From a1f68d7c434220ff2bceb3dff8cc987631c4b092 Mon Sep 17 00:00:00 2001
From: Joseph Milazzo <joseph.v.milazzo@gmail.com>
Date: Fri, 5 Jan 2024 14:56:17 -0600
Subject: [PATCH] Another test for forwarding authentication

---
 API/Middleware/CustomAuthHeaderMiddleware.cs | 25 +++++++++++++-------
 openapi.json                                 |  2 +-
 2 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/API/Middleware/CustomAuthHeaderMiddleware.cs b/API/Middleware/CustomAuthHeaderMiddleware.cs
index cb44a51ffb..74d95a6dc9 100644
--- a/API/Middleware/CustomAuthHeaderMiddleware.cs
+++ b/API/Middleware/CustomAuthHeaderMiddleware.cs
@@ -6,6 +6,7 @@
 using API.Services;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
 
 namespace API.Middleware;
 
@@ -15,7 +16,7 @@ public class CustomAuthHeaderMiddleware(RequestDelegate next)
     private readonly string[] allowedIpAddresses = { "192.168.1.0/24", "2001:db8::/32", "116.202.233.5", "104.21.81.112" };
 
 
-    public async Task Invoke(HttpContext context, IUnitOfWork unitOfWork)
+    public async Task Invoke(HttpContext context, IUnitOfWork unitOfWork, ILogger<CustomAuthHeaderMiddleware> logger, ITokenService tokenService)
     {
         // Extract user information from the custom header
         string remoteUser = context.Request.Headers["Remote-User"];
@@ -27,8 +28,6 @@ public async Task Invoke(HttpContext context, IUnitOfWork unitOfWork)
             return;
         }
 
-
-
         // Validate IP address
         if (IsValidIpAddress(context.Connection.RemoteIpAddress))
         {
@@ -42,12 +41,22 @@ public async Task Invoke(HttpContext context, IUnitOfWork unitOfWork)
                 return;
             }
             // Check if the RemoteUser has an account on the server
-            if (!context.Request.Path.Equals("/login", StringComparison.OrdinalIgnoreCase))
-            {
-                context.Response.Redirect($"/login?apiKey={user.ApiKey}");
-                return;
-            }
+            // if (!context.Request.Path.Equals("/login", StringComparison.OrdinalIgnoreCase))
+            // {
+            //     // Attach the Auth header and allow it to pass through
+            //     var token = await tokenService.CreateToken(user);
+            //     context.Request.Headers.Add("Authorization", $"Bearer {token}");
+            //     //context.Response.Redirect($"/login?apiKey={user.ApiKey}");
+            //     return;
+            // }
+            // Attach the Auth header and allow it to pass through
+            var token = await tokenService.CreateToken(user);
+            context.Request.Headers.Append("Authorization", $"Bearer {token}");
+            await next(context);
+            return;
         }
+
+        context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
         await next(context);
     }
 
diff --git a/openapi.json b/openapi.json
index 6e76efee0f..0b8bc25ef4 100644
--- a/openapi.json
+++ b/openapi.json
@@ -7,7 +7,7 @@
       "name": "GPL-3.0",
       "url": "https://github.com/Kareadita/Kavita/blob/develop/LICENSE"
     },
-    "version": "0.7.11.7"
+    "version": "0.7.11.10"
   },
   "servers": [
     {