Seriously, this one is pretty massive. Satyr now has proper sessions in the browser (like a real website), and a lot of changes were made.
API Endpoints were changed from requiring a username and password to requiring a valid JsonWebToken, obtained from /api/login
Satyr will generate a PEM format key for JWT signing and verification on startup if it can't find one at config/jwt.pem
This file was added to .gitignore
Two new depencies: cookie-parser and jose, for reading and signing JWTs.
Refactored http.ts into mutiple functions, with a couple helper functions related to cookies and JWT decoding and verification. Socket.IO chat will also automatically log in users with a valid JWT.
Refactor api.ts to reflect new requirements from endpoints.
Minor bugfix in server.ts so we don't throw an uncaught exception when rejecting a stream with an invalid key.
Transcode options readded to default.toml. They do nothing and they are not sane defaults. Both of those things are in the todo list.
Filled out API for user management
Proper escaping of user input for SQL queries (stream keys aren't user input)
Filled out frontend with profile management, vods, etc.
I don't remember there's probably more, fuck.
knotteye