mirror of
https://github.com/advplyr/audiobookshelf.git
synced 2025-06-22 08:53:41 +02:00
Update:Auth to use new user model
- Express requests include userNew to start migrating API controllers to new user model
This commit is contained in:
advplyr
parent
59370cae81
commit
202ceb02b5
14 changed files with 626 additions and 392 deletions
|
|
@ -17,13 +17,13 @@ const adminStats = require('../utils/queries/adminStats')
|
|||
// This is a controller for routes that don't have a home yet :(
|
||||
//
|
||||
class MiscController {
|
||||
constructor() { }
|
||||
constructor() {}
|
||||
|
||||
/**
|
||||
* POST: /api/upload
|
||||
* Update library item
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async handleUpload(req, res) {
|
||||
if (!req.user.canUpload) {
|
||||
|
|
@ -42,7 +42,7 @@ class MiscController {
|
|||
if (!library) {
|
||||
return res.status(404).send(`Library not found with id ${libraryId}`)
|
||||
}
|
||||
const folder = library.folders.find(fold => fold.id === folderId)
|
||||
const folder = library.folders.find((fold) => fold.id === folderId)
|
||||
if (!folder) {
|
||||
return res.status(404).send(`Folder not found with id ${folderId} in library ${library.name}`)
|
||||
}
|
||||
|
|
@ -56,7 +56,7 @@ class MiscController {
|
|||
// `.filter(Boolean)` to strip out all the potentially missing details (eg: `author`)
|
||||
// before sanitizing all the directory parts to remove illegal chars and finally prepending
|
||||
// the base folder path
|
||||
const cleanedOutputDirectoryParts = outputDirectoryParts.filter(Boolean).map(part => sanitizeFilename(part))
|
||||
const cleanedOutputDirectoryParts = outputDirectoryParts.filter(Boolean).map((part) => sanitizeFilename(part))
|
||||
const outputDirectory = Path.join(...[folder.fullPath, ...cleanedOutputDirectoryParts])
|
||||
|
||||
await fs.ensureDir(outputDirectory)
|
||||
|
|
@ -66,7 +66,8 @@ class MiscController {
|
|||
for (const file of files) {
|
||||
const path = Path.join(outputDirectory, sanitizeFilename(file.name))
|
||||
|
||||
await file.mv(path)
|
||||
await file
|
||||
.mv(path)
|
||||
.then(() => {
|
||||
return true
|
||||
})
|
||||
|
|
@ -82,14 +83,14 @@ class MiscController {
|
|||
/**
|
||||
* GET: /api/tasks
|
||||
* Get tasks for task manager
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
getTasks(req, res) {
|
||||
const includeArray = (req.query.include || '').split(',')
|
||||
|
||||
const data = {
|
||||
tasks: TaskManager.tasks.map(t => t.toJSON())
|
||||
tasks: TaskManager.tasks.map((t) => t.toJSON())
|
||||
}
|
||||
|
||||
if (includeArray.includes('queue')) {
|
||||
|
|
@ -104,9 +105,9 @@ class MiscController {
|
|||
/**
|
||||
* PATCH: /api/settings
|
||||
* Update server settings
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
async updateServerSettings(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -135,9 +136,9 @@ class MiscController {
|
|||
|
||||
/**
|
||||
* PATCH: /api/sorting-prefixes
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
async updateSortingPrefixes(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -148,7 +149,7 @@ class MiscController {
|
|||
if (!sortingPrefixes?.length || !Array.isArray(sortingPrefixes)) {
|
||||
return res.status(400).send('Invalid request body')
|
||||
}
|
||||
sortingPrefixes = [...new Set(sortingPrefixes.map(p => p?.trim?.().toLowerCase()).filter(p => p))]
|
||||
sortingPrefixes = [...new Set(sortingPrefixes.map((p) => p?.trim?.().toLowerCase()).filter((p) => p))]
|
||||
if (!sortingPrefixes.length) {
|
||||
return res.status(400).send('Invalid sortingPrefixes in request body')
|
||||
}
|
||||
|
|
@ -233,24 +234,26 @@ class MiscController {
|
|||
/**
|
||||
* POST: /api/authorize
|
||||
* Used to authorize an API token
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @this import('../routers/ApiRouter')
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
async authorize(req, res) {
|
||||
if (!req.user) {
|
||||
Logger.error('Invalid user in authorize')
|
||||
return res.sendStatus(401)
|
||||
}
|
||||
const userResponse = await this.auth.getUserLoginResponsePayload(req.user)
|
||||
const userResponse = await this.auth.getUserLoginResponsePayload(req.userNew)
|
||||
res.json(userResponse)
|
||||
}
|
||||
|
||||
/**
|
||||
* GET: /api/tags
|
||||
* Get all tags
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async getAllTags(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -292,8 +295,8 @@ class MiscController {
|
|||
* POST: /api/tags/rename
|
||||
* Rename tag
|
||||
* Req.body { tag, newTag }
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async renameTag(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -321,7 +324,7 @@ class MiscController {
|
|||
}
|
||||
|
||||
if (libraryItem.media.tags.includes(tag)) {
|
||||
libraryItem.media.tags = libraryItem.media.tags.filter(t => t !== tag) // Remove old tag
|
||||
libraryItem.media.tags = libraryItem.media.tags.filter((t) => t !== tag) // Remove old tag
|
||||
if (!libraryItem.media.tags.includes(newTag)) {
|
||||
libraryItem.media.tags.push(newTag)
|
||||
}
|
||||
|
|
@ -346,8 +349,8 @@ class MiscController {
|
|||
* DELETE: /api/tags/:tag
|
||||
* Remove a tag
|
||||
* :tag param is base64 encoded
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async deleteTag(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -367,7 +370,7 @@ class MiscController {
|
|||
// Remove tag from items
|
||||
for (const libraryItem of libraryItemsWithTag) {
|
||||
Logger.debug(`[MiscController] Remove tag "${tag}" from item "${libraryItem.media.title}"`)
|
||||
libraryItem.media.tags = libraryItem.media.tags.filter(t => t !== tag)
|
||||
libraryItem.media.tags = libraryItem.media.tags.filter((t) => t !== tag)
|
||||
await libraryItem.media.update({
|
||||
tags: libraryItem.media.tags
|
||||
})
|
||||
|
|
@ -385,8 +388,8 @@ class MiscController {
|
|||
/**
|
||||
* GET: /api/genres
|
||||
* Get all genres
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async getAllGenres(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -427,8 +430,8 @@ class MiscController {
|
|||
* POST: /api/genres/rename
|
||||
* Rename genres
|
||||
* Req.body { genre, newGenre }
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async renameGenre(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -456,7 +459,7 @@ class MiscController {
|
|||
}
|
||||
|
||||
if (libraryItem.media.genres.includes(genre)) {
|
||||
libraryItem.media.genres = libraryItem.media.genres.filter(t => t !== genre) // Remove old genre
|
||||
libraryItem.media.genres = libraryItem.media.genres.filter((t) => t !== genre) // Remove old genre
|
||||
if (!libraryItem.media.genres.includes(newGenre)) {
|
||||
libraryItem.media.genres.push(newGenre)
|
||||
}
|
||||
|
|
@ -481,8 +484,8 @@ class MiscController {
|
|||
* DELETE: /api/genres/:genre
|
||||
* Remove a genre
|
||||
* :genre param is base64 encoded
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
* @param {*} req
|
||||
* @param {*} res
|
||||
*/
|
||||
async deleteGenre(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -502,7 +505,7 @@ class MiscController {
|
|||
// Remove genre from items
|
||||
for (const libraryItem of libraryItemsWithGenre) {
|
||||
Logger.debug(`[MiscController] Remove genre "${genre}" from item "${libraryItem.media.title}"`)
|
||||
libraryItem.media.genres = libraryItem.media.genres.filter(g => g !== genre)
|
||||
libraryItem.media.genres = libraryItem.media.genres.filter((g) => g !== genre)
|
||||
await libraryItem.media.update({
|
||||
genres: libraryItem.media.genres
|
||||
})
|
||||
|
|
@ -520,13 +523,13 @@ class MiscController {
|
|||
/**
|
||||
* POST: /api/watcher/update
|
||||
* Update a watch path
|
||||
* Req.body { libraryId, path, type, [oldPath] }
|
||||
* Req.body { libraryId, path, type, [oldPath] }
|
||||
* type = add, unlink, rename
|
||||
* oldPath = required only for rename
|
||||
* @this import('../routers/ApiRouter')
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
updateWatchedPath(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -582,9 +585,9 @@ class MiscController {
|
|||
|
||||
/**
|
||||
* GET: api/auth-settings (admin only)
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
getAuthSettings(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -597,9 +600,9 @@ class MiscController {
|
|||
/**
|
||||
* PATCH: api/auth-settings
|
||||
* @this import('../routers/ApiRouter')
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
async updateAuthSettings(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -642,15 +645,13 @@ class MiscController {
|
|||
}
|
||||
|
||||
const uris = settingsUpdate[key]
|
||||
if (!Array.isArray(uris) ||
|
||||
(uris.includes('*') && uris.length > 1) ||
|
||||
uris.some(uri => uri !== '*' && !isValidRedirectURI(uri))) {
|
||||
if (!Array.isArray(uris) || (uris.includes('*') && uris.length > 1) || uris.some((uri) => uri !== '*' && !isValidRedirectURI(uri))) {
|
||||
Logger.warn(`[MiscController] Invalid value for authOpenIDMobileRedirectURIs`)
|
||||
continue
|
||||
}
|
||||
|
||||
// Update the URIs
|
||||
if (Database.serverSettings[key].some(uri => !uris.includes(uri)) || uris.some(uri => !Database.serverSettings[key].includes(uri))) {
|
||||
if (Database.serverSettings[key].some((uri) => !uris.includes(uri)) || uris.some((uri) => !Database.serverSettings[key].includes(uri))) {
|
||||
Logger.debug(`[MiscController] Updating auth settings key "${key}" from "${Database.serverSettings[key]}" to "${uris}"`)
|
||||
Database.serverSettings[key] = uris
|
||||
hasUpdates = true
|
||||
|
|
@ -704,9 +705,9 @@ class MiscController {
|
|||
|
||||
/**
|
||||
* GET: /api/stats/year/:year
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
async getAdminStatsForYear(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
@ -725,9 +726,9 @@ class MiscController {
|
|||
/**
|
||||
* GET: /api/logger-data
|
||||
* admin or up
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*
|
||||
* @param {import('express').Request} req
|
||||
* @param {import('express').Response} res
|
||||
*/
|
||||
async getLoggerData(req, res) {
|
||||
if (!req.user.isAdminOrUp) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue