Add login restriction

https://github.com/iv-org/invidious/issues/446#issuecomment-1342296218
2023-10-27 16:00:34 +02:00 · 2023-10-27 16:00:34 +02:00 · ce7ac8d6ca
commit ce7ac8d6ca
parent 8087e64dfe
2 changed files with 7 additions and 0 deletions
--- a/src/invidious/config.cr
+++ b/src/invidious/config.cr
@ -84,6 +84,7 @@ class Config

  # Used to tell Invidious it is behind a proxy, so links to resources should be https://
  property https_only : Bool?
+  property login_only : Bool?
  # HMAC signing key for CSRF tokens and verifying pubsub subscriptions
  property hmac_key : String = ""
  # Domain to be used for links to resources on the site where an absolute URL is required
--- a/src/invidious/routes/before_all.cr
+++ b/src/invidious/routes/before_all.cr
@ -122,5 +122,11 @@ module Invidious::Routes::BeforeAll
    end

    env.set "current_page", URI.encode_www_form(current_page)
+
+    unregistered_path_whitelist = {"/", "/login", "/licenses", "/privacy"}
+    if !env.get?("user") && !unregistered_path_whitelist.includes?(env.request.path) && CONFIG.login_only
+      env.response.headers["Location"] = "/login"
+      haltf env, status_code: 302
+    end
  end
 end