Skip to content

Commit

Permalink
Updated middleware to support API tokens. Frontend now uses an admin …
Browse files Browse the repository at this point in the history 
…token for its requests

Fixed version numbers
  • Loading branch information
@Tzahi12345
Tzahi12345 committed Apr 11, 2020
1 parent 2082a78 commit b5a82b9
Show file tree
Hide file tree
Showing 6 changed files with 66 additions and 45 deletions.
25 changes: 20 additions & 5 deletions backend/app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,8 @@ const db = low(adapter)
// check if debug mode
let debugMode = process.env.YTDL_MODE === 'debug';

const admin_token = '4241b401-7236-493e-92b5-b72696b9d853';

// logging setup

// console format
Expand Down Expand Up @@ -1218,12 +1220,25 @@ const deleteFolderRecursive = function(folder_to_delete) {
};

app.use(function(req, res, next) {
var client_origin = req.get('origin');
if (client_origin === getOrigin() || (req.headers.authorization && config_api.getConfigItem('ytdl_use_api_key') && req.headers.authorization === config_api.getConfigItem('ytdl_api_key'))) {
res.header("Access-Control-Allow-Origin", client_origin);
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
res.header("Access-Control-Allow-Origin", getOrigin());
if (req.method === 'OPTIONS') {
res.sendStatus(200);
} else {
next();
}
});

app.use(function(req, res, next) {
if (req.headers.authorization === admin_token) {
next();
} else if (req.headers.authorization && config_api.getConfigItem('ytdl_use_api_key') && req.headers.authorization === config_api.getConfigItem('ytdl_api_key')) {
next();
} else if (req.path.includes('/api/video/') || req.path.includes('/api/audio/')) {
next();
} else {
req.socket.end();
}
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});

app.use(compression());
Expand Down
2 changes: 1 addition & 1 deletion backend/consts.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,5 +134,5 @@ let CONFIG_ITEMS = {

module.exports = {
CONFIG_ITEMS: CONFIG_ITEMS,
CURRENT_VERSION: 'v3.6.0'
CURRENT_VERSION: 'v3.6'
}
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "youtube-dl-material",
"version": "3.6.0",
"version": "3.6",
"license": "MIT",
"scripts": {
"ng": "ng",
Expand Down
2 changes: 1 addition & 1 deletion src/app/consts.ts
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
export const CURRENT_VERSION = 'v3.5';
export const CURRENT_VERSION = 'v3.6';
78 changes: 41 additions & 37 deletions src/app/posts.services.ts
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
import {Injectable, isDevMode, Inject} from '@angular/core';
import { HttpClient, HttpHeaders, HttpRequest, HttpResponseBase } from '@angular/common/http';
import config from '../assets/default.json';
import { HttpClient, HttpHeaders } from '@angular/common/http';
import 'rxjs/add/operator/map';
import { Observable } from 'rxjs/Observable';
import 'rxjs/add/operator/map';
import 'rxjs/add/operator/catch';
import 'rxjs/add/observable/throw';
Expand All @@ -22,6 +20,8 @@ export class PostsService {
THEMES_CONFIG = THEMES_CONFIG;
theme;
settings_changed = new BehaviorSubject<boolean>(false);
auth_token = '4241b401-7236-493e-92b5-b72696b9d853';
httpOptions = null;

debugMode = false;
constructor(private http: HttpClient, private router: Router, @Inject(DOCUMENT) private document: Document) {
Expand All @@ -34,6 +34,12 @@ export class PostsService {
this.debugMode = true;
this.path = 'http://localhost:17442/api/';
}

this.httpOptions = {
headers: new HttpHeaders({
'Authorization': '4241b401-7236-493e-92b5-b72696b9d853'
}),
};
}

setTheme(theme) {
Expand Down Expand Up @@ -64,7 +70,7 @@ export class PostsService {
customArgs: customArgs,
customOutput: customOutput,
youtubeUsername: youtubeUsername,
youtubePassword: youtubePassword});
youtubePassword: youtubePassword}, this.httpOptions);
}

// tslint:disable-next-line: max-line-length
Expand All @@ -75,22 +81,22 @@ export class PostsService {
customArgs: customArgs,
customOutput: customOutput,
youtubeUsername: youtubeUsername,
youtubePassword: youtubePassword});
youtubePassword: youtubePassword}, this.httpOptions);
}

getFileStatusMp3(name: string) {
return this.http.post(this.path + 'fileStatusMp3', {name: name});
return this.http.post(this.path + 'fileStatusMp3', {name: name}, this.httpOptions);
}

getFileStatusMp4(name: string) {
return this.http.post(this.path + 'fileStatusMp4', {name: name});
return this.http.post(this.path + 'fileStatusMp4', {name: name}, this.httpOptions);
}

loadNavItems() {
if (isDevMode()) {
return this.http.get('./assets/default.json');
} else {
return this.http.get(this.path + 'config');
return this.http.get(this.path + 'config', this.httpOptions);
}
}

Expand All @@ -99,27 +105,27 @@ export class PostsService {
}

setConfig(config) {
return this.http.post(this.path + 'setConfig', {new_config_file: config});
return this.http.post(this.path + 'setConfig', {new_config_file: config}, this.httpOptions);
}

deleteFile(uid: string, isAudio: boolean, blacklistMode = false) {
if (isAudio) {
return this.http.post(this.path + 'deleteMp3', {uid: uid, blacklistMode: blacklistMode});
return this.http.post(this.path + 'deleteMp3', {uid: uid, blacklistMode: blacklistMode}, this.httpOptions);
} else {
return this.http.post(this.path + 'deleteMp4', {uid: uid, blacklistMode: blacklistMode});
return this.http.post(this.path + 'deleteMp4', {uid: uid, blacklistMode: blacklistMode}, this.httpOptions);
}
}

getMp3s() {
return this.http.get(this.path + 'getMp3s', {});
return this.http.get(this.path + 'getMp3s', this.httpOptions);
}

getMp4s() {
return this.http.get(this.path + 'getMp4s', {});
return this.http.get(this.path + 'getMp4s', this.httpOptions);
}

getFile(uid, type) {
return this.http.post(this.path + 'getFile', {uid: uid, type: type});
return this.http.post(this.path + 'getFile', {uid: uid, type: type}, this.httpOptions);
}

downloadFileFromServer(fileName, type, outputName = null, fullPathProvided = null, subscriptionName = null, subPlaylist = null) {
Expand All @@ -131,90 +137,91 @@ export class PostsService {
subscriptionName: subscriptionName,
subPlaylist: subPlaylist
},
{responseType: 'blob'});
{responseType: 'blob', headers: this.httpOptions.headers});
}

downloadArchive(sub) {
return this.http.post(this.path + 'downloadArchive', {sub: sub}, {responseType: 'blob'});
return this.http.post(this.path + 'downloadArchive', {sub: sub}, {responseType: 'blob', headers: this.httpOptions.headers});
}

getFileInfo(fileNames, type, urlMode) {
return this.http.post(this.path + 'getVideoInfos', {fileNames: fileNames, type: type, urlMode: urlMode});
return this.http.post(this.path + 'getVideoInfos', {fileNames: fileNames, type: type, urlMode: urlMode}, this.httpOptions);
}

isPinSet() {
return this.http.post(this.path + 'isPinSet', {});
return this.http.post(this.path + 'isPinSet', {}, this.httpOptions);
}

setPin(unhashed_pin) {
return this.http.post(this.path + 'setPin', {pin: unhashed_pin});
return this.http.post(this.path + 'setPin', {pin: unhashed_pin}, this.httpOptions);
}

checkPin(unhashed_pin) {
return this.http.post(this.path + 'checkPin', {input_pin: unhashed_pin});
return this.http.post(this.path + 'checkPin', {input_pin: unhashed_pin}, this.httpOptions);
}

generateNewAPIKey() {
return this.http.post(this.path + 'generateNewAPIKey', {});
return this.http.post(this.path + 'generateNewAPIKey', {}, this.httpOptions);
}

enableSharing(uid, type, is_playlist) {
return this.http.post(this.path + 'enableSharing', {uid: uid, type: type, is_playlist: is_playlist});
return this.http.post(this.path + 'enableSharing', {uid: uid, type: type, is_playlist: is_playlist}, this.httpOptions);
}

disableSharing(uid, type, is_playlist) {
return this.http.post(this.path + 'disableSharing', {uid: uid, type: type, is_playlist: is_playlist});
return this.http.post(this.path + 'disableSharing', {uid: uid, type: type, is_playlist: is_playlist}, this.httpOptions);
}

createPlaylist(playlistName, fileNames, type, thumbnailURL) {
return this.http.post(this.path + 'createPlaylist', {playlistName: playlistName,
fileNames: fileNames,
type: type,
thumbnailURL: thumbnailURL});
thumbnailURL: thumbnailURL}, this.httpOptions);
}

getPlaylist(playlistID, type) {
return this.http.post(this.path + 'getPlaylist', {playlistID: playlistID,
type: type});
type: type}, this.httpOptions);
}

updatePlaylist(playlistID, fileNames, type) {
return this.http.post(this.path + 'updatePlaylist', {playlistID: playlistID,
fileNames: fileNames,
type: type});
type: type}, this.httpOptions);
}

removePlaylist(playlistID, type) {
return this.http.post(this.path + 'deletePlaylist', {playlistID: playlistID, type: type});
return this.http.post(this.path + 'deletePlaylist', {playlistID: playlistID, type: type}, this.httpOptions);
}

createSubscription(url, name, timerange = null, streamingOnly = false) {
return this.http.post(this.path + 'subscribe', {url: url, name: name, timerange: timerange, streamingOnly: streamingOnly});
return this.http.post(this.path + 'subscribe', {url: url, name: name, timerange: timerange, streamingOnly: streamingOnly},
this.httpOptions);
}

unsubscribe(sub, deleteMode = false) {
return this.http.post(this.path + 'unsubscribe', {sub: sub, deleteMode: deleteMode})
return this.http.post(this.path + 'unsubscribe', {sub: sub, deleteMode: deleteMode}, this.httpOptions)
}

deleteSubscriptionFile(sub, file, deleteForever) {
return this.http.post(this.path + 'deleteSubscriptionFile', {sub: sub, file: file, deleteForever: deleteForever})
return this.http.post(this.path + 'deleteSubscriptionFile', {sub: sub, file: file, deleteForever: deleteForever}, this.httpOptions)
}

getSubscription(id) {
return this.http.post(this.path + 'getSubscription', {id: id});
return this.http.post(this.path + 'getSubscription', {id: id}, this.httpOptions);
}

getAllSubscriptions() {
return this.http.post(this.path + 'getAllSubscriptions', {});
return this.http.post(this.path + 'getAllSubscriptions', {}, this.httpOptions);
}

// updates the server to the latest version
updateServer(tag) {
return this.http.post(this.path + 'updateServer', {tag: tag});
return this.http.post(this.path + 'updateServer', {tag: tag}, this.httpOptions);
}

getUpdaterStatus() {
return this.http.get(this.path + 'updaterStatus');
return this.http.get(this.path + 'updaterStatus', this.httpOptions);
}

// gets tag of the latest version of youtubedl-material
Expand All @@ -227,6 +234,3 @@ export class PostsService {
}

}



2 changes: 2 additions & 0 deletions src/assets/default.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@
"settings_pin_required": false
},
"API": {
"use_API_key": false,
"API_key": "",
"use_youtube_API": false,
"youtube_API_key": ""
},
Expand Down

0 comments on commit b5a82b9

Please sign in to comment.