zotan/mediamanager
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add additional safeties for the fallback user

Browse source
This commit is contained in:
Laura Hausmann 2023-04-02 02:20:26 +02:00
parent 8ab0d99afe
commit 149ecf3efe
Signed by: zotan
GPG key ID: D044E84C5BE01605
3 changed files with 19 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
MediaManager/AuthUtil.cs
View file

@ -2,19 +2,16 @@ using LinqToDB;
using MediaManager.database; using MediaManager.database;
using MediaManager.database.Tables; using MediaManager.database.Tables;
namespace MediaManager; namespace MediaManager;
public static class AuthUtil { public static class AuthUtil {
public static string GetRemoteUser(HttpContext ctx, Database.DbConn db) { public static string GetRemoteUser(HttpContext ctx, Database.DbConn db) {
#if (DEBUG) var remoteUser = ctx.Request.Headers.ContainsKey("Remote-User") ? ctx.Request.Headers["Remote-User"].ToString() : "_debuguser";
const string remoteUser = "debuguser";
#else
var remoteUser = ctx.Request.Headers["Remote-User"];
#endif
if (!db.Users.Any(p => p.Username == remoteUser)) { if (!db.Users.Any(p => p.Username == remoteUser)) {
db.InsertWithInt32Identity(new User {Username = remoteUser}); db.InsertWithInt32Identity(new User { Username = remoteUser });
} }
return remoteUser; return remoteUser;
} }
} }

9
MediaManager/Pages/Shared/_Layout.cshtml
View file

@ -1,4 +1,6 @@
<!DOCTYPE html> @using MediaManager.database
@using Microsoft.AspNetCore.Mvc.TagHelpers
<!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8"/> <meta charset="utf-8"/>
@ -34,6 +36,11 @@
</header> </header>
<div class="container"> <div class="container">
<main role="main" class="pb-3"> <main role="main" class="pb-3">
@if (AuthUtil.GetRemoteUser(Context, new Database.DbConn()) == "_debuguser") {
<div class="alert alert-warning" role="alert">
You are connected as the fallback user '@AuthUtil.GetRemoteUser(Context, new Database.DbConn())' because no 'Remote-User' header was received. If this is a production deployment, please make sure your configuration is correct.
</div>
}
@RenderBody() @RenderBody()
</main> </main>
</div> </div>

8
MediaManager/Pages/Shared/_LayoutNoContainer.cshtml
View file

@ -1,4 +1,5 @@
<!DOCTYPE html> @using MediaManager.database
<!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8"/> <meta charset="utf-8"/>
@ -34,6 +35,11 @@
</header> </header>
<div> <div>
<main role="main" class="pb-3"> <main role="main" class="pb-3">
@if (AuthUtil.GetRemoteUser(Context, new Database.DbConn()) == "_debuguser") {
<div class="alert alert-warning" role="alert">
You are connected as the fallback user '@AuthUtil.GetRemoteUser(Context, new Database.DbConn())' because no 'Remote-User' header was received. If this is a production deployment, please make sure your configuration is correct.
</div>
}
@RenderBody() @RenderBody()
</main> </main>
</div> </div>