mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-23 01:20:11 +00:00
Avoid panic on invalid password with jellyfin_login
jfId was assigned too early, before checking errors. Also, handle 400 as well as 401 from jellyfin as an invalid password.
This commit is contained in:
parent
56478e96c9
commit
daf190f68b
4
auth.go
4
auth.go
@ -94,9 +94,8 @@ func (app *appContext) GetToken(gc *gin.Context) {
|
|||||||
var err error
|
var err error
|
||||||
var user map[string]interface{}
|
var user map[string]interface{}
|
||||||
user, status, err = app.authJf.authenticate(creds[0], creds[1])
|
user, status, err = app.authJf.authenticate(creds[0], creds[1])
|
||||||
jfId = user["Id"].(string)
|
|
||||||
if status != 200 || err != nil {
|
if status != 200 || err != nil {
|
||||||
if status == 401 {
|
if status == 401 || status == 400 {
|
||||||
app.info.Println("Auth failed: Invalid username and/or password")
|
app.info.Println("Auth failed: Invalid username and/or password")
|
||||||
respond(401, "Unauthorized", gc)
|
respond(401, "Unauthorized", gc)
|
||||||
return
|
return
|
||||||
@ -105,6 +104,7 @@ func (app *appContext) GetToken(gc *gin.Context) {
|
|||||||
respond(500, "Jellyfin error", gc)
|
respond(500, "Jellyfin error", gc)
|
||||||
return
|
return
|
||||||
} else {
|
} else {
|
||||||
|
jfId = user["Id"].(string)
|
||||||
if app.config.Section("ui").Key("admin_only").MustBool(true) {
|
if app.config.Section("ui").Key("admin_only").MustBool(true) {
|
||||||
if !user["Policy"].(map[string]interface{})["IsAdministrator"].(bool) {
|
if !user["Policy"].(map[string]interface{})["IsAdministrator"].(bool) {
|
||||||
app.debug.Printf("Auth failed: User \"%s\" isn't admin", creds[0])
|
app.debug.Printf("Auth failed: User \"%s\" isn't admin", creds[0])
|
||||||
|
Loading…
Reference in New Issue
Block a user