From 04e3ebfdda613be0e58290a49536116cc57ad147 Mon Sep 17 00:00:00 2001
From: metamuffin <metamuffin@disroot.org>
Date: Thu, 26 Jan 2023 21:45:29 +0100
Subject: mhh

---
 server/src/main.rs                      | 4 ++++
 server/src/routes/stream.rs             | 3 ++-
 server/src/routes/ui/account/session.rs | 5 +++++
 3 files changed, 11 insertions(+), 1 deletion(-)

(limited to 'server/src')

diff --git a/server/src/main.rs b/server/src/main.rs
index 3d08d24..00543ce 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -26,6 +26,10 @@ fn rocket() -> _ {
         .filter_level(log::LevelFilter::Info)
         .parse_env("LOG")
         .init();
+
+    #[cfg(feature = "bypass-auth")]
+    warn!("authentification bypass enabled");
+
     let remuxer = RemuxerContext::new();
     let library = Library::open(&CONF.library_path).unwrap();
     let database = Database::open(&CONF.database_path).unwrap();
diff --git a/server/src/routes/stream.rs b/server/src/routes/stream.rs
index eb7bc13..469ad07 100644
--- a/server/src/routes/stream.rs
+++ b/server/src/routes/stream.rs
@@ -3,7 +3,7 @@
     which is licensed under the GNU Affero General Public License (version 3); see /COPYING.
     Copyright (C) 2023 metamuffin <metamuffin.org>
 */
-use super::ui::error::MyError;
+use super::ui::{account::session::Session, error::MyError};
 use crate::library::Library;
 use anyhow::{anyhow, Context, Result};
 use jellyremuxer::RemuxerContext;
@@ -37,6 +37,7 @@ pub fn stream_uri(path: &PathBuf, tracks: &Vec<u64>, webm: bool) -> String {
 
 #[get("/stream/<path..>?<tracks>&<webm>")]
 pub fn r_stream(
+    _sess: Session,
     path: PathBuf,
     webm: Option<bool>,
     tracks: String,
diff --git a/server/src/routes/ui/account/session.rs b/server/src/routes/ui/account/session.rs
index ed40d83..3457d41 100644
--- a/server/src/routes/ui/account/session.rs
+++ b/server/src/routes/ui/account/session.rs
@@ -6,6 +6,7 @@
 use crate::{
     database::{Database, User},
     routes::ui::error::MyError,
+    CONF,
 };
 use anyhow::anyhow;
 use rocket::{
@@ -20,11 +21,15 @@ pub struct Session {
 
 impl Session {
     pub async fn from_request_ut(req: &Request<'_>) -> Result<Self, MyError> {
+        #[cfg(not(feature = "bypass-auth"))]
         let cookie = req
             .cookies()
             .get_private("user")
             .ok_or(anyhow!("login required"))?;
+        #[cfg(not(feature = "bypass-auth"))]
         let username = cookie.value();
+        #[cfg(feature = "bypass-auth")]
+        let username = CONF.admin_username.to_string();
 
         let db = req.guard::<&State<Database>>().await.unwrap();
         let user = db
-- 
cgit v1.2.3-70-g09d2