From eccf70f020cb8b0d9ceddc2561713ccfddb72095 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Tue, 3 Dec 2019 10:41:23 +0100 Subject: [PATCH] Fix private video download --- .../shared/video/modals/video-download.component.ts | 12 +++++++++--- server/controllers/static.ts | 10 +++++----- server/middlewares/oauth.ts | 12 ++++++------ server/middlewares/validators/videos/videos.ts | 6 ++++-- 4 files changed, 24 insertions(+), 16 deletions(-) diff --git a/client/src/app/shared/video/modals/video-download.component.ts b/client/src/app/shared/video/modals/video-download.component.ts index 0e9e44de7..5849ee458 100644 --- a/client/src/app/shared/video/modals/video-download.component.ts +++ b/client/src/app/shared/video/modals/video-download.component.ts @@ -2,7 +2,8 @@ import { Component, ElementRef, ViewChild } from '@angular/core' import { VideoDetails } from '../../../shared/video/video-details.model' import { NgbActiveModal, NgbModal } from '@ng-bootstrap/ng-bootstrap' import { I18n } from '@ngx-translate/i18n-polyfill' -import { Notifier } from '@app/core' +import { AuthService, Notifier } from '@app/core' +import { VideoPrivacy } from '@shared/models' @Component({ selector: 'my-video-download', @@ -21,6 +22,7 @@ export class VideoDownloadComponent { constructor ( private notifier: Notifier, private modalService: NgbModal, + private auth: AuthService, private i18n: I18n ) { } @@ -57,12 +59,16 @@ export class VideoDownloadComponent { return } + const suffix = this.video.privacy.id === VideoPrivacy.PRIVATE + ? '?access_token=' + this.auth.getAccessToken() + : '' + switch (this.downloadType) { case 'direct': - return file.fileDownloadUrl + return file.fileDownloadUrl + suffix case 'torrent': - return file.torrentDownloadUrl + return file.torrentDownloadUrl + suffix } } diff --git a/server/controllers/static.ts b/server/controllers/static.ts index 7c900be92..0aab12756 100644 --- a/server/controllers/static.ts +++ b/server/controllers/static.ts @@ -10,7 +10,7 @@ import { WEBSERVER } from '../initializers/constants' import { cacheRoute } from '../middlewares/cache' -import { asyncMiddleware, videosGetValidator } from '../middlewares' +import { asyncMiddleware, videosDownloadValidator } from '../middlewares' import { VideoModel } from '../models/video/video' import { UserModel } from '../models/account/user' import { VideoCommentModel } from '../models/video/video-comment' @@ -39,12 +39,12 @@ staticRouter.use( ) staticRouter.use( STATIC_DOWNLOAD_PATHS.TORRENTS + ':id-:resolution([0-9]+).torrent', - asyncMiddleware(videosGetValidator), + asyncMiddleware(videosDownloadValidator), asyncMiddleware(downloadTorrent) ) staticRouter.use( STATIC_DOWNLOAD_PATHS.TORRENTS + ':id-:resolution([0-9]+)-hls.torrent', - asyncMiddleware(videosGetValidator), + asyncMiddleware(videosDownloadValidator), asyncMiddleware(downloadHLSVideoFileTorrent) ) @@ -62,13 +62,13 @@ staticRouter.use( staticRouter.use( STATIC_DOWNLOAD_PATHS.VIDEOS + ':id-:resolution([0-9]+).:extension', - asyncMiddleware(videosGetValidator), + asyncMiddleware(videosDownloadValidator), asyncMiddleware(downloadVideoFile) ) staticRouter.use( STATIC_DOWNLOAD_PATHS.HLS_VIDEOS + ':id-:resolution([0-9]+)-fragmented.:extension', - asyncMiddleware(videosGetValidator), + asyncMiddleware(videosDownloadValidator), asyncMiddleware(downloadHLSVideoFile) ) diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts index 77fb305dd..bb90dac47 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/oauth.ts @@ -12,8 +12,10 @@ const oAuthServer = new OAuthServer({ model: require('../lib/oauth-model') }) -function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) { - oAuthServer.authenticate()(req, res, err => { +function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) { + const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {} + + oAuthServer.authenticate(options)(req, res, err => { if (err) { logger.warn('Cannot authenticate.', { err }) @@ -50,16 +52,14 @@ function authenticateSocket (socket: Socket, next: (err?: any) => void) { }) } -function authenticatePromiseIfNeeded (req: express.Request, res: express.Response) { +function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) { return new Promise(resolve => { // Already authenticated? (or tried to) if (res.locals.oauth && res.locals.oauth.token.User) return resolve() if (res.locals.authenticated === false) return res.sendStatus(401) - authenticate(req, res, () => { - return resolve() - }) + authenticate(req, res, () => resolve(), authenticateInQuery) }) } diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index 53a2f193d..ab984d84a 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts @@ -147,7 +147,7 @@ async function checkVideoFollowConstraints (req: express.Request, res: express.R }) } -const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video-with-rights') => { +const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video-with-rights', authenticateInQuery = false) => { return [ param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), @@ -162,7 +162,7 @@ const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video- // Video private or blacklisted if (video.privacy === VideoPrivacy.PRIVATE || videoAll.VideoBlacklist) { - await authenticatePromiseIfNeeded(req, res) + await authenticatePromiseIfNeeded(req, res, authenticateInQuery) const user = res.locals.oauth ? res.locals.oauth.token.User : null @@ -193,6 +193,7 @@ const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video- } const videosGetValidator = videosCustomGetValidator('all') +const videosDownloadValidator = videosCustomGetValidator('all', true) const videosRemoveValidator = [ param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), @@ -407,6 +408,7 @@ export { videosAddValidator, videosUpdateValidator, videosGetValidator, + videosDownloadValidator, checkVideoFollowConstraints, videosCustomGetValidator, videosRemoveValidator,