Readme Change (#2190)

* Implemented the ability to login to the app by passing apiKey to the login. This is for an upcoming feature (but currently blocked by another story) * Added a comment * Ensure locales are sorted * Added a new status badge that shows how many active installs we have via users that use stats. * Bump all GA to latest versions * Bumped dependencies * Bumped backend notifications * Updated ngx-pdf-reader to upcoming beta which fixes some PDFs taking time to load. PDF reader will use browser locale to load localization rather than Kavita locale for now. * Downgraded pdf viewer as beta has lots of bugs.
2023-08-08 14:06:53 -05:00 · 2023-08-08 14:06:53 -05:00 · 9f17f5daa7
commit 9f17f5daa7
parent d4e1e08b4f
17 changed files with 93 additions and 76 deletions
--- a/API/Controllers/AccountController.cs
+++ b/API/Controllers/AccountController.cs
@ -177,26 +177,40 @@ public class AccountController : BaseApiController
    [HttpPost("login")]
    public async Task<ActionResult<UserDto>> Login(LoginDto loginDto)
    {
-        var user = await _userManager.Users
-            .Include(u => u.UserPreferences)
-            .SingleOrDefaultAsync(x => x.NormalizedUserName == loginDto.Username.ToUpper());
+        AppUser? user;
+        if (!string.IsNullOrEmpty(loginDto.ApiKey))
+        {
+            user = await _userManager.Users
+                .Include(u => u.UserPreferences)
+                .SingleOrDefaultAsync(x => x.ApiKey == loginDto.ApiKey);
+        }
+        else
+        {
+            user = await _userManager.Users
+                .Include(u => u.UserPreferences)
+                .SingleOrDefaultAsync(x => x.NormalizedUserName == loginDto.Username.ToUpper());
+        }
+

        if (user == null) return Unauthorized(await _localizationService.Get("en", "bad-credentials"));
        var roles = await _userManager.GetRolesAsync(user);
        if (!roles.Contains(PolicyConstants.LoginRole)) return Unauthorized(await _localizationService.Translate(user.Id, "disabled-account"));

-        var result = await _signInManager
-            .CheckPasswordSignInAsync(user, loginDto.Password, true);
-
-        if (result.IsLockedOut)
+        if (string.IsNullOrEmpty(loginDto.ApiKey))
        {
-            await _userManager.UpdateSecurityStampAsync(user);
-            return Unauthorized(await _localizationService.Translate(user.Id, "locked-out"));
-        }
+            var result = await _signInManager
+                .CheckPasswordSignInAsync(user, loginDto.Password, true);

-        if (!result.Succeeded)
-        {
-            return Unauthorized(await _localizationService.Translate(user.Id, result.IsNotAllowed ? "confirm-email" : "bad-credentials"));
+            if (result.IsLockedOut)
+            {
+                await _userManager.UpdateSecurityStampAsync(user);
+                return Unauthorized(await _localizationService.Translate(user.Id, "locked-out"));
+            }
+
+            if (!result.Succeeded)
+            {
+                return Unauthorized(await _localizationService.Translate(user.Id, result.IsNotAllowed ? "confirm-email" : "bad-credentials"));
+            }
        }

        // Update LastActive on account