diff --git a/.idea/.idea.Abyss/.idea/workspace.xml b/.idea/.idea.Abyss/.idea/workspace.xml
index 6e27d5c..65348e3 100644
--- a/.idea/.idea.Abyss/.idea/workspace.xml
+++ b/.idea/.idea.Abyss/.idea/workspace.xml
@@ -10,41 +10,16 @@
-
-
-
-
-
+
-
-
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -117,30 +92,30 @@
- {
+ "keyToString": {
+ ".NET Launch Settings Profile.Abyss: http.executor": "Run",
+ ".NET Launch Settings Profile.Abyss: https.executor": "Debug",
+ ".NET Project.AbyssCli.executor": "Run",
+ "ASKED_SHARE_PROJECT_CONFIGURATION_FILES": "true",
+ "ModuleVcsDetector.initialDetectionPerformed": "true",
+ "Publish to folder.Publish Abyss to folder x86.executor": "Run",
+ "Publish to folder.Publish Abyss to folder.executor": "Run",
+ "RunOnceActivity.ShowReadmeOnStart": "true",
+ "RunOnceActivity.TerminalTabsStorage.copyFrom.TerminalArrangementManager.252": "true",
+ "RunOnceActivity.git.unshallow": "true",
+ "XThreadsFramesViewSplitterKey": "0.55813956",
+ "git-widget-placeholder": "main",
+ "last_opened_file_path": "/home/acite/embd/WebProjects/Abyss/README.md",
+ "node.js.detected.package.eslint": "true",
+ "node.js.detected.package.tslint": "true",
+ "node.js.selected.package.eslint": "(autodetect)",
+ "node.js.selected.package.tslint": "(autodetect)",
+ "nodejs_package_manager_path": "npm",
+ "settings.editor.selected.configurable": "com.jetbrains.python.configuration.PyActiveSdkModuleConfigurable",
+ "vue.rearranger.settings.migration": "true"
}
-}]]>
+}
@@ -279,7 +254,8 @@
-
+
+
diff --git a/Abyss/Components/Controllers/Media/ImageController.cs b/Abyss/Components/Controllers/Media/ImageController.cs
index 7131c04..4d291b0 100644
--- a/Abyss/Components/Controllers/Media/ImageController.cs
+++ b/Abyss/Components/Controllers/Media/ImageController.cs
@@ -13,44 +13,44 @@ public class ImageController(ComicService comicService) : BaseController
{
[HttpPost("init")]
- public async Task InitAsync(string token, string owner)
+ public async Task InitAsync(string owner)
{
- var r = await comicService.InitAsync(token, owner, Ip);
+ var r = await comicService.InitAsync(Token, owner, Ip);
return r ? Ok("Initialize Success") : _403;
}
[HttpGet]
- public async Task QueryCollections(string token)
+ public async Task QueryCollections()
{
- var r = await comicService.QueryCollections(token, Ip);
+ var r = await comicService.QueryCollections(Token, Ip);
return r != null ? Ok(r.NaturalSort(x => x)) : _403;
}
[HttpGet("{id}")]
- public async Task Query(string id, string token)
+ public async Task Query(string id)
{
- var r = await comicService.Query(id, token, Ip);
+ var r = await comicService.Query(id, Token, Ip);
return r != null ? Ok(r) : _403;
}
[HttpPost("bulkquery")]
- public async Task QueryBulk([FromQuery] string token, [FromBody] string[] id)
+ public async Task QueryBulk([FromBody] string[] id)
{
- var r = await comicService.QueryBulk(token, id, Ip);
+ var r = await comicService.QueryBulk(Token, id, Ip);
return Ok(JsonConvert.SerializeObject(r));
}
[HttpPost("{id}/bookmark")]
- public async Task Bookmark(string id, string token, [FromBody] Bookmark bookmark)
+ public async Task Bookmark(string id, [FromBody] Bookmark bookmark)
{
- var r = await comicService.Bookmark(id, token, bookmark, Ip);
+ var r = await comicService.Bookmark(id, Token, bookmark, Ip);
return r ? Ok("Success") : _403;
}
[HttpGet("{id}/{file}")]
- public async Task Get(string id, string file, string token)
+ public async Task Get(string id, string file)
{
- var r = await comicService.Page(id, file, token, Ip);
+ var r = await comicService.Page(id, file, Token, Ip);
return r ?? _403;
}
}
\ No newline at end of file
diff --git a/Abyss/Components/Controllers/Media/LiveController.cs b/Abyss/Components/Controllers/Media/LiveController.cs
index 89b3102..1c0d1a6 100644
--- a/Abyss/Components/Controllers/Media/LiveController.cs
+++ b/Abyss/Components/Controllers/Media/LiveController.cs
@@ -1,4 +1,4 @@
-using Abyss.Components.Services;
+
using Abyss.Components.Services.Media;
using Abyss.Components.Services.Misc;
using Abyss.Components.Static;
@@ -13,30 +13,30 @@ public class LiveController(ResourceService rs, ConfigureService config): BaseCo
public readonly string LiveFolder = Path.Combine(config.MediaRoot, "Live");
[HttpPost("{id}")]
- public async Task AddLive(string id, string token, int owner)
+ public async Task AddLive(string id, int owner)
{
var d = Helpers.SafePathCombine(LiveFolder, [id]);
if (d == null) return _403;
- bool r = await rs.Include(d, token, Ip, owner, "rw,--,--");
+ bool r = await rs.Include(d, Token, Ip, owner, "rw,--,--");
return r ? Ok("Success") : _400;
}
[HttpDelete("{id}")]
- public async Task RemoveLive(string id, string token)
+ public async Task RemoveLive(string id)
{
var d = Helpers.SafePathCombine(LiveFolder, [id]);
if (d == null)
return _403;
- bool r = await rs.Exclude(d, token, Ip);
+ bool r = await rs.Exclude(d, Token, Ip);
return r ? Ok("Success") : _400;
}
- [HttpGet("{id}/{token}/{item}")]
- public async Task GetLive(string id, string token, string item)
+ [HttpGet("{id}/{item}")]
+ public async Task GetLive(string id, string item)
{
var d = Helpers.SafePathCombine(LiveFolder, [id, item]);
if (d == null) return _400;
@@ -46,7 +46,7 @@ public class LiveController(ResourceService rs, ConfigureService config): BaseCo
// TODO: It's still not very elegant, but it's a bit better to some extent
- var r = await rs.Get(d, token, Ip, Helpers.GetContentType(d));
+ var r = await rs.Get(d, Token, Ip, Helpers.GetContentType(d));
return r ?? _404;
}
}
\ No newline at end of file
diff --git a/Abyss/Components/Controllers/Media/VideoController.cs b/Abyss/Components/Controllers/Media/VideoController.cs
index 4c32d8e..41758a3 100644
--- a/Abyss/Components/Controllers/Media/VideoController.cs
+++ b/Abyss/Components/Controllers/Media/VideoController.cs
@@ -13,67 +13,67 @@ public class VideoController(VideoService videoService)
{
[HttpPost("init")]
- public async Task InitAsync(string token, string owner)
+ public async Task InitAsync(string owner)
{
- if (await videoService.Init(token, owner, Ip))
+ if (await videoService.Init(Token, owner, Ip))
return Ok("Initialized Successfully");
return _403;
}
[HttpGet]
- public async Task GetClass(string token)
+ public async Task GetClass()
{
- var r = await videoService.GetClasses(token, Ip);
+ var r = await videoService.GetClasses(Token, Ip);
return r != null ? Ok(r) : _403;
}
[HttpGet("{klass}")]
- public async Task QueryClass(string klass, string token)
+ public async Task QueryClass(string klass)
{
- var r = await videoService.QueryClass(klass, token, Ip);
+ var r = await videoService.QueryClass(klass, Token, Ip);
return r != null ? Ok(r) : _403;
}
[HttpGet("{klass}/{id}")]
- public async Task QueryVideo(string klass, string id, string token)
+ public async Task QueryVideo(string klass, string id)
{
- var r = await videoService.QueryVideo(klass, id, token, Ip);
+ var r = await videoService.QueryVideo(klass, id, Token, Ip);
return r != null ? Ok(r) : _403;
}
[HttpPost("{klass}/bulkquery")]
- public async Task QueryBulk([FromQuery] string token, [FromBody] string[] id,
+ public async Task QueryBulk([FromBody] string[] id,
[FromRoute] string klass)
{
- var r = await videoService.QueryBulk(klass, id, token, Ip);
+ var r = await videoService.QueryBulk(klass, id, Token, Ip);
return Ok(JsonConvert.SerializeObject(r));
}
[HttpGet("{klass}/{id}/cover")]
- public async Task Cover(string klass, string id, string token)
+ public async Task Cover(string klass, string id)
{
- var r = await videoService.Cover(klass, id, token, Ip);
+ var r = await videoService.Cover(klass, id, Token, Ip);
return r ?? _403;
}
[HttpGet("{klass}/{id}/gallery/{pic}")]
- public async Task Gallery(string klass, string id, string pic, string token)
+ public async Task Gallery(string klass, string id, string pic)
{
- var r = await videoService.Gallery(klass, id, pic, token, Ip);
+ var r = await videoService.Gallery(klass, id, pic, Token, Ip);
return r ?? _403;
}
[HttpGet("{klass}/{id}/subtitle")]
- public async Task Subtitle(string klass, string id, string token)
+ public async Task Subtitle(string klass, string id)
{
- var r = await videoService.Subtitle(klass, id, token, Ip);
+ var r = await videoService.Subtitle(klass, id, Token, Ip);
return r ?? _404;
}
[HttpGet("{klass}/{id}/av")]
- public async Task Av(string klass, string id, string token)
+ public async Task Av(string klass, string id)
{
- var r = await videoService.Av(klass, id, token, Ip);
+ var r = await videoService.Av(klass, id, Token, Ip);
return r ?? _403;
}
}
\ No newline at end of file
diff --git a/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs b/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs
index cbde8b0..4c15068 100644
--- a/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs
+++ b/Abyss/Components/Controllers/Middleware/BadRequestExceptionMiddleware.cs
@@ -12,7 +12,7 @@ public class BadRequestExceptionMiddleware(RequestDelegate next, ILogger logger, UserService userServ
: BaseController
{
[HttpPost("chmod")]
- public async Task Chmod(string token, string path, string permission, string? recursive)
+ public async Task Chmod(string path, string permission, string? recursive)
{
logger.LogInformation("Chmod method called with path: {Path}, permission: {Permission}", path, permission);
- if (userService.Validate(token, Ip) != 1)
+ if (userService.Validate(Token, Ip) != 1)
{
- logger.LogInformation("Chmod authorization failed for token: {Token}", token);
+ logger.LogInformation("Chmod authorization failed for token: {Token}", Token);
return _401;
}
- bool r = await resourceService.Chmod(path, token, permission, Ip, recursive == "true");
+ bool r = await resourceService.Chmod(path, Token, permission, Ip, recursive == "true");
logger.LogInformation("Chmod operation completed with result: {Result}", r);
return r ? Ok() : StatusCode(500);
}
[HttpPost("chown")]
- public async Task Chown(string token, string path, int owner, string? recursive)
+ public async Task Chown(string path, int owner, string? recursive)
{
logger.LogInformation("Chown method called with path: {Path}, owner: {Owner}", path, owner);
- if (userService.Validate(token, Ip) != 1)
+ if (userService.Validate(Token, Ip) != 1)
{
- logger.LogInformation("Chown authorization failed for token: {Token}", token);
+ logger.LogInformation("Chown authorization failed for token: {Token}", Token);
return _401;
}
- bool r = await resourceService.Chown(path, token, owner, Ip, recursive == "true");
+ bool r = await resourceService.Chown(path, Token, owner, Ip, recursive == "true");
logger.LogInformation("Chown operation completed with result: {Result}", r);
return r ? Ok() : StatusCode(502);
}
[HttpGet("ls")]
- public async Task Ls(string token, string path)
+ public async Task Ls(string path)
{
logger.LogInformation("Ls method called with path: {Path}", path);
- if (userService.Validate(token, Ip) != 1)
+ if (userService.Validate(Token, Ip) != 1)
{
- logger.LogInformation("Ls authorization failed for token: {Token}", token);
+ logger.LogInformation("Ls authorization failed for token: {Token}", Token);
return _401;
}
@@ -112,15 +112,15 @@ public class RootController(ILogger logger, UserService userServ
}
[HttpPost("init")]
- public async Task Init(string token, string path, int owner)
+ public async Task Init(string path, int owner)
{
- if (userService.Validate(token, Ip) != 1)
+ if (userService.Validate(Token, Ip) != 1)
{
- logger.LogInformation("Init authorization failed for token: {Token}", token);
+ logger.LogInformation("Init authorization failed for token: {Token}", Token);
return _401;
}
- var r = await resourceService.Initialize(path, token, owner, Ip);
+ var r = await resourceService.Initialize(path, Token, owner, Ip);
if (r) return Ok(r);
return _403;
}
diff --git a/Abyss/Components/Controllers/Security/UserController.cs b/Abyss/Components/Controllers/Security/UserController.cs
index b4dab44..ba4f88b 100644
--- a/Abyss/Components/Controllers/Security/UserController.cs
+++ b/Abyss/Components/Controllers/Security/UserController.cs
@@ -33,8 +33,7 @@ public class UserController(UserService userService, ILogger log
if (r == null)
return _403;
-
-
+ Response.Cookies.Append("token", r);
return Ok(r);
}
diff --git a/Abyss/Components/Controllers/Task/TaskController.cs b/Abyss/Components/Controllers/Task/TaskController.cs
index e3bc5c8..00adfaa 100644
--- a/Abyss/Components/Controllers/Task/TaskController.cs
+++ b/Abyss/Components/Controllers/Task/TaskController.cs
@@ -13,21 +13,21 @@ namespace Abyss.Components.Controllers.Task;
[ApiController]
[Route("api/[controller]")]
-public class TaskController(ConfigureService config, TaskService taskService) : Controller
+public class TaskController(ConfigureService config, TaskService taskService) : BaseController
{
public readonly string TaskFolder = Path.Combine(config.MediaRoot, "Tasks");
[HttpGet]
- public async Task Query(string token)
+ public async Task Query()
{
// If the token is invalid, an empty list will be returned, which is part of the design
- return Json(await taskService.Query(token, Ip));
+ return Json(await taskService.Query(Token, Ip));
}
[HttpPost]
- public async Task Create(string token, [FromBody] TaskCreation creation)
+ public async Task Create([FromBody] TaskCreation creation)
{
- var r = await taskService.Create(token, Ip, creation);
+ var r = await taskService.Create(Token, Ip, creation);
if(r == null)
{
return BadRequest();
@@ -58,6 +58,4 @@ public class TaskController(ConfigureService config, TaskService taskService) :
{
throw new NotImplementedException();
}
-
- private string Ip => HttpContext.Connection.RemoteIpAddress?.ToString() ?? "127.0.0.1";
}
\ No newline at end of file
diff --git a/Abyss/Components/Services/Security/UserService.cs b/Abyss/Components/Services/Security/UserService.cs
index 5f97262..d42dcaa 100644
--- a/Abyss/Components/Services/Security/UserService.cs
+++ b/Abyss/Components/Services/Security/UserService.cs
@@ -120,7 +120,7 @@ public class UserService
{
if (_cache.TryGetValue(token, out string? userAndIp))
{
- if (ip != userAndIp?.Split('@')[1] && ip != "127.0.0.1")
+ if (ip != userAndIp?.Split('@')[1] && ip != "127.0.0.1" && token != "abyss")
{
_logger.LogError($"Token used from another Host: {token}");
Destroy(token);
diff --git a/Abyss/Components/Static/ControllerExtensions.cs b/Abyss/Components/Static/ControllerExtensions.cs
index a542146..9f446a1 100644
--- a/Abyss/Components/Static/ControllerExtensions.cs
+++ b/Abyss/Components/Static/ControllerExtensions.cs
@@ -1,4 +1,5 @@
using System.Net;
+using System.Security.Authentication;
using Microsoft.AspNetCore.Mvc;
namespace Abyss.Components.Static;
@@ -9,6 +10,18 @@ public abstract class BaseController : Controller
protected IActionResult _400 => StatusCode(400, new { message = "Bad Request" });
protected IActionResult _401 => StatusCode(404, new { message = "Unauthorized" });
protected IActionResult _404 => StatusCode(404, new { message = "Not Found" });
+
+ protected string Token
+ {
+ get
+ {
+ var t = Request.Cookies["token"];
+ if (string.IsNullOrEmpty(t))
+ throw new AuthenticationException("Token is missing");
+
+ return t;
+ }
+ }
private string? _ip;