1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2025-01-10 10:20:11 +00:00
Commit Graph

29 Commits

Author SHA1 Message Date
68004e1d34
storage: user set/get methods for contact method access
Get/GetKey/SetKey/DeleteKey methods are used for access to
email/discord/telegram/matrix, everywhere. Mutex added for each, avoids
concurrent read/write issues. Will also make potential transition to
database easier.
2023-06-20 12:19:24 +01:00
75dc9d4d1d
userpage: store refresh token separately
stored as "user-refresh" fixes weird issues when two accounts are logged
in.
2023-06-18 12:30:23 +01:00
3e034c85d6
auth: provide error message if account is disabled 2023-06-17 13:57:48 +01:00
81372d6a6b
auth: fix "ok" issue
the "ok" returned when the JWT claims are read was being overridden with
"false" before it could be checked.
2023-06-15 21:59:34 +01:00
918f8816c5
auth: slight refactor, setup user auth
user-auth.go contains slightly adjusted versions of auth.go functions,
for authorizing jellyfin users (admin or not). Refactored auth.go so that
most code is shared. User auth isn't hooked up yet, nor has it been
tested.
2023-06-15 21:32:18 +01:00
6448a7db9e
accounts: allow giving individual users jfa-go access
New "Access jfa-go" column allows you to select users for jfa-go access.
New "Allow All" setting allows all Jellyfin users access, as disabling
"Admin Only" no longer does this.
2022-01-09 19:37:17 +00:00
4fcba32f74
apidocs: re-version, set up for hosted ui
swagger.json is uploaded after each build, and is hosted at
api.jfa-go.com.
2021-11-15 00:19:52 +00:00
5b319d6612
auth: int for refresh token as well 2021-08-22 15:00:20 +01:00
626d623841
auth: don't store jwt expiry as string
caused the jwt library to class all tokens as invalid, now stored as
int64 and converted into a float64 by the library.
2021-08-22 14:13:44 +01:00
1a6b0d2b6e
upgrade vulnerable deps
upgrade gin and switch dgrijalva/jwt-go to golang-jwt/jwt.
2021-07-27 10:08:01 +01:00
78157f763f
use different color library, wrap logger functions with it 2021-02-19 16:12:14 +00:00
76fa171575
cleanup logs and use structs in jf/emby api
Also means times are directly parsed when pulling data from jf/emby,
which was *painful* to get working (something broke the whole program and it
took me an hour to figure out it was this lol). Time parsing should be a
lot stabler too.
2021-02-19 00:47:01 +00:00
b6f3cd7c1f
dont re-b64 the jwt
pointless, and messed up swagger auth.
2020-11-12 21:25:52 +00:00
d64e98da37
use Bearer auth instead of Basic
this was a relic from the python version, i'd modeled the auth code off
some random blog post back then.
2020-11-12 21:05:46 +00:00
c84ea17af4
refactor; separate jfapi and ombi into modules 2020-11-02 00:53:08 +00:00
9f6e405d1c
Add auth and tags to swagger 2020-09-24 18:50:03 +01:00
b6537cef65
Add basic swagger documentation
accessible by running with -swagger. Accessible at /swagger/index.html.
Currently doesn't have authentication setup, so no requests will work.
2020-09-24 17:51:13 +01:00
d12335bb4a
cleaned up auth 2020-08-23 14:59:07 +01:00
0e39b2b699
remove debug fmt.Printlns 2020-08-20 20:35:50 +01:00
ee3b421566
Fixed flaw with jellyfin_login; store refresh token in cookies
with jellyfin_login enabled, the username and password vals in the User
struct would be "". If you disabled 'required' on the login form, blank
username and password would allow you in.
2020-08-20 20:20:31 +01:00
d144077e62
Add refresh tokens for persistent login, logout button
the main JWT is stored temporarily, whereas the refresh token is stored
as a cookie and can only be used to obtain a new main token. Logout
button adds token to blocklist internally and deletes JWT and refresh
token from browser storage.
2020-08-19 22:30:54 +01:00
6781316474
provide error message on login and display it nicely
server now provides a reason for login fail to the web ui, and displays
it inside the login button, which looks a lot nicer than the previously
used error box.
2020-08-19 14:50:16 +01:00
daf190f68b
Avoid panic on invalid password with jellyfin_login
jfId was assigned too early, before checking errors.
Also, handle 400 as well as 401 from jellyfin as an invalid password.
2020-08-19 14:36:15 +01:00
fd766e7b1a
use app identifier instead of ctx
changing this because ctx is commonly used with the context package.
2020-08-16 13:36:54 +01:00
4e16f6fd48 make checkInvite check only one invite, invite daemon
checkInvite no longer loops over all invites and checks for expiry, that
functionality has moved to checkInvites. Couple more rogue print
statements removed aswell.
2020-08-01 15:22:30 +01:00
dba20bd3ea Add auth & gin logging, fixed dummy logger 2020-08-01 14:08:55 +01:00
326b274329 Settings functional, start adding logging
Modifying settings also formats it nicely, as a bonus.
Also we using shortuuid instead of normal uuidv4 now because its the same
length as what I used in the python version.
2020-07-31 22:07:09 +01:00
961b9afa75 Functioning user creation, notifications,
Fixed password validation for new users, add invite route, couple other
fixes.
2020-07-31 12:48:37 +01:00
d8fb6e5613 first 2020-07-29 22:11:28 +01:00