mirrors/Tachidesk
1
0
Fork 0
mirror of https://github.com/Suwayomi/Tachidesk.git synced 2025-12-10 06:42:07 +01:00
Code Issues Projects Releases Wiki Activity

Fix header/cookie based websocket auth (#1722)

Browse Source 
* Fix header/cookie based websocket auth

* Lint
This commit is contained in:
Mitchell Syer
2025-10-17 12:07:02 -04:00
committed by GitHub
parent 045e4d23fb
commit 0585000cf3
2 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/src/main/kotlin/suwayomi/tachidesk/graphql/server/subscriptions/ApolloSubscriptionProtocolHandler.kt
View File

@@ -37,6 +37,8 @@ import suwayomi.tachidesk.graphql.server.subscriptions.SubscriptionOperationMess
import suwayomi.tachidesk.graphql.server.subscriptions.SubscriptionOperationMessage.ServerMessages.GQL_ERROR
import suwayomi.tachidesk.graphql.server.subscriptions.SubscriptionOperationMessage.ServerMessages.GQL_NEXT
import suwayomi.tachidesk.graphql.server.toGraphQLContext
import suwayomi.tachidesk.server.JavalinSetup.Attribute
import suwayomi.tachidesk.server.JavalinSetup.getAttributeOrSet
import suwayomi.tachidesk.server.user.UserType
import suwayomi.tachidesk.server.user.getUserFromToken
@@ -152,10 +154,14 @@ class ApolloSubscriptionProtocolHandler(
context: WsContext,
): Flow<SubscriptionOperationMessage> {
@Suppress("UNCHECKED_CAST")
val payload = operationMessage.payload as? Map<String, Any?>
val token = payload?.let { it[Header.AUTHORIZATION] as? String }
val user =
context.getAttributeOrSet(Attribute.TachideskUser) {
val payload = operationMessage.payload as? Map<String, Any?>
val token = payload?.let { it[Header.AUTHORIZATION] as? String }
getUserFromToken(token)
}
saveContext(getUserFromToken(token), context)
saveContext(user, context)
return flowOf(acknowledgeMessage)
}

7
server/src/main/kotlin/suwayomi/tachidesk/server/JavalinSetup.kt
View File

@@ -310,4 +310,11 @@ object JavalinSetup {
fun <T : Any> Context.getAttribute(attribute: Attribute<T>): T = attribute(attribute.name)!!
fun <T : Any> WsContext.getAttribute(attribute: Attribute<T>): T = attribute(attribute.name)!!
fun <T : Any> WsContext.getAttributeOrSet(
attribute: Attribute<T>,
set: () -> T,
): T =
attribute(attribute.name)
?: set().also { setAttribute(attribute, it) }
}