From 42d7b1d72407f8e6c9feeabe06852ad38b3d8a5d Mon Sep 17 00:00:00 2001
From: Ryan G <78384369+SpongeManiac@users.noreply.github.com>
Date: Tue, 13 Jun 2023 16:14:19 -0700
Subject: [PATCH] Fixed Routing

Mistakes were made
---
 src/invidious/helpers/tokens.cr | 14 +++++---------
 src/invidious/routing.cr        |  7 +++----
 2 files changed, 8 insertions(+), 13 deletions(-)

diff --git a/src/invidious/helpers/tokens.cr b/src/invidious/helpers/tokens.cr
index 71b14040..f125a487 100644
--- a/src/invidious/helpers/tokens.cr
+++ b/src/invidious/helpers/tokens.cr
@@ -86,11 +86,12 @@ def validate_request(token, session, request, key, locale = nil)
   end
 
   scopes = token["scopes"].as_a.map(&.as_s)
-  scope = ""
   if request.path.includes?("auth")
     scope = "#{request.method}:#{request.path.lchop("/api/v1/auth/").lstrip("/")}"
+  elsif request.path.includes?("v1")
+    scope = "#{request.method}:#{request.path.lchop("/api/v1/").lstrip("/")}"
   else
-    scope = "#{request.method}::#{request.path.lchop("/api/v1/").lstrip("/")}"
+    scope = "#{request.method}:#{request.path.lstrip("/")}"
   end
   if !scopes_include_scope(scopes, scope)
     raise InfoException.new("Invalid scope")
@@ -112,16 +113,11 @@ def validate_request(token, session, request, key, locale = nil)
 end
 
 def scope_includes_scope(scope, subset)
-  if scope.includes?("::")
-    methods, endpoint = scope.split("::")
-    subset_methods, subset_endpoint = subset.split("::")
-  else
-    methods, endpoint = scope.split(":")
-    subset_methods, subset_endpoint = subset.split(":")
-  end
+  methods, endpoint = scope.split(":")
   methods = methods.split(";").map(&.upcase).reject(&.empty?).sort!
   endpoint = endpoint.downcase
 
+  subset_methods, subset_endpoint = subset.split(":")
   subset_methods = subset_methods.split(";").map(&.upcase).sort!
   subset_endpoint = subset_endpoint.downcase
 
diff --git a/src/invidious/routing.cr b/src/invidious/routing.cr
index 25c8330a..4f7d0d5e 100644
--- a/src/invidious/routing.cr
+++ b/src/invidious/routing.cr
@@ -245,10 +245,9 @@ module Invidious::Routing
       get "/api/v1/hashtag/:hashtag", {{namespace}}::Search, :hashtag
 
       # Authentication
-      post "/api/v1/register", {{namespace}}::Authentication, :register
-      post "/api/v1/captcha", {{namespace}}::Authentication, :captcha
-      post "/api/v1/login", {{namespace}}::Authentication, :login
-      post "/api/v1/signout", {{namespace}}::Authentication, :signout
+      post "/api/v1/register", {{namespace}}::Authentication, :api_register
+      post "/api/v1/login", {{namespace}}::Authentication, :api_login
+      post "/api/v1/signout", {{namespace}}::Authentication, :api_signout
 
       # Authenticated