFLICT (email) DO UPDATE SET id = $1, updated = $2, subscriptions = $4", user_array)
|
ON CONFLICT (email) DO UPDATE SET id = users.id || $1, updated = $2, subscriptions = $4", user_array)
|
||||||
end
|
end
|
||||||
|
|
||||||
return user
|
return user
|
||||||
|
@ -132,7 +132,7 @@ def fetch_user(sid, client, headers, db)
|
||||||
|
|
||||||
token = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
token = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||||
|
|
||||||
user = User.new(sid, Time.now, [] of String, channels, email, DEFAULT_USER_PREFERENCES, nil, token, [] of String)
|
user = User.new([sid], Time.now, [] of String, channels, email, DEFAULT_USER_PREFERENCES, nil, token, [] of String)
|
||||||
return user
|
return user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -140,7 +140,7 @@ def create_user(sid, email, password)
|
||||||
password = Crypto::Bcrypt::Password.create(password, cost: 10)
|
password = Crypto::Bcrypt::Password.create(password, cost: 10)
|
||||||
token = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
token = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||||
|
|
||||||
user = User.new(sid, Time.now, [] of String, [] of String, email, DEFAULT_USER_PREFERENCES, password.to_s, token, [] of String)
|
user = User.new([sid], Time.now, [] of String, [] of String, email, DEFAULT_USER_PREFERENCES, password.to_s, token, [] of String)
|
||||||
|
|
||||||
return user
|
return user
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue