mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-22 17:10:10 +00:00
Avoid panic on invalid password with jellyfin_login
jfId was assigned too early, before checking errors. Also, handle 400 as well as 401 from jellyfin as an invalid password.
This commit is contained in:
parent
56478e96c9
commit
daf190f68b
4
auth.go
4
auth.go
@ -94,9 +94,8 @@ func (app *appContext) GetToken(gc *gin.Context) {
|
||||
var err error
|
||||
var user map[string]interface{}
|
||||
user, status, err = app.authJf.authenticate(creds[0], creds[1])
|
||||
jfId = user["Id"].(string)
|
||||
if status != 200 || err != nil {
|
||||
if status == 401 {
|
||||
if status == 401 || status == 400 {
|
||||
app.info.Println("Auth failed: Invalid username and/or password")
|
||||
respond(401, "Unauthorized", gc)
|
||||
return
|
||||
@ -105,6 +104,7 @@ func (app *appContext) GetToken(gc *gin.Context) {
|
||||
respond(500, "Jellyfin error", gc)
|
||||
return
|
||||
} else {
|
||||
jfId = user["Id"].(string)
|
||||
if app.config.Section("ui").Key("admin_only").MustBool(true) {
|
||||
if !user["Policy"].(map[string]interface{})["IsAdministrator"].(bool) {
|
||||
app.debug.Printf("Auth failed: User \"%s\" isn't admin", creds[0])
|
||||
|
Loading…
Reference in New Issue
Block a user