forked from midou/invidious
Add support for multiple sessions
This commit is contained in:
parent
45ce301bd2
commit
8adb4650a0
@ -4,7 +4,7 @@
|
||||
|
||||
CREATE TABLE public.users
|
||||
(
|
||||
id text COLLATE pg_catalog."default" NOT NULL,
|
||||
id text[] COLLATE pg_catalog."default" NOT NULL,
|
||||
updated timestamp with time zone,
|
||||
notifications text[] COLLATE pg_catalog."default",
|
||||
subscriptions text[] COLLATE pg_catalog."default",
|
||||
|
@ -114,10 +114,11 @@ before_all do |env|
|
||||
|
||||
# Invidious users only have SID
|
||||
if !env.request.cookies.has_key? "SSID"
|
||||
user = PG_DB.query_one?("SELECT * FROM users WHERE id = $1", sid, as: User)
|
||||
user = PG_DB.query_one?("SELECT * FROM users WHERE $1 = ANY(id)", sid, as: User)
|
||||
|
||||
if user
|
||||
env.set "user", user
|
||||
env.set "sid", sid
|
||||
end
|
||||
else
|
||||
begin
|
||||
@ -125,6 +126,7 @@ before_all do |env|
|
||||
user = get_user(sid, client, headers, PG_DB, false)
|
||||
|
||||
env.set "user", user
|
||||
env.set "sid", sid
|
||||
rescue ex
|
||||
end
|
||||
end
|
||||
@ -621,8 +623,8 @@ post "/login" do |env|
|
||||
end
|
||||
|
||||
if Crypto::Bcrypt::Password.new(user.password.not_nil!) == password
|
||||
sid = Base64.encode(Random::Secure.random_bytes(50))
|
||||
PG_DB.exec("UPDATE users SET id = $1 WHERE email = $2", sid, email)
|
||||
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||
PG_DB.exec("UPDATE users SET id = id || $1 WHERE email = $2", [sid], email)
|
||||
|
||||
if Kemal.config.ssl || CONFIG.https_only
|
||||
secure = true
|
||||
@ -643,7 +645,7 @@ post "/login" do |env|
|
||||
next templated "error"
|
||||
end
|
||||
|
||||
sid = Base64.encode(Random::Secure.random_bytes(50))
|
||||
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||
user = create_user(sid, email, password)
|
||||
user_array = user.to_a
|
||||
|
||||
@ -673,6 +675,12 @@ get "/signout" do |env|
|
||||
cookie.expires = Time.new(1990, 1, 1)
|
||||
end
|
||||
|
||||
if env.get? "user"
|
||||
user = env.get("user").as(User)
|
||||
sid = env.get("sid").as(String)
|
||||
PG_DB.exec("UPDATE users SET id = array_remove(id, $1) WHERE email = $2", sid, user.email)
|
||||
end
|
||||
|
||||
env.request.cookies.add_response_headers(env.response.headers)
|
||||
env.redirect referer
|
||||
end
|
||||
@ -865,7 +873,7 @@ get "/subscription_manager" do |env|
|
||||
headers["Cookie"] = env.request.headers["Cookie"]
|
||||
|
||||
client = make_client(YT_URL)
|
||||
user = get_user(user.id, client, headers, PG_DB)
|
||||
user = get_user(user.id[0], client, headers, PG_DB)
|
||||
end
|
||||
|
||||
action_takeout = env.params.query["action_takeout"]?.try &.to_i?
|
||||
@ -1173,7 +1181,7 @@ get "/feed/subscriptions" do |env|
|
||||
|
||||
if !user.password
|
||||
client = make_client(YT_URL)
|
||||
user = get_user(user.id, client, headers, PG_DB)
|
||||
user = get_user(user.id[0], client, headers, PG_DB)
|
||||
end
|
||||
|
||||
max_results = preferences.max_results
|
||||
@ -1790,7 +1798,7 @@ get "/api/v1/comments/:id" do |env|
|
||||
reply_count = 1
|
||||
else
|
||||
reply_count = reply_count.try &.to_i?
|
||||
reply_count ||= 1
|
||||
reply_count ||= 1
|
||||
end
|
||||
|
||||
continuation = node_replies["continuations"].as_a[0]["nextContinuationData"]["continuation"].as_s
|
||||
|
@ -269,7 +269,7 @@ def generate_captcha(key)
|
||||
|
||||
answer = "#{hour}:#{minute.to_s.rjust(2, '0')}"
|
||||
token = OpenSSL::HMAC.digest(:sha256, key, answer)
|
||||
token = Base64.encode(token)
|
||||
token = Base64.urlsafe_encode(token)
|
||||
|
||||
return {challenge: challenge, token: token}
|
||||
end
|
||||
|
@ -10,7 +10,7 @@ class User
|
||||
end
|
||||
|
||||
add_mapping({
|
||||
id: String,
|
||||
id: Array(String),
|
||||
updated: Time,
|
||||
notifications: Array(String),
|
||||
subscriptions: Array(String),
|
||||
@ -78,8 +78,8 @@ class Preferences
|
||||
end
|
||||
|
||||
def get_user(sid, client, headers, db, refresh = true)
|
||||
if db.query_one?("SELECT EXISTS (SELECT true FROM users WHERE id = $1)", sid, as: Bool)
|
||||
user = db.query_one("SELECT * FROM users WHERE id = $1", sid, as: User)
|
||||
if db.query_one?("SELECT EXISTS (SELECT true FROM users WHERE $1 = ANY(id))", sid, as: Bool)
|
||||
user = db.query_one("SELECT * FROM users WHERE $1 = ANY(id)", sid, as: User)
|
||||
|
||||
if refresh && Time.now - user.updated > 1.minute
|
||||
user = fetch_user(sid, client, headers, db)
|
||||
@ -89,7 +89,7 @@ def get_user(sid, client, headers, db, refresh = true)
|
||||
args = arg_array(user_array)
|
||||
|
||||
db.exec("INSERT INTO users VALUES (#{args}) \
|
||||
ON CONFLICT (email) DO UPDATE SET id = $1, updated = $2, subscriptions = $4", user_array)
|
||||
ON CONFLICT (email) DO UPDATE SET id = users.id || $1, updated = $2, subscriptions = $4", user_array)
|
||||
end
|
||||
else
|
||||
user = fetch_user(sid, client, headers, db)
|
||||
@ -99,7 +99,7 @@ def get_user(sid, client, headers, db, refresh = true)
|
||||
args = arg_array(user.to_a)
|
||||
|
||||
db.exec("INSERT INTO users VALUES (#{args}) \
|
||||
ON CONFLICT (email) DO UPDATE SET id = $1, updated = $2, subscriptions = $4", user_array)
|
||||
ON CONFLICT (email) DO UPDATE SET id = users.id || $1, updated = $2, subscriptions = $4", user_array)
|
||||
end
|
||||
|
||||
return user
|
||||
@ -132,7 +132,7 @@ def fetch_user(sid, client, headers, db)
|
||||
|
||||
token = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||
|
||||
user = User.new(sid, Time.now, [] of String, channels, email, DEFAULT_USER_PREFERENCES, nil, token, [] of String)
|
||||
user = User.new([sid], Time.now, [] of String, channels, email, DEFAULT_USER_PREFERENCES, nil, token, [] of String)
|
||||
return user
|
||||
end
|
||||
|
||||
@ -140,7 +140,7 @@ def create_user(sid, email, password)
|
||||
password = Crypto::Bcrypt::Password.create(password, cost: 10)
|
||||
token = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||
|
||||
user = User.new(sid, Time.now, [] of String, [] of String, email, DEFAULT_USER_PREFERENCES, password.to_s, token, [] of String)
|
||||
user = User.new([sid], Time.now, [] of String, [] of String, email, DEFAULT_USER_PREFERENCES, password.to_s, token, [] of String)
|
||||
|
||||
return user
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user