1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2024-11-13 22:00:10 +00:00
Commit Graph

39 Commits

Author SHA1 Message Date
f4a7238110
bump mediabrowser version, always verbose
always enable jf.Verbose, because it really should be.
2024-08-29 14:30:16 +01:00
711b817cff
auth: add note for self about secure cookies 2024-08-24 15:25:08 +01:00
b2771e6cc5
auth: source cookie hostname from jfa_url
instead of just applying the cookie to the hostname you accessed jfa-go
on, it is applied to the one you set in jfa-go. The result is you'll
have to login twice if you access on localhost:8056 instead
of accounts.jellyf.in.
2024-08-13 20:39:06 +01:00
69569e556a
matrix: working E2EE, on by default
mautrix-go now include a cryptohelper package, which solves all my
issues and just works. the setting is now on by default, however
packages are not yet built with it.
2024-08-10 19:31:54 +01:00
2310130e6b
api clients: return data, error, no status
jellyseerr already did this, but it's been standardised a little more.

Mediabrowser uses it's own genericErr function and error types due to
being a separate package, while jellyseerr and ombi now share errors
defined in common/.
2024-08-06 14:48:31 +01:00
711394232b
logmessages: all log strings in one file
EXCEPT: migrations.go, log strings there aren't gonna be repeated
anywhere else, are very specific, and will probably change a lot.
2024-08-01 20:17:05 +01:00
f823705e40
ips: log on activities, show on card 2023-12-23 21:47:41 +00:00
269836fc99
ips: add advanced settings for ip logging 2023-12-23 21:00:32 +00:00
kimboslice99
04c94ba55a Log IPs 2023-12-23 13:09:49 -05:00
cb5a8c1c23
accounts: position filter dropdown better for mobile 2023-12-22 17:46:57 +00:00
68004e1d34
storage: user set/get methods for contact method access
Get/GetKey/SetKey/DeleteKey methods are used for access to
email/discord/telegram/matrix, everywhere. Mutex added for each, avoids
concurrent read/write issues. Will also make potential transition to
database easier.
2023-06-20 12:19:24 +01:00
75dc9d4d1d
userpage: store refresh token separately
stored as "user-refresh" fixes weird issues when two accounts are logged
in.
2023-06-18 12:30:23 +01:00
3e034c85d6
auth: provide error message if account is disabled 2023-06-17 13:57:48 +01:00
81372d6a6b
auth: fix "ok" issue
the "ok" returned when the JWT claims are read was being overridden with
"false" before it could be checked.
2023-06-15 21:59:34 +01:00
918f8816c5
auth: slight refactor, setup user auth
user-auth.go contains slightly adjusted versions of auth.go functions,
for authorizing jellyfin users (admin or not). Refactored auth.go so that
most code is shared. User auth isn't hooked up yet, nor has it been
tested.
2023-06-15 21:32:18 +01:00
6448a7db9e
accounts: allow giving individual users jfa-go access
New "Access jfa-go" column allows you to select users for jfa-go access.
New "Allow All" setting allows all Jellyfin users access, as disabling
"Admin Only" no longer does this.
2022-01-09 19:37:17 +00:00
4fcba32f74
apidocs: re-version, set up for hosted ui
swagger.json is uploaded after each build, and is hosted at
api.jfa-go.com.
2021-11-15 00:19:52 +00:00
5b319d6612
auth: int for refresh token as well 2021-08-22 15:00:20 +01:00
626d623841
auth: don't store jwt expiry as string
caused the jwt library to class all tokens as invalid, now stored as
int64 and converted into a float64 by the library.
2021-08-22 14:13:44 +01:00
1a6b0d2b6e
upgrade vulnerable deps
upgrade gin and switch dgrijalva/jwt-go to golang-jwt/jwt.
2021-07-27 10:08:01 +01:00
78157f763f
use different color library, wrap logger functions with it 2021-02-19 16:12:14 +00:00
76fa171575
cleanup logs and use structs in jf/emby api
Also means times are directly parsed when pulling data from jf/emby,
which was *painful* to get working (something broke the whole program and it
took me an hour to figure out it was this lol). Time parsing should be a
lot stabler too.
2021-02-19 00:47:01 +00:00
b6f3cd7c1f
dont re-b64 the jwt
pointless, and messed up swagger auth.
2020-11-12 21:25:52 +00:00
d64e98da37
use Bearer auth instead of Basic
this was a relic from the python version, i'd modeled the auth code off
some random blog post back then.
2020-11-12 21:05:46 +00:00
c84ea17af4
refactor; separate jfapi and ombi into modules 2020-11-02 00:53:08 +00:00
9f6e405d1c
Add auth and tags to swagger 2020-09-24 18:50:03 +01:00
b6537cef65
Add basic swagger documentation
accessible by running with -swagger. Accessible at /swagger/index.html.
Currently doesn't have authentication setup, so no requests will work.
2020-09-24 17:51:13 +01:00
d12335bb4a
cleaned up auth 2020-08-23 14:59:07 +01:00
0e39b2b699
remove debug fmt.Printlns 2020-08-20 20:35:50 +01:00
ee3b421566
Fixed flaw with jellyfin_login; store refresh token in cookies
with jellyfin_login enabled, the username and password vals in the User
struct would be "". If you disabled 'required' on the login form, blank
username and password would allow you in.
2020-08-20 20:20:31 +01:00
d144077e62
Add refresh tokens for persistent login, logout button
the main JWT is stored temporarily, whereas the refresh token is stored
as a cookie and can only be used to obtain a new main token. Logout
button adds token to blocklist internally and deletes JWT and refresh
token from browser storage.
2020-08-19 22:30:54 +01:00
6781316474
provide error message on login and display it nicely
server now provides a reason for login fail to the web ui, and displays
it inside the login button, which looks a lot nicer than the previously
used error box.
2020-08-19 14:50:16 +01:00
daf190f68b
Avoid panic on invalid password with jellyfin_login
jfId was assigned too early, before checking errors.
Also, handle 400 as well as 401 from jellyfin as an invalid password.
2020-08-19 14:36:15 +01:00
fd766e7b1a
use app identifier instead of ctx
changing this because ctx is commonly used with the context package.
2020-08-16 13:36:54 +01:00
4e16f6fd48 make checkInvite check only one invite, invite daemon
checkInvite no longer loops over all invites and checks for expiry, that
functionality has moved to checkInvites. Couple more rogue print
statements removed aswell.
2020-08-01 15:22:30 +01:00
dba20bd3ea Add auth & gin logging, fixed dummy logger 2020-08-01 14:08:55 +01:00
326b274329 Settings functional, start adding logging
Modifying settings also formats it nicely, as a bonus.
Also we using shortuuid instead of normal uuidv4 now because its the same
length as what I used in the python version.
2020-07-31 22:07:09 +01:00
961b9afa75 Functioning user creation, notifications,
Fixed password validation for new users, add invite route, couple other
fixes.
2020-07-31 12:48:37 +01:00
d8fb6e5613 first 2020-07-29 22:11:28 +01:00