Skip to content
GitLab
Commit d4cf14ec authored by Kasper Seweryn's avatar Kasper Seweryn 🥞 Committed by Kasper Seweryn
Browse files

Remove JWT leftovers

parent 00158f25
Hide whitespace changes
Inline Side-by-side
front/src/components/audio/Player.vue
View file @ d4cf14ec
......@@ -666,18 +666,17 @@ export default {
// so authentication can be checked by the backend
// because for audio files we cannot use the regular Authentication
// header
let param = 'jwt'
let value = this.$store.state.auth.token
if (this.$store.state.auth.scopedTokens && this.$store.state.auth.scopedTokens.listen) {
// used scoped tokens instead of JWT to reduce the attack surface if the token
// is leaked
param = 'token'
value = this.$store.state.auth.scopedTokens.listen
}
sources.forEach(e => {
e.url = updateQueryString(e.url, param, value)
return sources.map(source => {
source.url = updateQueryString(
source.url,
'token',
this.$store.state.auth.scopedTokens.listen
)
return source
})
}
return sources
},
......
front/src/components/library/TrackBase.vue
View file @ d4cf14ec
......@@ -310,25 +310,19 @@ export default {
return null
},
downloadUrl () {
let u = this.$store.getters['instance/absoluteUrl'](
const url = this.$store.getters['instance/absoluteUrl'](
this.upload.listen_url
)
if (this.$store.state.auth.authenticated) {
let param = 'jwt'
let value = this.$store.state.auth.token
if (this.$store.state.auth.scopedTokens && this.$store.state.auth.scopedTokens.listen) {
// used scoped tokens instead of JWT to reduce the attack surface if the token
// is leaked
param = 'token'
value = this.$store.state.auth.scopedTokens.listen
}
u = updateQueryString(
u,
param,
encodeURI(value)
return updateQueryString(
url,
'token',
encodeURI(this.$store.state.auth.scopedTokens.listen)
)
}
return u
return url
},
attributedToUrl () {
const route = this.$router.resolve({
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment