Is there any server hook that provides the logged in user’s informations?
Currently I have found so far is that, there is peertubeHelpers.user.getAuthUser(res) but I have to provide res to the function and the other is action:api.user.oauth2-got-token but it only provides information when a user login using the login process. It doesnot provide any information if a user is already logged in.
Can anyone help me here or I am missing something?
I am trying to make the video download functionality available for some users only and for that I have used filter:api.download.video.allowed.result which provides allowed option either true/false to download video.
So, for that I have added some users to my storageManager of plugin. I want to only allow users that are in the list of users from the storageManager. So, in order to check the logged in users with my storageManager's users, I have to get the user details (username) of the logged in user which I am unable to achieve now.
Is it achievable?
Here is my code:
registerHook({
target: 'filter:api.download.video.allowed.result',
handler: async (result: any, params: any) => {
// const loggedInUser = peertubeHelpers.user.getAuthUser(res)
const userList = await storageManager.getData(params.video.dataValues.id)
if (!userList) {
return { allowed: false, errorMessage: 'You are not authorized to download this video.' }
}
if (!userList.includes(loggedInUser.username)) {
return { allowed: false, errorMessage: 'You are not authorized to download this video.' }
}
return result
}
})
Oh sorry, I never realized that hook handlers don’t get expressJS route parameters (I never used backend hooks).
@Chocobozzz , reading the Peertube code, it seems that the current user is not passed to the filter:api.download.video.allowed.result hook. I’m I missing something?
Hello @Chocobozzz,
I tried to get the user logged in information using the recently added res in the filter:api.download.video.allowed.result but peertubeHelpers.user.getAuthUser(result.res) below is returning undefined.
In V5 we can use a token dedicated to access video files. With this system doesn’t provide the user in the request. I need to check how to still add the user who generated the token inside the request with this new system.