diff --git a/modules/server/containers/data/invidious/login.cr b/modules/server/containers/data/invidious/login.cr index 4bae1cf..fd4269b 100644 --- a/modules/server/containers/data/invidious/login.cr +++ b/modules/server/containers/data/invidious/login.cr @@ -10,55 +10,58 @@ module Invidious::Routes::Login return error_template(400, "Login has been disabled by administrator.") if !CONFIG.login_enabled - if forwarded_user = env.request.headers["X-authentik-email"]? begin - email = forwarded_user?.try &.downcase.byte_slice(0, 254) - - return error_template(401, "User ID is a required field") if email.nil? || email.empty? - - user = Invidious::Database::Users.select(email: email) - if user - sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32)) - Invidious::Database::SessionIDs.insert(sid, email) - env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid) + if forwarded_user = env.request.headers["X-authentik-email"]? + begin + email = forwarded_user?.try &.downcase.byte_slice(0, 254) + + return error_template(401, "User ID is a required field") if email.nil? || email.empty? + + user = Invidious::Database::Users.select(email: email) + if user + sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32)) + Invidious::Database::SessionIDs.insert(sid, email) + env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid) - if env.request.cookies["PREFS"]? - cookie = env.request.cookies["PREFS"] - cookie.expires = Time.utc(1990, 1, 1) - env.response.cookies << cookie - end - else - return error_template(400, "Registration has been disabled by administrator.") if !CONFIG.registration_enabled + if env.request.cookies["PREFS"]? + cookie = env.request.cookies["PREFS"] + cookie.expires = Time.utc(1990, 1, 1) + env.response.cookies << cookie + end + else + return error_template(400, "Registration has been disabled by administrator.") if !CONFIG.registration_enabled - sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32)) - user, sid = create_user(sid, email, "") + sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32)) + user, sid = create_user(sid, email, "") - if language_header = env.request.headers["Accept-Language"]? - if language = ANG.language_negotiator.best(language_header, I18n::LOCALES.keys) - user.preferences.locale = language.header + if language_header = env.request.headers["Accept-Language"]? + if language = ANG.language_negotiator.best(language_header, I18n::LOCALES.keys) + user.preferences.locale = language.header + end + end + + Invidious::Database::Users.insert(user) + Invidious::Database::SessionIDs.insert(sid, email) + + view_name = "subscriptions_#{sha256(user.email)}" + PG_DB.exec("CREATE MATERIALIZED VIEW #{view_name} AS #{MATERIALIZED_VIEW_SQL.call(user.email)}") + env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid) + + if env.request.cookies["PREFS"]? + user.preferences = env.get("preferences").as(Preferences) + Invidious::Database::Users.update_preferences(user) + + cookie = env.request.cookies["PREFS"] + cookie.expires = Time.utc(1990, 1, 1) + env.response.cookies << cookie end end - Invidious::Database::Users.insert(user) - Invidious::Database::SessionIDs.insert(sid, email) - - view_name = "subscriptions_#{sha256(user.email)}" - PG_DB.exec("CREATE MATERIALIZED VIEW #{view_name} AS #{MATERIALIZED_VIEW_SQL.call(user.email)}") - env.response.cookies["SID"] = Invidious::User::Cookies.sid(CONFIG.domain, sid) - - if env.request.cookies["PREFS"]? - user.preferences = env.get("preferences").as(Preferences) - Invidious::Database::Users.update_preferences(user) - - cookie = env.request.cookies["PREFS"] - cookie.expires = Time.utc(1990, 1, 1) - env.response.cookies << cookie - end + return env.redirect referer + rescue ex + return error_template(500, "Authentication error: #{ex.message}") end - - env.redirect referer - else - env.redirect referer end + env.redirect referer end def self.signout(env)