Config: Support for alternative domains
Some checks failed
Invidious CI / build (push) Has been cancelled
Some checks failed
Invidious CI / build (push) Has been cancelled
This commit is contained in:
parent
5ced7694fe
commit
100ecff0b3
4 changed files with 43 additions and 7 deletions
|
@ -88,6 +88,8 @@ class Config
|
||||||
property hmac_key : String = ""
|
property hmac_key : String = ""
|
||||||
# Domain to be used for links to resources on the site where an absolute URL is required
|
# Domain to be used for links to resources on the site where an absolute URL is required
|
||||||
property domain : String?
|
property domain : String?
|
||||||
|
# Alternative domains. You can add other domains, like TOR and I2P addresses
|
||||||
|
property alternative_domains : Array(String) = [] of String
|
||||||
property donation_url : String?
|
property donation_url : String?
|
||||||
property contact_url : String?
|
property contact_url : String?
|
||||||
property home_domain : String?
|
property home_domain : String?
|
||||||
|
|
|
@ -60,7 +60,13 @@ module Invidious::Routes::Login
|
||||||
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32))
|
||||||
Invidious::Database::SessionIDs.insert(sid, email)
|
Invidious::Database::SessionIDs.insert(sid, email)
|
||||||
|
|
||||||
|
# Checks if there is any alternative domain, like a second domain name,
|
||||||
|
# TOR or I2P address
|
||||||
|
if alt = CONFIG.alternative_domains.index(env.request.headers["Host"])
|
||||||
|
env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.alternative_domains[alt], sid)
|
||||||
|
else
|
||||||
env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid)
|
env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid)
|
||||||
|
end
|
||||||
else
|
else
|
||||||
return error_template(401, "Wrong username or password")
|
return error_template(401, "Wrong username or password")
|
||||||
end
|
end
|
||||||
|
@ -160,7 +166,13 @@ module Invidious::Routes::Login
|
||||||
Invidious::Database::Users.insert(user)
|
Invidious::Database::Users.insert(user)
|
||||||
Invidious::Database::SessionIDs.insert(sid, email)
|
Invidious::Database::SessionIDs.insert(sid, email)
|
||||||
|
|
||||||
|
# Checks if there is any alternative domain, like a second domain name,
|
||||||
|
# TOR or I2P address
|
||||||
|
if alt = CONFIG.alternative_domains.index(env.request.headers["Host"])
|
||||||
|
env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.alternative_domains[alt], sid)
|
||||||
|
else
|
||||||
env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid)
|
env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid)
|
||||||
|
end
|
||||||
|
|
||||||
if env.request.cookies["PREFS"]?
|
if env.request.cookies["PREFS"]?
|
||||||
user.preferences = env.get("preferences").as(Preferences)
|
user.preferences = env.get("preferences").as(Preferences)
|
||||||
|
|
|
@ -218,9 +218,15 @@ module Invidious::Routes::PreferencesRoute
|
||||||
|
|
||||||
File.write("config/config.yml", CONFIG.to_yaml)
|
File.write("config/config.yml", CONFIG.to_yaml)
|
||||||
end
|
end
|
||||||
|
else
|
||||||
|
# Checks if there is any alternative domain, like a second domain name,
|
||||||
|
# TOR or I2P address
|
||||||
|
if alt = CONFIG.alternative_domains.index(env.request.headers["Host"])
|
||||||
|
env.response.cookies["PREFS"] = Invidious::User::Cookies.prefs(CONFIG.alternative_domains[alt], preferences)
|
||||||
else
|
else
|
||||||
env.response.cookies["PREFS"] = Invidious::User::Cookies.prefs(CONFIG.domain, preferences)
|
env.response.cookies["PREFS"] = Invidious::User::Cookies.prefs(CONFIG.domain, preferences)
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
env.redirect referer
|
env.redirect referer
|
||||||
end
|
end
|
||||||
|
@ -254,8 +260,14 @@ module Invidious::Routes::PreferencesRoute
|
||||||
preferences.dark_mode = "dark"
|
preferences.dark_mode = "dark"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Checks if there is any alternative domain, like a second domain name,
|
||||||
|
# TOR or I2P address
|
||||||
|
if alt = CONFIG.alternative_domains.index(env.request.headers["Host"])
|
||||||
|
env.response.cookies["PREFS"] = Invidious::User::Cookies.prefs(CONFIG.alternative_domains[alt], preferences)
|
||||||
|
else
|
||||||
env.response.cookies["PREFS"] = Invidious::User::Cookies.prefs(CONFIG.domain, preferences)
|
env.response.cookies["PREFS"] = Invidious::User::Cookies.prefs(CONFIG.domain, preferences)
|
||||||
end
|
end
|
||||||
|
end
|
||||||
|
|
||||||
if redirect
|
if redirect
|
||||||
env.redirect referer
|
env.redirect referer
|
||||||
|
|
|
@ -6,17 +6,22 @@ struct Invidious::User
|
||||||
|
|
||||||
# Note: we use ternary operator because the two variables
|
# Note: we use ternary operator because the two variables
|
||||||
# used in here are not booleans.
|
# used in here are not booleans.
|
||||||
SECURE = (Kemal.config.ssl || CONFIG.https_only) ? true : false
|
@@secure = (Kemal.config.ssl || CONFIG.https_only) ? true : false
|
||||||
|
|
||||||
# Session ID (SID) cookie
|
# Session ID (SID) cookie
|
||||||
# Parameter "domain" comes from the global config
|
# Parameter "domain" comes from the global config
|
||||||
def sid(domain : String?, sid) : HTTP::Cookie
|
def sid(domain : String?, sid) : HTTP::Cookie
|
||||||
|
# Not secure if it's being accessed from I2P
|
||||||
|
# Browsers expect the domain to include https. On I2P there is no HTTPS
|
||||||
|
if domain.not_nil!.split(".").last == "i2p"
|
||||||
|
@@secure = false
|
||||||
|
end
|
||||||
return HTTP::Cookie.new(
|
return HTTP::Cookie.new(
|
||||||
name: "SID",
|
name: "SID",
|
||||||
domain: domain,
|
domain: domain,
|
||||||
value: sid,
|
value: sid,
|
||||||
expires: Time.utc + 2.years,
|
expires: Time.utc + 2.years,
|
||||||
secure: SECURE,
|
secure: @@secure,
|
||||||
http_only: true,
|
http_only: true,
|
||||||
samesite: HTTP::Cookie::SameSite::Lax
|
samesite: HTTP::Cookie::SameSite::Lax
|
||||||
)
|
)
|
||||||
|
@ -25,12 +30,17 @@ struct Invidious::User
|
||||||
# Preferences (PREFS) cookie
|
# Preferences (PREFS) cookie
|
||||||
# Parameter "domain" comes from the global config
|
# Parameter "domain" comes from the global config
|
||||||
def prefs(domain : String?, preferences : Preferences) : HTTP::Cookie
|
def prefs(domain : String?, preferences : Preferences) : HTTP::Cookie
|
||||||
|
# Not secure if it's being accessed from I2P
|
||||||
|
# Browsers expect the domain to include https. On I2P there is no HTTPS
|
||||||
|
if domain.not_nil!.split(".").last == "i2p"
|
||||||
|
@@secure = false
|
||||||
|
end
|
||||||
return HTTP::Cookie.new(
|
return HTTP::Cookie.new(
|
||||||
name: "PREFS",
|
name: "PREFS",
|
||||||
domain: domain,
|
domain: domain,
|
||||||
value: URI.encode_www_form(preferences.to_json),
|
value: URI.encode_www_form(preferences.to_json),
|
||||||
expires: Time.utc + 2.years,
|
expires: Time.utc + 2.years,
|
||||||
secure: SECURE,
|
secure: @@secure,
|
||||||
http_only: false,
|
http_only: false,
|
||||||
samesite: HTTP::Cookie::SameSite::Lax
|
samesite: HTTP::Cookie::SameSite::Lax
|
||||||
)
|
)
|
||||||
|
|
Loading…
Add table
Reference in a new issue