search

algora-io / tv

Open source Twitch for developers
https://algora.tv
Other
1.01k stars 59 forks source link

feat(security): implement stream key authentication #63

Closed onyedikachi-david closed 2 months ago

onyedikachi-david commented 2 months ago

/claim #41 Fixes: #41

onyedikachi-david commented 2 months ago

Thanks for the PR. Once it's done can you share a short demo of the feature?

I’ve been trying to run the setup locally using a modified Docker files and seeds.exs. However, I encountered an issue: I can't access the channel/settings endpoint because I need to be authenticated to see the settings. Could you please share your local development setup?

Here’s what I’ve tried:

docker-compose.yml ```yml services: db: image: postgres:13 environment: POSTGRES_USER: dev_user POSTGRES_PASSWORD: dev_password POSTGRES_DB: dev_db ports: - "5432:5432" volumes: - postgres_data:/var/lib/postgresql/data app: build: context: . dockerfile: Dockerfile environment: MIX_ENV: dev DATABASE_URL: "postgres://dev_user:dev_password@db:5432/dev_db" SEED_DB: "true" # Set this to "true" to run seeds ports: - "4000:4000" depends_on: - db command: ["phx.server"] volumes: - .:/app - deps:/app/deps - _build:/app/_build volumes: postgres_data: deps: _build: ```
Dockerfile ```yml # Base images ARG BUILDER_IMAGE="hexpm/elixir:1.15.7-erlang-26.2-debian-bookworm-20231009-slim" ARG RUNNER_IMAGE="hexpm/elixir:1.15.7-erlang-26.2-debian-bookworm-20231009-slim" FROM ${BUILDER_IMAGE} as builder # Install build dependencies RUN apt-get update -y && \ apt-get install -y build-essential git curl postgresql-client && \ apt-get clean && \ rm -f /var/lib/apt/lists/*_* # Prepare build dir WORKDIR /app # Install hex + rebar RUN mix local.hex --force && \ mix local.rebar --force # Set build ENV to development ENV MIX_ENV="dev" # Install mix dependencies COPY mix.exs mix.lock ./ RUN mix deps.get --only $MIX_ENV RUN mkdir config # Copy compile-time config files COPY config/config.exs config/${MIX_ENV}.exs config/ RUN mix deps.compile COPY priv priv # Compile the release COPY lib lib COPY assets assets RUN mix assets.deploy RUN mix compile # Copy runtime config COPY config/runtime.exs config/ COPY rel rel # Don't run mix release for dev # RUN mix release FROM ${RUNNER_IMAGE} # Install runtime dependencies RUN apt-get update -y && \ apt-get install -y libstdc++6 openssl libncurses5 locales ffmpeg imagemagick postgresql-client inotify-tools && \ apt-get clean && \ rm -f /var/lib/apt/lists/*_* WORKDIR /app # Copy the built artifact from the builder stage COPY --from=builder /app /app COPY --from=builder /root/.mix /root/.mix # Install hex and rebar RUN mix local.hex --force && \ mix local.rebar --force # Add this near the end of the file COPY entrypoint.sh /app/ RUN chmod +x /app/entrypoint.sh # Change the ENTRYPOINT to use shell form ENTRYPOINT ["/bin/bash", "/app/entrypoint.sh"] CMD ["phx.server"] ```
seeds.exs ```elixir alias Algora.Library.Video alias Algora.Repo # Script for populating the database. You can run it as: # # mix run priv/repo/seeds.exs # # Inside the script, you can read and write to any of your # repositories directly: # # Algora.Repo.insert!(%Algora.SomeSchema{}) # Uncomment and modify as needed # Then modify your insert statement: # At the top of your seeds.exs file: # alias Algora.Library.Video # alias Algora.Repo for i <- 1..200 do type = if rem(i, 2) == 0, do: :vod, else: :livestream format = if type == :vod, do: :mp4, else: :hls video_attrs = %{ title: "Sample #{if type == :vod, do: "Video", else: "Livestream"} #{i}", description: "This is a sample #{if type == :vod, do: "video", else: "livestream"} description.", type: type, format: format, is_live: type == :livestream, visibility: :public, duration: :rand.uniform(3600) # Random duration up to 1 hour (3600 seconds) } changeset = %Video{} |> Video.changeset(video_attrs) |> Video.put_video_url(format) # Manually set fields that might not be included in the changeset changeset = Ecto.Changeset.force_change(changeset, :type, type) changeset = Ecto.Changeset.force_change(changeset, :format, format) case Repo.insert(changeset) do {:ok, video} -> IO.puts("Created video: #{video.id} - #{video.title}") {:error, changeset} -> IO.puts("Failed to create video:") IO.inspect(changeset.errors) end end ```

Here’s the screenshot of the current state of the app:

image

Log output showing the Docker run success:

Log output ```cmd app-1 | Created video: 392 - Sample Video 188 app-1 | Created video: 393 - Sample Livestream 189 app-1 | Created video: 394 - Sample Video 190 app-1 | Created video: 395 - Sample Livestream 191 app-1 | Created video: 396 - Sample Video 192 app-1 | Created video: 397 - Sample Livestream 193 app-1 | Created video: 398 - Sample Video 194 app-1 | Created video: 399 - Sample Livestream 195 app-1 | Created video: 400 - Sample Video 196 app-1 | Created video: 401 - Sample Livestream 197 app-1 | Created video: 402 - Sample Video 198 app-1 | Created video: 403 - Sample Livestream 199 app-1 | Created video: 404 - Sample Video 200 app-1 | Starting Phoenix app... app-1 | WARNING: All log messages before absl::InitializeLog() is called are written to STDERR app-1 | I0000 00:00:1723949312.094452 146 tfrt_cpu_pjrt_client.cc:349] TfrtCpuClient created. app-1 | [info] Detected running on primary. No local replication to track. app-1 | [info] Running AlgoraWeb.Endpoint with cowboy 2.10.0 at 0.0.0.0:4000 (http) app-1 | [info] Access AlgoraWeb.Endpoint at http://localhost:4000 app-1 | [info] Running AlgoraWeb.Embed.Endpoint with cowboy 2.10.0 at 0.0.0.0:4001 (http) app-1 | [info] Access AlgoraWeb.Embed.Endpoint at http://localhost:4001 app-1 | [watch] build finished, watching for changes... app-1 | app-1 | Rebuilding... app-1 | app-1 | Done in 15731ms. ```
zcesur commented 2 months ago

Hey David, the only way to authenticate right now is to create a GitHub OAuth app (takes less than a minute) with

Homepage URL: http://localhost:4000 Authorization callback URL: http://localhost:4000/oauth/callbacks/github

and then set GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET to your app's values inside your .env file

onyedikachi-david commented 2 months ago

Should I create a pull request for the dev setup i used for run locally? It was really difficult to come up with a local dev setup. Skill issue though :) @zcesur. I also will be closing this pull request; I'm creating another.

zcesur commented 2 months ago

Sounds good. Was there anything in particular that gave you trouble? Are you running a docker based setup now or a bare mix based one? Feel free to submit your setup, would love to make it easier to contribute!

onyedikachi-david commented 2 months ago

Sounds good. Was there anything in particular that gave you trouble? Are you running a docker based setup now or a bare mix based one? Feel free to submit your setup, would love to make it easier to contribute!

A docker based set-up. I'm thinking of making it a devcontainer...

onyedikachi-david commented 2 months ago

I can't remember all the errors I had then.