* Basic JWT implementation
* Move JWT to UI_LOGIN mode and bring back SIMPLE_LOGIN as before
* Update server/src/main/kotlin/suwayomi/tachidesk/global/impl/util/Jwt.kt
Co-authored-by: Mitchell Syer <Syer10@users.noreply.github.com>
* Refresh: Update only access token
Co-authored-by: Mitchell Syer <Syer10@users.noreply.github.com>
* Implement JWT Audience
* Store JWT key
Generates the key on startup if not set
* Handle invalid Base64
* Make JWT expiry configurable
* Missing value parse
* Update server/src/main/kotlin/suwayomi/tachidesk/global/impl/util/Jwt.kt
Co-authored-by: Mitchell Syer <Syer10@users.noreply.github.com>
* Simplify Duration parsing
* JWT Protect Mutations
* JWT Protect Queries and Subscriptions
* JWT Protect v1 WebSockets
* WebSockets allow sending token via protocol header
* Also respect the `suwayomi-server-token` cookie
* JWT reduce default token expiry
* JWT Support cookie on WebSocket as well
* Lint
* Authenticate graphql subscription via connection_init payload
* WebView: Prefer explicit token over cookie
This hack was implemented because WebView sent `"null"` if no token was
supplied, just don't send a bad token, then we can do this properly
* WebView: Implement basic login dialog if no token supplied
---------
Co-authored-by: Mitchell Syer <Syer10@users.noreply.github.com>
Co-authored-by: schroda <50052685+schroda@users.noreply.github.com>
The update subscription emitted the full update status, which, depending on how big the status was, took forever because the graphql subscription does not support data loader batching, causing it to run into the n+1 problem