mirror/AudioBookRequest
1
0
Fork 0
mirror of https://github.com/markbeep/AudioBookRequest.git synced 2026-01-04 04:29:41 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix typos and adjust hint texts

Browse Source
This commit is contained in:
Markbeep
2025-03-14 16:25:26 +01:00
parent 7cd0d1bebe
commit 0f261e0ba5
5 changed files with 55 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@@ -76,6 +76,8 @@ OIDC allows you to use an external authentication service (Authentik, Keycloak,
- client id
- client secret
In your auth server settings, make sure you allow for redirecting to `/auth/oidc`. The oidc-login flow will redirect you there after you log in.
Applying settings does not directly invalidate your current session. To test OIDC-settings, press the "log out" button to invalidate your current session.
#### Getting locked out
@@ -97,9 +99,7 @@ services:
web:
image: markbeep/audiobookrequest:1
ports:
- "8000:8765"
environment:
ABR_APP__PORT: 8765
- "8000:8000"
volumes:
- ./config:/config
```
@@ -130,12 +130,9 @@ spec:
volumeMounts:
- mountPath: /config
name: abr-config
env:
- name: ABR_APP__PORT
value: "8765"
ports:
- name: http-request
containerPort: 8765
containerPort: 8000
volumes:
- name: abr-config
hostPath:

47
app/routers/settings.py
View File

@@ -693,20 +693,22 @@ async def update_security(
headers={"HX-Retarget": "#message"},
)
if login_type in [LoginTypeEnum.basic, LoginTypeEnum.forms]:
if access_token_expiry is not None:
if access_token_expiry < 1:
return error_response("Access token expiry can't be 0 or negative")
else:
auth_config.set_access_token_expiry_minutes(
session, Minute(access_token_expiry)
)
if (
login_type in [LoginTypeEnum.basic, LoginTypeEnum.forms]
and min_password_length is not None
):
if min_password_length < 1:
return error_response("Minimum password length can't be 0 or negative")
else:
auth_config.set_min_password_length(session, min_password_length)
if min_password_length is not None:
if min_password_length < 1:
return error_response("Minimum password length can't be 0 or negative")
else:
auth_config.set_min_password_length(session, min_password_length)
if access_token_expiry is not None:
if access_token_expiry < 1:
return error_response("Access token expiry can't be 0 or negative")
else:
auth_config.set_access_token_expiry_minutes(
session, Minute(access_token_expiry)
)
if login_type == LoginTypeEnum.oidc:
if oidc_endpoint:
@@ -722,9 +724,9 @@ async def update_security(
if oidc_group_claim:
oidc_config.set(session, "oidc_group_claim", oidc_group_claim)
error = await oidc_config.validate(session, client_session)
if error:
return error_response(error)
error_message = await oidc_config.validate(session, client_session)
if error_message:
return error_response(error_message)
old = auth_config.get_login_type(session)
auth_config.set_login_type(session, login_type)
@@ -736,13 +738,12 @@ async def update_security(
"page": "security",
"login_type": auth_config.get_login_type(session),
"access_token_expiry": auth_config.get_access_token_expiry_minutes(session),
"oidc_client_id": oidc_config.get(session, "oidc_client_id") or "",
"oidc_scope": oidc_config.get(session, "oidc_scope") or "",
"oidc_username_claim": oidc_config.get(session, "oidc_username_claim")
or "",
"oidc_group_claim": oidc_config.get(session, "oidc_group_claim") or "",
"oidc_client_secret": oidc_config.get(session, "oidc_client_secret") or "",
"oidc_endpoint": oidc_config.get(session, "oidc_endpoint") or "",
"oidc_client_id": oidc_config.get(session, "oidc_client_id", ""),
"oidc_scope": oidc_config.get(session, "oidc_scope", ""),
"oidc_username_claim": oidc_config.get(session, "oidc_username_claim", ""),
"oidc_group_claim": oidc_config.get(session, "oidc_group_claim", ""),
"oidc_client_secret": oidc_config.get(session, "oidc_client_secret", ""),
"oidc_endpoint": oidc_config.get(session, "oidc_endpoint", ""),
"success": "Settings updated",
},
block_name="form",

17
app/util/cache.py
View File

@@ -35,10 +35,23 @@ L = TypeVar("L", bound=str)
class StringConfigCache(Generic[L], ABC):
_cache: dict[L, str] = {}
@overload
def get(self, session: Session, key: L) -> Optional[str]:
pass
@overload
def get(self, session: Session, key: L, default: str) -> str:
pass
def get(
self, session: Session, key: L, default: Optional[str] = None
) -> Optional[str]:
if key in self._cache:
return self._cache[key]
return session.exec(select(Config.value).where(Config.key == key)).one_or_none()
return (
session.exec(select(Config.value).where(Config.key == key)).one_or_none()
or default
)
def set(self, session: Session, key: L, value: str):
old = session.exec(select(Config).where(Config.key == key)).one_or_none()
@@ -59,7 +72,7 @@ class StringConfigCache(Generic[L], ABC):
del self._cache[key]
@overload
def get_int(self, session: Session, key: L, default: None = None) -> Optional[int]:
def get_int(self, session: Session, key: L) -> Optional[int]:
pass
@overload

2
templates/invalid_oidc.html
View File

@@ -7,7 +7,7 @@
<p>Error: <span class="font-mono text-error">{{ error }}</span></p>
<p>
Click the button below to log in with an admin account (without oidc):
Click the button below to log in with a root admin account as a backup:
</p>
<a class="btn" href="/login?backup=1">Backup Login</a>
</div>

14
templates/settings_page/security.html
View File

@@ -155,9 +155,17 @@
/>
<p class="text-error">
Make sure all the settings are correct. Once you save you'll be
redirected to your auth server. If there is a configuration error the
login type will be reset to the forms login.
Make sure all the settings are correct. In the case of a
miconfiguration, you can log in at
<a
href="/login?backup=1"
class="font-mono link whitespace-nowrap inline-block"
>/login?backup=1</a
>
to fix the settings.
<br />
Note: To test your OpenID Connect settings you have to log out to
invalidate your current session first.
</p>
</div>
</template>