Fix private video download

2019-12-03 10:41:23 +01:00 · 2019-12-03 10:41:23 +01:00 · eccf70f020
parent 3f6b7aa1cf
commit eccf70f020
4 changed files with 24 additions and 16 deletions
--- a/client/src/app/shared/video/modals/video-download.component.ts
+++ b/client/src/app/shared/video/modals/video-download.component.ts
@ -2,7 +2,8 @@ import { Component, ElementRef, ViewChild } from '@angular/core'
 import { VideoDetails } from '../../../shared/video/video-details.model'
 import { NgbActiveModal, NgbModal } from '@ng-bootstrap/ng-bootstrap'
 import { I18n } from '@ngx-translate/i18n-polyfill'
-import { Notifier } from '@app/core'
+import { AuthService, Notifier } from '@app/core'
+import { VideoPrivacy } from '@shared/models'

@Component({
  selector: 'my-video-download',
@ -21,6 +22,7 @@ export class VideoDownloadComponent {
  constructor (
    private notifier: Notifier,
    private modalService: NgbModal,
+    private auth: AuthService,
    private i18n: I18n
  ) { }

@ -57,12 +59,16 @@ export class VideoDownloadComponent {
      return
    }

+    const suffix = this.video.privacy.id === VideoPrivacy.PRIVATE
+      ? '?access_token=' + this.auth.getAccessToken()
+      : ''
+
    switch (this.downloadType) {
      case 'direct':
-        return file.fileDownloadUrl
+        return file.fileDownloadUrl + suffix

      case 'torrent':
-        return file.torrentDownloadUrl
+        return file.torrentDownloadUrl + suffix
    }
  }

--- a/server/controllers/static.ts
+++ b/server/controllers/static.ts
@ -10,7 +10,7 @@ import {
  WEBSERVER
 } from '../initializers/constants'
 import { cacheRoute } from '../middlewares/cache'
-import { asyncMiddleware, videosGetValidator } from '../middlewares'
+import { asyncMiddleware, videosDownloadValidator } from '../middlewares'
 import { VideoModel } from '../models/video/video'
 import { UserModel } from '../models/account/user'
 import { VideoCommentModel } from '../models/video/video-comment'
@ -39,12 +39,12 @@ staticRouter.use(
 )
 staticRouter.use(
  STATIC_DOWNLOAD_PATHS.TORRENTS + ':id-:resolution([0-9]+).torrent',
-  asyncMiddleware(videosGetValidator),
+  asyncMiddleware(videosDownloadValidator),
  asyncMiddleware(downloadTorrent)
 )
 staticRouter.use(
  STATIC_DOWNLOAD_PATHS.TORRENTS + ':id-:resolution([0-9]+)-hls.torrent',
-  asyncMiddleware(videosGetValidator),
+  asyncMiddleware(videosDownloadValidator),
  asyncMiddleware(downloadHLSVideoFileTorrent)
 )

@ -62,13 +62,13 @@ staticRouter.use(

 staticRouter.use(
  STATIC_DOWNLOAD_PATHS.VIDEOS + ':id-:resolution([0-9]+).:extension',
-  asyncMiddleware(videosGetValidator),
+  asyncMiddleware(videosDownloadValidator),
  asyncMiddleware(downloadVideoFile)
 )

 staticRouter.use(
  STATIC_DOWNLOAD_PATHS.HLS_VIDEOS + ':id-:resolution([0-9]+)-fragmented.:extension',
-  asyncMiddleware(videosGetValidator),
+  asyncMiddleware(videosDownloadValidator),
  asyncMiddleware(downloadHLSVideoFile)
 )

--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/oauth.ts
@ -12,8 +12,10 @@ const oAuthServer = new OAuthServer({
  model: require('../lib/oauth-model')
 })

-function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
-  oAuthServer.authenticate()(req, res, err => {
+function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
+  const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {}
+
+  oAuthServer.authenticate(options)(req, res, err => {
    if (err) {
      logger.warn('Cannot authenticate.', { err })

@ -50,16 +52,14 @@ function authenticateSocket (socket: Socket, next: (err?: any) => void) {
    })
 }

-function authenticatePromiseIfNeeded (req: express.Request, res: express.Response) {
+function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) {
  return new Promise(resolve => {
    // Already authenticated? (or tried to)
    if (res.locals.oauth && res.locals.oauth.token.User) return resolve()

    if (res.locals.authenticated === false) return res.sendStatus(401)

-    authenticate(req, res, () => {
-      return resolve()
-    })
+    authenticate(req, res, () => resolve(), authenticateInQuery)
  })
 }

--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@ -147,7 +147,7 @@ async function checkVideoFollowConstraints (req: express.Request, res: express.R
            })
 }

-const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video-with-rights') => {
+const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video-with-rights', authenticateInQuery = false) => {
  return [
    param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),

@ -162,7 +162,7 @@ const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video-

      // Video private or blacklisted
      if (video.privacy === VideoPrivacy.PRIVATE || videoAll.VideoBlacklist) {
-        await authenticatePromiseIfNeeded(req, res)
+        await authenticatePromiseIfNeeded(req, res, authenticateInQuery)

        const user = res.locals.oauth ? res.locals.oauth.token.User : null

@ -193,6 +193,7 @@ const videosCustomGetValidator = (fetchType: 'all' | 'only-video' | 'only-video-
 }

 const videosGetValidator = videosCustomGetValidator('all')
+const videosDownloadValidator = videosCustomGetValidator('all', true)

 const videosRemoveValidator = [
  param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@ -407,6 +408,7 @@ export {
  videosAddValidator,
  videosUpdateValidator,
  videosGetValidator,
+  videosDownloadValidator,
  checkVideoFollowConstraints,
  videosCustomGetValidator,
  videosRemoveValidator,