From e7888a8d4be239b5485bb5314b2140e651200c8b Mon Sep 17 00:00:00 2001
From: RiX <rix1337@users.noreply.github.com>
Date: Wed, 1 Nov 2023 11:40:00 +0100
Subject: [PATCH] Private Invidious (#1)

* Update config.cr

* Update before_all.cr
---
 src/invidious/config.cr            | 1 +
 src/invidious/routes/before_all.cr | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/src/invidious/config.cr b/src/invidious/config.cr
index 429d9246..00b49c81 100644
--- a/src/invidious/config.cr
+++ b/src/invidious/config.cr
@@ -84,6 +84,7 @@ class Config
 
   # Used to tell Invidious it is behind a proxy, so links to resources should be https://
   property https_only : Bool?
+  property login_only : Bool?
   # HMAC signing key for CSRF tokens and verifying pubsub subscriptions
   property hmac_key : String = ""
   # Domain to be used for links to resources on the site where an absolute URL is required
diff --git a/src/invidious/routes/before_all.cr b/src/invidious/routes/before_all.cr
index 396840a4..ea1af277 100644
--- a/src/invidious/routes/before_all.cr
+++ b/src/invidious/routes/before_all.cr
@@ -122,5 +122,11 @@ module Invidious::Routes::BeforeAll
     end
 
     env.set "current_page", URI.encode_www_form(current_page)
+
+    unregistered_path_whitelist = {"/", "/login", "/licenses", "/privacy"}
+    if CONFIG.login_only && !env.get?("user") && !unregistered_path_whitelist.includes?(env.request.path)
+      env.response.headers["Location"] = "/login"
+      haltf env, status_code: 302
+    end
   end
 end