add LEGACY_AUTH env variable (#1473)

README.md

@@ -62,18 +62,21 @@ For media keys to work, you will be prompted to allow Feishin to be a Trusted Ac
 We provide a small install script to download the latest `.AppImage`, make it executable, and also download the icons required by Desktop Environments. Finally, it generates a `.desktop` file to add Feishin to your Application Launcher.
 
 Simply run the installer like this:
+
 ```sh
 dir=/your/application/directory
 curl 'https://raw.githubusercontent.com/jeffvli/feishin/refs/heads/development/install-feishin-appimage' | sh -s -- "$dir"
 ```
 
 The script also has an option to add launch arguments to run Feishin in native Wayland mode. Note that this is experimental in Electron and therefore not officially supported. If you want to use it, run this instead:
+
 ```sh
 dir=/your/application/directory
 curl 'https://raw.githubusercontent.com/jeffvli/feishin/refs/heads/development/install-feishin-appimage' | sh -s -- "$dir" wayland-native
 ```
 
 It also provides a simple uninstall routine, removing the downloaded files:
+
 ```sh
 dir=/your/application/directory
 curl 'https://raw.githubusercontent.com/jeffvli/feishin/refs/heads/development/install-feishin-appimage' | sh -s -- "$dir" remove
@@ -111,6 +114,7 @@ services:
             - SERVER_LOCK=true # When true AND name/type/url are set, only username/password can be toggled
             - SERVER_TYPE=jellyfin # the allowed types are: jellyfin, navidrome, subsonic. These values are case insensitive
             - SERVER_URL= # http://address:port or https://address:port
+            - LEGACY_AUTHENTICATION=false # When SERVER_LOCK is true, sets the legacy (plaintext) authentication flag for Subsonic/OpenSubsonic servers
             - ANALYTICS_DISABLED=true # Set to true to disable Umami analytics tracking
         ports:
             - 9180:9180
@@ -128,7 +132,7 @@ services:
 
 3. _Optional_ - If you want to host Feishin on a subpath (not `/`), then pass in the following environment variable: `PUBLIC_PATH=PATH`. For example, to host on `/feishin`, pass in `PUBLIC_PATH=/feishin`.
 
-4. _Optional_ - To hard code the server url, pass the following environment variables: `SERVER_NAME`, `SERVER_TYPE` (one of `jellyfin` or `navidrome` or `subsonic`), `SERVER_URL`. To prevent users from changing these settings, pass `SERVER_LOCK=true`. This can only be set if all three of the previous values are set.
+4. _Optional_ - To hard code the server url, pass the following environment variables: `SERVER_NAME`, `SERVER_TYPE` (one of `jellyfin` or `navidrome` or `subsonic`), `SERVER_URL`. To prevent users from changing these settings, pass `SERVER_LOCK=true`. This can only be set if all three of the previous values are set. When `SERVER_LOCK=true`, you can also set `LEGACY_AUTHENTICATION=true` or `LEGACY_AUTHENTICATION=false` to configure the legacy authentication flag for the server (only applicable for Subsonic/OpenSubsonic servers).
 
 5. _Optional_ - To disable Umami analytics tracking in the Docker/web version, set the environment variable `ANALYTICS_DISABLED=true`. When enabled, the analytics script will not be loaded and all tracking will be disabled.
 

docker-compose.yaml

@@ -8,6 +8,7 @@ services:
             - SERVER_LOCK=true # When true AND name/type/url are set, only username/password can be toggled
             - SERVER_TYPE=jellyfin # the allowed types are: jellyfin, navidrome, subsonic. These values are case insensitive
             - SERVER_URL= # http://address:port or https://address:port
+            - LEGACY_AUTHENTICATION=false # When SERVER_LOCK is true, sets the legacyauth flag for server authentication (true or false)
         ports:
             - 9180:9180
             # Alternatively, to restrict to only localhost, - 127.0.0.1:9180:8190

settings.js.template

@@ -1 +1 @@
-"use strict";window.SERVER_URL="${SERVER_URL}";window.SERVER_NAME="${SERVER_NAME}";window.SERVER_TYPE="${SERVER_TYPE}";window.SERVER_LOCK=${SERVER_LOCK};window.ANALYTICS_DISABLED="${ANALYTICS_DISABLED}";
+"use strict";window.SERVER_URL="${SERVER_URL}";window.SERVER_NAME="${SERVER_NAME}";window.SERVER_TYPE="${SERVER_TYPE}";window.SERVER_LOCK=${SERVER_LOCK};window.LEGACY_AUTHENTICATION=${LEGACY_AUTHENTICATION};window.ANALYTICS_DISABLED="${ANALYTICS_DISABLED}";

src/preload/index.d.ts

@@ -7,6 +7,7 @@ declare global {
         api: PreloadApi;
         electron: ElectronAPI;
         queryLocalFonts?: () => Promise<Font[]>;
+        LEGACY_AUTHENTICATION?: boolean;
         SERVER_LOCK?: boolean;
         SERVER_NAME?: string;
         SERVER_TYPE?: ServerType;

src/preload/local-settings.ts

@@ -78,6 +78,10 @@ export const toServerType = (value?: string): null | string => {
 const SERVER_TYPE = toServerType(process.env.SERVER_TYPE);
 
 const env = {
+    LEGACY_AUTHENTICATION:
+        SERVER_TYPE !== null
+            ? process.env.LEGACY_AUTHENTICATION?.toLocaleLowerCase() === 'true'
+            : false,
     SERVER_LOCK:
         SERVER_TYPE !== null ? process.env.SERVER_LOCK?.toLocaleLowerCase() === 'true' : false,
     SERVER_NAME: process.env.SERVER_NAME ?? '',

src/renderer/features/login/routes/login-route.tsx

@@ -52,6 +52,7 @@ const LoginRoute = () => {
     const serverType = window.SERVER_TYPE ? toServerType(window.SERVER_TYPE) : null;
     const serverName = window.SERVER_NAME || '';
     const serverUrl = window.SERVER_URL || '';
+    const legacyAuth = isServerLock ? Boolean(window.LEGACY_AUTHENTICATION) || false : false;
 
     const config = [
         {
@@ -122,7 +123,7 @@ const LoginRoute = () => {
             const data: AuthenticationResponse | undefined = await authFunction(
                 serverUrl,
                 {
-                    legacy: false,
+                    legacy: legacyAuth,
                     password: values.password,
                     username: values.username,
                 },

src/renderer/features/servers/components/add-server-form.tsx

@@ -94,9 +94,12 @@ export const AddServerForm = ({ onCancel }: AddServerFormProps) => {
     const { addServer, setCurrentServer } = useAuthStoreActions();
     const { servers: discovered } = useAutodiscovery();
 
+    const isServerLock = Boolean(window.SERVER_LOCK) || false;
+    const legacyAuthDefault = isServerLock ? Boolean(window.LEGACY_AUTHENTICATION) || false : false;
+
     const form = useForm({
         initialValues: {
-            legacyAuth: false,
+            legacyAuth: legacyAuthDefault,
             name:
                 (localSettings ? localSettings.env.SERVER_NAME : window.SERVER_NAME) || 'My Server',
             password: '',
@@ -113,9 +116,6 @@ export const AddServerForm = ({ onCancel }: AddServerFormProps) => {
         },
     });
 
-    // server lock for web is only true if lock is true *and* all other properties are set
-    const isServerLock = Boolean(window.SERVER_LOCK) || false;
-
     const isSubmitDisabled = !form.values.name || !form.values.url || !form.values.username;
 
     const fillServerDetails = (server: DiscoveredServerItem) => {
@@ -308,6 +308,7 @@ export const AddServerForm = ({ onCancel }: AddServerFormProps) => {
                     )}
                     {form.values.type === ServerType.SUBSONIC && (
                         <Checkbox
+                            disabled={isServerLock}
                             label={t('form.addServer.input', {
                                 context: 'legacyAuthentication',
                                 postProcess: 'titleCase',

src/renderer/global.d.ts

@@ -1,6 +1,7 @@
 declare global {
     interface Window {
         ANALYTICS_DISABLED?: boolean | string;
+        LEGACY_AUTHENTICATION?: boolean;
         SERVER_LOCK?: boolean;
         SERVER_NAME?: string;
         SERVER_TYPE?: string;