User: Remove broken Google login (various comments)

2023-06-10 17:59:50 +02:00 · 2023-06-10 17:59:50 +02:00 · b06c87ff8d
commit b06c87ff8d
parent 69f23d95b8
4 changed files with 2 additions and 12 deletions
--- a/config/config.example.yml
+++ b/config/config.example.yml
@ -255,8 +255,7 @@ https_only: false
 #registration_enabled: true

 ##
-## Allow/Forbid users to log-in. This setting affects the ability
-## to connect with BOTH Google and Invidious (local) accounts.
+## Allow/Forbid users to log-in.
 ##
 ## Accepted values: true, false
 ## Default: true
--- a/src/invidious/routes/api/v1/authenticated.cr
+++ b/src/invidious/routes/api/v1/authenticated.cr
@ -178,10 +178,6 @@ module Invidious::Routes::API::V1::Authenticated
      Invidious::Database::Users.subscribe_channel(user, ucid)
    end

-    # For Google accounts, access tokens don't have enough information to
-    # make a request on the user's behalf, which is why we don't sync with
-    # YouTube.
-
    env.response.status_code = 204
  end

--- a/src/invidious/routes/playlists.cr
+++ b/src/invidious/routes/playlists.cr
@ -320,10 +320,6 @@ module Invidious::Routes::Playlists
      end
    end

-    if !user.password
-      # TODO: Playlist stub, sync with YouTube for Google accounts
-      # playlist_ajax(playlist_id, action, env.request.headers)
-    end
    email = user.email

    case action
--- a/src/invidious/views/privacy.ecr
+++ b/src/invidious/views/privacy.ecr
@ -16,12 +16,11 @@
        <li>a list of channel UCIDs the user is subscribed to</li>
        <li>a user ID (for persistent storage of subscriptions and preferences)</li>
        <li>a json object containing user preferences</li>
-        <li>a hashed password if applicable (not present on google accounts)</li>
+        <li>a hashed password</li>
        <li>a randomly generated token for providing an RSS feed of a user's subscriptions</li>
        <li>a list of video IDs identifying watched videos</li>
    </ul>
    <p>Users can clear their watch history using the <a href="/clear_watch_history">clear watch history</a> page.</p>
-    <p>If a user is logged in with a Google account, no password will ever be stored. This website uses the session token provided by Google to identify a user, but does not store the information required to make requests on a user's behalf without their knowledge or consent.</p>

    <h3>Data you passively provide</h3>
    <p>When you request any resource from this website (for example: a page, a font, an image, or an API endpoint) information about the request may be logged.</p>