1.185.0

Allowing auth to be disabled in config.
Moved http timeout cancelation before pipeline to prevent large files from getting canceled.
2021-03-16 04:12:29 +01:00 · 2021-03-16 04:12:05 +01:00 · 2021-03-16 03:59:36 +01:00
10 changed files with 43 additions and 12 deletions
--- a/assets/components/auth/login.vue
+++ b/assets/components/auth/login.vue
@ -64,6 +64,12 @@ async function login() {
 	}
 }

+function mounted() {
+	if (!this.$store.state.auth.enabled) {
+		this.$router.replace({ name: 'not-found' });
+	}
+}
+
 export default {
 	data() {
 		return {
@ -73,6 +79,7 @@ export default {
 			error: null,
 		};
 	},
+	mounted,
 	methods: {
 		login,
 	},
--- a/assets/components/auth/signup.vue
+++ b/assets/components/auth/signup.vue
@ -73,6 +73,12 @@ async function signup() {
 	}
 }

+function mounted() {
+	if (!this.$store.state.auth.enabled) {
+		this.$router.replace({ name: 'not-found' });
+	}
+}
+
 export default {
 	data() {
 		return {
@ -83,6 +89,7 @@ export default {
 			error: null,
 		};
 	},
+	mounted,
 	methods: {
 		signup,
 	},
--- a/assets/components/header/menu.vue
+++ b/assets/components/header/menu.vue
@ -2,13 +2,13 @@
 	<div class="menu">
 		<ul class="menu-items noselect">
 			<router-link
-				v-if="me"
+				v-if="auth && me"
 				:to="{ name: 'user', params: { username: me.username } }"
 				class="menu-username"
 			>{{ me.username }}</router-link>

 			<router-link
-				v-else
+				v-else-if="auth"
 				:to="{ name: 'login', query: { ref: $route.path } }"
 				class="menu-item"
 				@click.stop
@ -17,7 +17,7 @@
 			</router-link>

 			<li
-				v-if="me"
+				v-if="auth && me"
 				class="menu-item"
 				@click.stop="$store.dispatch('logout')"
 			>
@ -89,6 +89,10 @@ function theme(state) {
 	return state.ui.theme;
 }

+function auth(state) {
+	return state.auth.enabled;
+}
+
 function me(state) {
 	return state.auth.user;
 }
@ -104,6 +108,7 @@ function setSfw(enabled) {
 export default {
 	computed: {
 		...mapState({
+			auth,
 			sfw,
 			theme,
 			me,
--- a/assets/js/auth/state.js
+++ b/assets/js/auth/state.js
@ -1,3 +1,4 @@
 export default {
+	enabled: window.env.auth,
 	user: null,
 };
--- a/config/default.js
+++ b/config/default.js
@ -33,6 +33,9 @@ module.exports = {
 		accessKey: 'ABCDEFGHIJ1234567890',
 		secretKey: 'abcdefghijklmnopqrstuvwxyz1234567890ABCD',
 	},
+	auth: {
+		enabled: true,
+	},
 	exclude: {
 		channels: [
 			// 21sextreme, no longer updated
--- a/package-lock.json
+++ b/package-lock.json
@ -1,11 +1,11 @@
 {
    "name": "traxxx",
-    "version": "1.184.2",
+    "version": "1.185.0",
    "lockfileVersion": 2,
    "requires": true,
    "packages": {
        "": {
-            "version": "1.184.2",
+            "version": "1.185.0",
            "license": "ISC",
            "dependencies": {
                "@casl/ability": "^5.2.2",
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
    "name": "traxxx",
-    "version": "1.184.2",
+    "version": "1.185.0",
    "description": "All the latest porn releases in one place",
    "main": "src/app.js",
    "scripts": {
--- a/src/auth.js
+++ b/src/auth.js
@ -1,5 +1,6 @@
 'use strict';

+const config = require('config');
 const util = require('util');
 const crypto = require('crypto');

@ -21,6 +22,10 @@ async function verifyPassword(password, storedPassword) {
 }

 async function login(credentials) {
+	if (!config.auth.enabled) {
+		throw new HttpError('Authentication is disabled', 405);
+	}
+
 	const user = await fetchUser(credentials.username, true);

 	if (!user) {
@ -33,6 +38,10 @@ async function login(credentials) {
 }

 async function signup(credentials) {
+	if (!config.auth.enabled) {
+		throw new HttpError('Authentication is disabled', 405);
+	}
+
 	if (!credentials.username) {
 		throw new HttpError('Username required', 400);
 	}
--- a/src/utils/http.js
+++ b/src/utils/http.js
@ -80,7 +80,7 @@ function getLimiter(options = {}, url) {
 	return limiters[interval][concurrency];
 }

-async function request(method = 'get', url, body, requestOptions = {}, limiter) {
+async function request(method = 'get', url, body, requestOptions = {}, limiter, timeout) {
 	const http = requestOptions.session || bhttp;

 	const options = {
@ -107,7 +107,7 @@ async function request(method = 'get', url, body, requestOptions = {}, limiter)
 		? http[method](url, body, options)
 		: http[method](url, options));

-	const resIsOk = res.statusCode >= 200 && res.statusCode <= 299;
+	timeout.cancel();

 	if (options.destination) {
 		// res.on('progress', (bytes, totalBytes) => logger.silly(`Downloaded ${Math.round((bytes / totalBytes) * 100)}% of ${url}`));
@ -126,7 +126,7 @@ async function request(method = 'get', url, body, requestOptions = {}, limiter)
 			status: res.statusCode,
 			document: window.document,
 			window,
-			ok: resIsOk,
+			ok: res.statusCode >= 200 && res.statusCode <= 299,
 		};
 	}

@ -152,9 +152,7 @@ async function scheduleRequest(method = 'get', url, body, options) {
 	const limiter = getLimiter(options, url);
 	const timeout = getTimeout(options, url);

-	const result = await limiter.schedule(() => Promise.race([request(method, url, body, options, limiter), timeout]));
-
-	timeout.cancel();
+	const result = await limiter.schedule(() => Promise.race([request(method, url, body, options, limiter, timeout), timeout]));

 	return result;
 }
--- a/src/web/server.js
+++ b/src/web/server.js
@ -116,6 +116,7 @@ async function initServer() {
 		res.render(path.join(__dirname, '../../assets/index.ejs'), {
 			env: JSON.stringify({
 				sfw: !!req.headers.sfw || Object.prototype.hasOwnProperty.call(req.query, 'sfw'),
+				auth: config.auth.enabled,
 				sessionId: req.session.safeId,
 			}),
 		});
Author	SHA1	Message	Date
DebaucheryLibrarian	6fef87b0f1	1.185.0	2021-03-16 04:12:29 +01:00
DebaucheryLibrarian	0d7a03f3e5	Allowing auth to be disabled in config.	2021-03-16 04:12:05 +01:00
DebaucheryLibrarian	1703e9a541	Moved http timeout cancelation before pipeline to prevent large files from getting canceled.	2021-03-16 03:59:36 +01:00