shpaq/sct-overseerr
1
0
Fork 0
mirror of https://github.com/sct/overseerr.git synced 2025-09-17 17:24:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: generate real api key

Browse Source 
This also hides the api key from users without the ADMIN permission. It will not be returned from
the api for them. Regenerate functionality is not in the commit.
This commit is contained in:
sct
2020-12-08 05:04:15 +00:00
parent 20769d58dd
commit a8393707fe
8 changed files with 64 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
server/lib/settings.ts
View File

@@ -102,7 +102,7 @@ class Settings {
this.data = { this.data = {
clientId: '', clientId: '',
main: { main: {
apiKey: 'temp', apiKey: '',
applicationUrl: '', applicationUrl: '',
}, },
plex: { plex: {
@@ -144,6 +144,10 @@ class Settings {
} }
get main(): MainSettings { get main(): MainSettings {
if (!this.data.main.apiKey) {
this.data.main.apiKey = this.generateApiKey();
this.save();
}
return this.data.main; return this.data.main;
} }
@@ -200,6 +204,16 @@ class Settings {
return this.data.clientId; return this.data.clientId;
} }
public regenerateApiKey(): MainSettings {
this.main.apiKey = this.generateApiKey();
this.save();
return this.main;
}
private generateApiKey(): string {
return Buffer.from(`${Date.now()}${this.clientId}`).toString('base64');
}
/** /**
* Settings Load * Settings Load
* *

9
server/routes/settings.ts
View File

@@ -4,6 +4,7 @@ import {
RadarrSettings, RadarrSettings,
SonarrSettings, SonarrSettings,
Library, Library,
MainSettings,
} from '../lib/settings'; } from '../lib/settings';
import { getRepository } from 'typeorm'; import { getRepository } from 'typeorm';
import { User } from '../entity/User'; import { User } from '../entity/User';
@@ -19,9 +20,15 @@ import { merge } from 'lodash';
const settingsRoutes = Router(); const settingsRoutes = Router();
settingsRoutes.get('/main', (_req, res) => { settingsRoutes.get('/main', (req, res) => {
const settings = getSettings(); const settings = getSettings();
if (!req.user?.hasPermission(Permission.ADMIN)) {
return res.status(200).json({
applicationUrl: settings.main.applicationUrl,
} as Partial<MainSettings>);
}
res.status(200).json(settings.main); res.status(200).json(settings.main);
}); });

7
src/components/Settings/SettingsMain.tsx
View File

@@ -7,6 +7,7 @@ import { Form, Formik, Field } from 'formik';
import axios from 'axios'; import axios from 'axios';
import Button from '../Common/Button'; import Button from '../Common/Button';
import { defineMessages, useIntl } from 'react-intl'; import { defineMessages, useIntl } from 'react-intl';
import { useUser, Permission } from '../../hooks/useUser';
const messages = defineMessages({ const messages = defineMessages({
generalsettings: 'General Settings', generalsettings: 'General Settings',
@@ -19,6 +20,7 @@ const messages = defineMessages({
}); });
const SettingsMain: React.FC = () => { const SettingsMain: React.FC = () => {
const { hasPermission } = useUser();
const intl = useIntl(); const intl = useIntl();
const { data, error, revalidate } = useSWR<MainSettings>( const { data, error, revalidate } = useSWR<MainSettings>(
'/api/v1/settings/main' '/api/v1/settings/main'
@@ -41,7 +43,6 @@ const SettingsMain: React.FC = () => {
<div className="mt-6 sm:mt-5"> <div className="mt-6 sm:mt-5">
<Formik <Formik
initialValues={{ initialValues={{
apiKey: data?.apiKey,
applicationUrl: data?.applicationUrl, applicationUrl: data?.applicationUrl,
}} }}
onSubmit={async (values) => { onSubmit={async (values) => {
@@ -59,6 +60,7 @@ const SettingsMain: React.FC = () => {
{({ isSubmitting }) => { {({ isSubmitting }) => {
return ( return (
<Form> <Form>
{hasPermission(Permission.ADMIN) && (
<div className="sm:grid sm:grid-cols-3 sm:gap-4 sm:items-start sm:border-t sm:border-gray-800 sm:pt-5"> <div className="sm:grid sm:grid-cols-3 sm:gap-4 sm:items-start sm:border-t sm:border-gray-800 sm:pt-5">
<label <label
htmlFor="username" htmlFor="username"
@@ -70,7 +72,7 @@ const SettingsMain: React.FC = () => {
<div className="max-w-lg flex rounded-md shadow-sm"> <div className="max-w-lg flex rounded-md shadow-sm">
<input <input
type="text" type="text"
id="username" id="apiKey"
className="flex-1 form-input block w-full min-w-0 rounded-none rounded-l-md transition duration-150 ease-in-out sm:text-sm sm:leading-5 bg-gray-700 border border-gray-500" className="flex-1 form-input block w-full min-w-0 rounded-none rounded-l-md transition duration-150 ease-in-out sm:text-sm sm:leading-5 bg-gray-700 border border-gray-500"
value={data?.apiKey} value={data?.apiKey}
readOnly readOnly
@@ -93,6 +95,7 @@ const SettingsMain: React.FC = () => {
</div> </div>
</div> </div>
</div> </div>
)}
<div className="mt-6 sm:mt-5 sm:grid sm:grid-cols-3 sm:gap-4 sm:items-start sm:border-t sm:border-gray-800 sm:pt-5"> <div className="mt-6 sm:mt-5 sm:grid sm:grid-cols-3 sm:gap-4 sm:items-start sm:border-t sm:border-gray-800 sm:pt-5">
<label <label
htmlFor="name" htmlFor="name"

2
src/pages/settings/index.tsx
View File

@@ -6,7 +6,7 @@ import useRouteGuard from '../../hooks/useRouteGuard';
import { Permission } from '../../hooks/useUser'; import { Permission } from '../../hooks/useUser';
const SettingsPage: NextPage = () => { const SettingsPage: NextPage = () => {
useRouteGuard(Permission.MANAGE_USERS); useRouteGuard(Permission.MANAGE_SETTINGS);
return ( return (
<SettingsLayout> <SettingsLayout>
<SettingsMain /> <SettingsMain />

2
src/pages/settings/jobs.tsx
View File

@@ -6,7 +6,7 @@ import { Permission } from '../../hooks/useUser';
import useRouteGuard from '../../hooks/useRouteGuard'; import useRouteGuard from '../../hooks/useRouteGuard';
const SettingsMainPage: NextPage = () => { const SettingsMainPage: NextPage = () => {
useRouteGuard(Permission.MANAGE_USERS); useRouteGuard(Permission.MANAGE_SETTINGS);
return ( return (
<SettingsLayout> <SettingsLayout>
<SettingsJobs /> <SettingsJobs />

2
src/pages/settings/main.tsx
View File

@@ -6,7 +6,7 @@ import { Permission } from '../../hooks/useUser';
import useRouteGuard from '../../hooks/useRouteGuard'; import useRouteGuard from '../../hooks/useRouteGuard';
const SettingsMainPage: NextPage = () => { const SettingsMainPage: NextPage = () => {
useRouteGuard(Permission.MANAGE_USERS); useRouteGuard(Permission.MANAGE_SETTINGS);
return ( return (
<SettingsLayout> <SettingsLayout>
<SettingsMain /> <SettingsMain />

2
src/pages/settings/plex.tsx
View File

@@ -6,7 +6,7 @@ import { Permission } from '../../hooks/useUser';
import useRouteGuard from '../../hooks/useRouteGuard'; import useRouteGuard from '../../hooks/useRouteGuard';
const PlexSettingsPage: NextPage = () => { const PlexSettingsPage: NextPage = () => {
useRouteGuard(Permission.MANAGE_USERS); useRouteGuard(Permission.MANAGE_SETTINGS);
return ( return (
<SettingsLayout> <SettingsLayout>
<SettingsPlex /> <SettingsPlex />

2
src/pages/settings/services.tsx
View File

@@ -6,7 +6,7 @@ import { Permission } from '../../hooks/useUser';
import useRouteGuard from '../../hooks/useRouteGuard'; import useRouteGuard from '../../hooks/useRouteGuard';
const ServicesSettingsPage: NextPage = () => { const ServicesSettingsPage: NextPage = () => {
useRouteGuard(Permission.MANAGE_USERS); useRouteGuard(Permission.MANAGE_SETTINGS);
return ( return (
<SettingsLayout> <SettingsLayout>
<SettingsServices /> <SettingsServices />