julienfroidefond/stripstream
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(secu): don't store komga pwd but authstring

Browse Source
This commit is contained in:
Julien Froidefond
2025-02-24 08:28:43 +01:00
parent 738abe3b9d
commit 980a6daca2
7 changed files with 17 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/app/api/komga/test/route.ts
View File

@@ -1,17 +1,16 @@
import { NextResponse } from "next/server";
import { TestService } from "@/lib/services/test.service";
import { AuthConfig } from "@/types/auth";
import { ConfigDBService } from "@/lib/services/config-db.service";
export async function POST(request: Request) {
export async function POST() {
try {
const { serverUrl, username, password } = await request.json();
const config = await ConfigDBService.getConfig();
const config: AuthConfig = {
serverUrl,
credentials: { username, password },
};
const { libraries } = await TestService.testConnection({
serverUrl: config.url,
authHeader: config.authHeader,
});
const { libraries } = await TestService.testConnection(config);
return NextResponse.json({
message: "Connexion réussie",
librariesCount: libraries.length,

1
src/app/settings/page.tsx
View File

@@ -18,7 +18,6 @@ export default async function SettingsPage() {
config = {
url: mongoConfig.url,
username: mongoConfig.username,
password: mongoConfig.password,
userId: mongoConfig.userId,
};
}

1
src/components/settings/ClientSettings.tsx
View File

@@ -13,7 +13,6 @@ import { CacheModeSwitch } from "@/components/settings/CacheModeSwitch";
interface KomgaConfig {
url: string;
username: string;
password: string;
userId: string;
}

2
src/lib/models/config.model.ts
View File

@@ -15,7 +15,7 @@ const configSchema = new mongoose.Schema(
type: String,
required: true,
},
password: {
authHeader: {
type: String,
required: true,
},

13
src/lib/services/base-api.service.ts
View File

@@ -21,10 +21,7 @@ export abstract class BaseApiService {
const config = await ConfigDBService.getConfig();
return {
serverUrl: config.url,
credentials: {
username: config.username,
password: config.password,
},
authHeader: config.authHeader,
};
} catch (error) {
console.error("Erreur lors de la récupération de la configuration:", error);
@@ -33,16 +30,12 @@ export abstract class BaseApiService {
}
protected static getAuthHeaders(config: AuthConfig): Headers {
if (!config.credentials?.username || !config.credentials?.password) {
if (!config.authHeader) {
throw new Error("Credentials Komga manquants");
}
const auth = Buffer.from(
`${config.credentials.username}:${config.credentials.password}`
).toString("base64");
return new Headers({
Authorization: `Basic ${auth}`,
Authorization: `Basic ${config.authHeader}`,
Accept: "application/json",
});
}

6
src/lib/services/config-db.service.ts
View File

@@ -13,6 +13,7 @@ interface KomgaConfigData {
url: string;
username: string;
password: string;
authHeader: string;
}
interface TTLConfigData {
@@ -37,13 +38,16 @@ export class ConfigDBService {
const user = this.getCurrentUser();
await connectDB();
const authHeader = Buffer.from(`${data.username}:${data.password}`).toString("base64");
const config = await KomgaConfig.findOneAndUpdate(
{ userId: user.id },
{
userId: user.id,
url: data.url,
username: data.username,
password: data.password,
// password: data.password,
authHeader,
},
{ upsert: true, new: true }
);

5
src/types/auth.ts
View File

@@ -2,10 +2,7 @@ import { KomgaUser } from "./komga";
export interface AuthConfig {
serverUrl: string;
credentials: {
username: string;
password: string;
};
authHeader: string;
}
export interface AuthState {