1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2024-12-23 01:20:11 +00:00

Avoid panic on invalid password with jellyfin_login

jfId was assigned too early, before checking errors.
Also, handle 400 as well as 401 from jellyfin as an invalid password.
This commit is contained in:
Harvey Tindall 2020-08-19 14:36:15 +01:00
parent 56478e96c9
commit daf190f68b
Signed by: hrfee
GPG Key ID: BBC65952848FB1A2

View File

@ -94,9 +94,8 @@ func (app *appContext) GetToken(gc *gin.Context) {
var err error var err error
var user map[string]interface{} var user map[string]interface{}
user, status, err = app.authJf.authenticate(creds[0], creds[1]) user, status, err = app.authJf.authenticate(creds[0], creds[1])
jfId = user["Id"].(string)
if status != 200 || err != nil { if status != 200 || err != nil {
if status == 401 { if status == 401 || status == 400 {
app.info.Println("Auth failed: Invalid username and/or password") app.info.Println("Auth failed: Invalid username and/or password")
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
return return
@ -105,6 +104,7 @@ func (app *appContext) GetToken(gc *gin.Context) {
respond(500, "Jellyfin error", gc) respond(500, "Jellyfin error", gc)
return return
} else { } else {
jfId = user["Id"].(string)
if app.config.Section("ui").Key("admin_only").MustBool(true) { if app.config.Section("ui").Key("admin_only").MustBool(true) {
if !user["Policy"].(map[string]interface{})["IsAdministrator"].(bool) { if !user["Policy"].(map[string]interface{})["IsAdministrator"].(bool) {
app.debug.Printf("Auth failed: User \"%s\" isn't admin", creds[0]) app.debug.Printf("Auth failed: User \"%s\" isn't admin", creds[0])