KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed issue with mobile-client on password-protected list

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-04-08 17:41:24 +02:00
parent 58362f14bb
commit 9273576fe6
3 changed files with 14 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/public/assets/js/listeners.js
View File

@@ -30,8 +30,8 @@ var showDiscovery = false;
var player_ready = false; var player_ready = false;
var viewers = 1; var viewers = 1;
var temp_user_pass = ""; var temp_user_pass = "";
var zoff_api_token = "DwpnKVkaMH2HdcpJT2YPy783SY33byF5/32rbs0+xdU="; //var zoff_api_token = "DwpnKVkaMH2HdcpJT2YPy783SY33byF5/32rbs0+xdU=";
//var zoff_api_token = "AhmC4Yg2BhaWPZBXeoWK96DAiAVfbou8TUG2IXtD3ZQ="; var zoff_api_token = "AhmC4Yg2BhaWPZBXeoWK96DAiAVfbou8TUG2IXtD3ZQ=";
var retry_frontpage; var retry_frontpage;
var chromecast_specs_sent = false; var chromecast_specs_sent = false;
var dragging = false; var dragging = false;

2
server/public/layouts/client/main.handlebars
View File

@@ -25,7 +25,7 @@
<link rel="manifest" href="/assets/manifest.json"> <link rel="manifest" href="/assets/manifest.json">
{{#unless embed}} {{#unless embed}}
<link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/spectrum/1.8.0/spectrum.min.css" media="none" onload="if(media!='all')media='all'"> <link rel="stylesheet" type="text/css" href="https://cdnjs.cloudflare.com/ajax/libs/spectrum/1.8.0/spectrum.min.css" media="none" onload="if(media!='all')media='all'">
<link rel="apple-touch-icon" sizes="180x180" href="apple-touch-icon.png"> <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/assets/images/favicon-32x32.png"> <link rel="icon" type="image/png" sizes="32x32" href="/assets/images/favicon-32x32.png">
<link rel="icon" id="favicon" type="image/png" sizes="16x16" href="/assets/images/favicon-16x16.png"> <link rel="icon" id="favicon" type="image/png" sizes="16x16" href="/assets/images/favicon-16x16.png">
<link rel="mask-icon" href="/assets/images/safari-pinned-tab.svg" color="#2d2d2d"> <link rel="mask-icon" href="/assets/images/safari-pinned-tab.svg" color="#2d2d2d">

21
server/routing/client/api.js
View File

@@ -177,10 +177,10 @@ router.route('/api/list/:channel_name/:video_id').delete(function(req, res) {
Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) { Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) {
if(req.body.adminpass == "") { if(req.body.adminpass == "") {
adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string("", _a), 'utf8').digest("hex")); adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string(_a), 'utf8').digest("hex"));
} }
if(req.body.userpass == "") { if(req.body.userpass == "") {
userpass = crypto.createHash('sha256').update(Functions.decrypt_string("", _u), 'utf8').digest("base64"); userpass = crypto.createHash('sha256').update(Functions.decrypt_string(_u), 'utf8').digest("base64");
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
var authorized = false; var authorized = false;
@@ -332,10 +332,10 @@ router.route('/api/conf/:channel_name').put(function(req, res) {
var cookie = req.cookies._uI; var cookie = req.cookies._uI;
Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) { Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) {
if(req.body.adminpass == "") { if(req.body.adminpass == "") {
adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string("", _a), 'utf8').digest("hex")); adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string(_a), 'utf8').digest("hex"));
} }
if(req.body.userpass == "") { if(req.body.userpass == "") {
userpass = crypto.createHash('sha256').update(Functions.decrypt_string("", _u), 'utf8').digest("base64"); userpass = crypto.createHash('sha256').update(Functions.decrypt_string(_u), 'utf8').digest("base64");
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
var authorized = false; var authorized = false;
@@ -458,10 +458,10 @@ router.route('/api/list/:channel_name/:video_id').put(function(req,res) {
var cookie = req.cookies._uI; var cookie = req.cookies._uI;
Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) { Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) {
if(req.body.adminpass == "") { if(req.body.adminpass == "") {
adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string("", _a), 'utf8').digest("hex")); adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string(_a), 'utf8').digest("hex"));
} }
if(req.body.userpass == "") { if(req.body.userpass == "") {
userpass = crypto.createHash('sha256').update(Functions.decrypt_string("", _u), 'utf8').digest("base64"); userpass = crypto.createHash('sha256').update(Functions.decrypt_string(_u), 'utf8').digest("base64");
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
var authorized = false; var authorized = false;
@@ -555,7 +555,7 @@ router.route('/api/list/:channel_name/__np__').post(function(req, res) {
var cookie = req.cookies._uI; var cookie = req.cookies._uI;
Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) { Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) {
if(req.body.userpass == "") { if(req.body.userpass == "") {
userpass = crypto.createHash('sha256').update(Functions.decrypt_string("", _u), 'utf8').digest("base64"); userpass = crypto.createHash('sha256').update(Functions.decrypt_string(_u), 'utf8').digest("base64");
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
var authorized = false; var authorized = false;
@@ -679,10 +679,10 @@ router.route('/api/list/:channel_name/:video_id').post(function(req,res) {
var cookie = req.cookies._uI; var cookie = req.cookies._uI;
Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) { Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) {
if(req.body.adminpass == "") { if(req.body.adminpass == "") {
adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string("", _a), 'utf8').digest("hex")); adminpass = Functions.hash_pass(crypto.createHash('sha256').update(Functions.decrypt_string(_a), 'utf8').digest("hex"));
} }
if(req.body.userpass == "") { if(req.body.userpass == "") {
userpass = crypto.createHash('sha256').update(Functions.decrypt_string("", _u), 'utf8').digest("base64"); userpass = crypto.createHash('sha256').update(Functions.decrypt_string(_u), 'utf8').digest("base64");
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {
var authorized = false; var authorized = false;
@@ -1033,7 +1033,8 @@ router.route('/api/list/:channel_name').post(function(req, res) {
var cookie = req.cookies._uI; var cookie = req.cookies._uI;
Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) { Functions.getSessionAdminUser(cookie, channel_name, function(_u, _a) {
if(req.body.userpass == "") { if(req.body.userpass == "") {
userpass = crypto.createHash('sha256').update(Functions.decrypt_string("", _u), 'utf8').digest("base64"); //userpass = Functions.hash_pass(Functions.hash_pass(Functions.decrypt_string(_u)))
userpass = crypto.createHash('sha256').update(Functions.decrypt_string(_u), 'utf8').digest("base64");
} }
token_db.collection("api_token").find({token: token}, function(err, token_docs) { token_db.collection("api_token").find({token: token}, function(err, token_docs) {