vanja/feishin
1
0
Fork 0
mirror of https://github.com/jeffvli/feishin.git synced 2026-05-07 04:20:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

check authentication for all servers on initialization and update permission roles

Browse Source
This commit is contained in:
jeffvli
2025-12-07 17:53:26 -08:00
parent 4ddada1fe3
commit c82762a3fc
10 changed files with 283 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/renderer/api/controller.ts
+14
View File
@@ -586,6 +586,20 @@ export const controller: GeneralController = {
server.type,
)?.({ ...args, apiClientProps: { ...args.apiClientProps, server } });
},
getUserInfo(args) {
const server = getServerById(args.apiClientProps.serverId);
if (!server) {
throw new Error(
`${i18n.t('error.apiRouteError', { postProcess: 'sentenceCase' })}: getUserInfo`,
);
}
return apiController(
'getUserInfo',
server.type,
)?.({ ...args, apiClientProps: { ...args.apiClientProps, server } });
},
getUserList(args) {
const server = getServerById(args.apiClientProps.serverId);
src/renderer/api/jellyfin/jellyfin-api.ts
+8
View File
@@ -247,6 +247,14 @@ export const contract = c.router({
400: jfType._response.error,
},
},
getUser: {
method: 'GET',
path: 'users/:id',
responses: {
200: jfType._response.user,
400: jfType._response.error,
},
},
movePlaylistItem: {
body: null,
method: 'POST',
src/renderer/api/jellyfin/jellyfin-controller.ts
+19
View File
@@ -1127,6 +1127,25 @@ export const JellyfinController: InternalControllerEndpoint = {
totalRecordCount: res.body.TotalRecordCount,
};
},
getUserInfo: async (args) => {
const { apiClientProps, query } = args;
const res = await jfApiClient(apiClientProps).getUser({
params: {
id: query.id,
},
});
if (res.status !== 200) {
throw new Error('Failed to get user info');
}
return {
id: res.body.Id,
isAdmin: Boolean(res.body.Policy.IsAdministrator),
name: res.body.Name,
};
},
movePlaylistItem: async (args) => {
const { apiClientProps, query } = args;
src/renderer/api/navidrome/navidrome-controller.ts
+1
View File
@@ -699,6 +699,7 @@ export const NavidromeController: InternalControllerEndpoint = {
};
},
getTopSongs: SubsonicController.getTopSongs,
getUserInfo: SubsonicController.getUserInfo,
getUserList: async (args) => {
const { apiClientProps, query } = args;
src/renderer/api/subsonic/subsonic-api.ts
+8
View File
@@ -204,6 +204,14 @@ export const contract = c.router({
200: ssType._response.topSongsList,
},
},
getUser: {
method: 'GET',
path: 'getUser.view',
query: ssType._parameters.user,
responses: {
200: ssType._response.user,
},
},
ping: {
method: 'GET',
path: 'ping.view',
src/renderer/api/subsonic/subsonic-controller.ts
+20 -2
View File
@@ -144,7 +144,7 @@ export const SubsonicController: InternalControllerEndpoint = {
return {
credential,
isAdmin: resp.body.user.adminRoles,
isAdmin: Boolean(resp.body.user.adminRole),
userId: resp.body.user.username,
username: body.username,
};
@@ -1472,6 +1472,25 @@ export const SubsonicController: InternalControllerEndpoint = {
totalRecordCount: res.body.topSongs?.song?.length || 0,
};
},
getUserInfo: async (args) => {
const { apiClientProps, query } = args;
const res = await ssApiClient(apiClientProps).getUser({
query: {
id: query.id,
},
});
if (res.status !== 200) {
throw new Error('Failed to get user info');
}
return {
id: res.body.user.username,
isAdmin: Boolean(res.body.user.adminRole),
name: res.body.user.username,
};
},
removeFromPlaylist: async ({ apiClientProps, query }) => {
const res = await ssApiClient(apiClientProps).updatePlaylist({
query: {
@@ -1583,7 +1602,6 @@ export const SubsonicController: InternalControllerEndpoint = {
return null;
},
search: async (args) => {
const { apiClientProps, query } = args;
src/renderer/hooks/use-server-authenticated.ts
+180 -38
View File
@@ -4,75 +4,217 @@ import { useCallback, useEffect, useRef, useState } from 'react';
import { api } from '/@/renderer/api';
import { getServerById, useAuthStoreActions, useCurrentServer } from '/@/renderer/store';
import { LogCategory, logFn } from '/@/renderer/utils/logger';
import { logMsg } from '/@/renderer/utils/logger-message';
import { toast } from '/@/shared/components/toast/toast';
import { SongListSort, SortOrder } from '/@/shared/types/domain-types';
import { AuthState, ServerListItem, ServerType } from '/@/shared/types/types';
import { AuthState } from '/@/shared/types/types';
const localSettings = isElectron() ? window.api.localSettings : null;
export const useServerAuthenticated = () => {
const priorServerId = useRef<string | undefined>(undefined);
const server = useCurrentServer();
const [ready, setReady] = useState(
server?.type === ServerType.NAVIDROME ? AuthState.VALID : AuthState.VALID,
);
const [ready, setReady] = useState(AuthState.VALID);
const { updateServer } = useAuthStoreActions();
const { setCurrentServer, updateServer } = useAuthStoreActions();
const authenticateNavidrome = useCallback(
async (server: ServerListItem) => {
// This trick works because navidrome-api.ts will internally check for authentication
// failures and try to log in again (where available). So, all that's necessary is
// making one request first
const authenticateServer = useCallback(
async (serverWithAuth: NonNullable<ReturnType<typeof getServerById>>) => {
try {
await api.controller.getSongList({
apiClientProps: { serverId: server?.id || '' },
query: {
limit: 1,
sortBy: SongListSort.NAME,
sortOrder: SortOrder.ASC,
startIndex: 0,
setReady(AuthState.LOADING);
// Use userId if available, otherwise fall back to username (for Subsonic/Navidrome)
const userId = serverWithAuth.userId || serverWithAuth.username;
if (!userId) {
throw new Error('No user ID or username available');
}
// First, try getUserInfo to check if current credentials are still valid
logFn.info(logMsg[LogCategory.SYSTEM].authenticatingServer, {
category: LogCategory.SYSTEM,
meta: {
method: 'getUserInfo',
serverId: serverWithAuth.id,
serverName: serverWithAuth.name,
serverType: serverWithAuth.type,
},
});
setReady(AuthState.VALID);
try {
const userInfo = await api.controller.getUserInfo({
apiClientProps: {
serverId: serverWithAuth.id,
},
query: {
id: userId,
},
});
if (!userInfo) {
throw new Error('Failed to get user info');
}
// Update server with user info (in case isAdmin changed)
updateServer(serverWithAuth.id, {
isAdmin: userInfo.isAdmin,
});
logFn.info(logMsg[LogCategory.SYSTEM].serverAuthenticationSuccess, {
category: LogCategory.SYSTEM,
meta: {
isAdmin: userInfo.isAdmin,
method: 'getUserInfo',
serverId: serverWithAuth.id,
serverName: serverWithAuth.name,
serverType: serverWithAuth.type,
userId: userInfo.id,
},
});
setReady(AuthState.VALID);
return;
} catch (getUserInfoError: any) {
// Check if it's a forbidden/authentication error (401 or 403)
const isForbiddenError =
getUserInfoError?.response?.status === 401 ||
getUserInfoError?.response?.status === 403 ||
getUserInfoError?.message?.toLowerCase().includes('forbidden') ||
getUserInfoError?.message?.toLowerCase().includes('unauthorized');
// Only reauthenticate if it's a forbidden error AND password is saved
if (isForbiddenError && serverWithAuth.savePassword && localSettings) {
const password = await localSettings.passwordGet(serverWithAuth.id);
if (password) {
logFn.info(logMsg[LogCategory.SYSTEM].authenticatingServer, {
category: LogCategory.SYSTEM,
meta: {
method: 'authenticate',
reason: 'getUserInfo failed with forbidden error',
serverId: serverWithAuth.id,
serverName: serverWithAuth.name,
serverType: serverWithAuth.type,
url: serverWithAuth.url,
},
});
// Authenticate using the API controller
const authData = await api.controller.authenticate(
serverWithAuth.url,
{
legacy: false,
password,
username: serverWithAuth.username,
},
serverWithAuth.type,
);
if (!authData) {
throw new Error('Authentication failed: No data returned');
}
// Update server with new credentials
const updatedServer = {
credential: authData.credential,
isAdmin: authData.isAdmin,
userId: authData.userId,
username: authData.username,
...(authData.ndCredential !== undefined && {
ndCredential: authData.ndCredential,
}),
};
updateServer(serverWithAuth.id, updatedServer);
logFn.info(logMsg[LogCategory.SYSTEM].serverAuthenticationSuccess, {
category: LogCategory.SYSTEM,
meta: {
isAdmin: authData.isAdmin,
method: 'authenticate',
serverId: serverWithAuth.id,
serverName: serverWithAuth.name,
serverType: serverWithAuth.type,
userId: authData.userId,
username: authData.username,
},
});
setReady(AuthState.VALID);
return;
}
}
// If not a forbidden error, or no password saved, rethrow the error
throw getUserInfoError;
}
} catch (error) {
// Clear server credentials (and saved password).
if (server.savePassword && localSettings) {
localSettings.passwordRemove(server.id);
const errorMessage = (error as Error).message || 'Authentication failed';
logFn.error(logMsg[LogCategory.SYSTEM].serverAuthenticationFailed, {
category: LogCategory.SYSTEM,
meta: {
error: errorMessage,
serverId: serverWithAuth.id,
serverName: serverWithAuth.name,
serverType: serverWithAuth.type,
},
});
// Clear server credentials and saved password on failure
if (serverWithAuth.savePassword && localSettings) {
localSettings.passwordRemove(serverWithAuth.id);
}
server.credential = '';
updateServer(server.id, server);
toast.error({ message: (error as Error).message });
toast.error({
message: errorMessage,
});
// Log the user out by setting current server to null
setCurrentServer(null);
setReady(AuthState.INVALID);
}
},
[updateServer],
[updateServer, setCurrentServer],
);
const debouncedAuth = debounce((server: ServerListItem) => {
authenticateNavidrome(server).catch(console.error);
}, 300);
const debouncedAuth = debounce(
(serverWithAuth: NonNullable<ReturnType<typeof getServerById>>) => {
authenticateServer(serverWithAuth).catch(console.error);
},
300,
);
useEffect(() => {
if (!server) {
logFn.debug(logMsg[LogCategory.SYSTEM].serverAuthenticationInvalid, {
category: LogCategory.SYSTEM,
meta: {
reason: 'No server selected',
},
});
setReady(AuthState.INVALID);
return;
}
if (priorServerId.current !== server?.id) {
const serverWithAuth = getServerById(server!.id);
priorServerId.current = server?.id || '';
if (priorServerId.current !== server.id) {
const serverWithAuth = getServerById(server.id);
priorServerId.current = server.id;
if (server?.type === ServerType.NAVIDROME) {
setReady(AuthState.LOADING);
debouncedAuth(serverWithAuth!);
} else {
setReady(AuthState.VALID);
if (!serverWithAuth) {
logFn.error(logMsg[LogCategory.SYSTEM].serverAuthenticationError, {
category: LogCategory.SYSTEM,
meta: {
reason: 'Server not found in store',
serverId: server.id,
},
});
setReady(AuthState.INVALID);
return;
}
setReady(AuthState.LOADING);
debouncedAuth(serverWithAuth);
}
}, [debouncedAuth, server]);
src/renderer/utils/logger-message.ts
+8 -1
View File
@@ -66,5 +66,12 @@ export const logMsg = {
scrobbledTimeupdate: 'Scrobbled a timeupdate event',
scrobbledUnpause: 'Scrobbled an unpause event',
},
[LogCategory.SYSTEM]: {},
[LogCategory.SYSTEM]: {
authenticatingServer: 'Authenticating server',
serverAuthenticationAborted: 'Server authentication aborted',
serverAuthenticationError: 'Server authentication error',
serverAuthenticationFailed: 'Server authentication failed',
serverAuthenticationInvalid: 'Server authentication invalid',
serverAuthenticationSuccess: 'Server authentication successful',
},
};
src/shared/api/subsonic/subsonic-types.ts
+10 -2
View File
@@ -7,9 +7,13 @@ const baseResponse = z.object({
}),
});
const authenticate = z.object({
const userParameters = z.object({
id: z.string(),
});
const user = z.object({
user: z.object({
adminRoles: z.boolean(),
adminRole: z.boolean(),
commentRole: z.boolean(),
coverArtRole: z.boolean(),
downloadRole: z.boolean(),
@@ -26,6 +30,8 @@ const authenticate = z.object({
}),
});
const authenticate = user;
const authenticateParameters = z.object({
c: z.string(),
f: z.string(),
@@ -641,6 +647,7 @@ export const ssType = {
structuredLyrics: structuredLyricsParameters,
topSongsList: topSongsListParameters,
updatePlaylist: updatePlaylistParameters,
user: userParameters,
},
_response: {
album,
@@ -683,5 +690,6 @@ export const ssType = {
song,
structuredLyrics,
topSongsList,
user,
},
};
src/shared/types/domain-types.ts
+15 -1
View File
@@ -1276,7 +1276,6 @@ export type ControllerEndpoint = {
getAlbumInfo?: (args: AlbumDetailArgs) => Promise<AlbumInfo>;
getAlbumList: (args: AlbumListArgs) => Promise<AlbumListResponse>;
getAlbumListCount: (args: AlbumListCountArgs) => Promise<number>;
// getArtistInfo?: (args: any) => void;
getArtistList: (args: ArtistListArgs) => Promise<ArtistListResponse>;
getArtistListCount: (args: ArtistListCountArgs) => Promise<number>;
getDownloadUrl: (args: DownloadArgs) => string;
@@ -1299,6 +1298,8 @@ export type ControllerEndpoint = {
getStructuredLyrics?: (args: StructuredLyricsArgs) => Promise<StructuredLyric[]>;
getTagList?: (args: TagListArgs) => Promise<TagListResponse>;
getTopSongs: (args: TopSongListArgs) => Promise<TopSongListResponse>;
// getArtistInfo?: (args: any) => void;
getUserInfo: (args: UserInfoArgs) => Promise<UserInfoResponse>;
getUserList?: (args: UserListArgs) => Promise<UserListResponse>;
movePlaylistItem?: (args: MoveItemArgs) => Promise<void>;
removeFromPlaylist: (args: RemoveFromPlaylistArgs) => Promise<RemoveFromPlaylistResponse>;
@@ -1393,6 +1394,7 @@ export type InternalControllerEndpoint = {
) => Promise<StructuredLyric[]>;
getTagList?: (args: ReplaceApiClientProps<TagListArgs>) => Promise<TagListResponse>;
getTopSongs: (args: ReplaceApiClientProps<TopSongListArgs>) => Promise<TopSongListResponse>;
getUserInfo: (args: ReplaceApiClientProps<UserInfoArgs>) => Promise<UserInfoResponse>;
getUserList?: (args: ReplaceApiClientProps<UserListArgs>) => Promise<UserListResponse>;
movePlaylistItem?: (args: ReplaceApiClientProps<MoveItemArgs>) => Promise<void>;
removeFromPlaylist: (
@@ -1509,6 +1511,18 @@ export type TagListResponse = {
};
};
export type UserInfoArgs = BaseEndpointArgs & { query: UserInfoQuery };
export type UserInfoQuery = {
id: string;
};
export type UserInfoResponse = {
id: string;
isAdmin: boolean;
name: string;
};
type BaseEndpointArgsWithServer = {
apiClientProps: {
server: null | ServerListItemWithCredential;