app.UseProxyHost being enabled means app.ExternalDomain sometimes
returns a domain/IP with a port attached. This is now removed, so the
refresh cookie is set correctly.
added "Use reverse-proxy reported "Host" when possible" option, which
will prefer using the "Host" or "X-Forwarded-Host" values instead of
"External jfa-go URL" in the web app. To do so, app.ExternalDomain/URI
are now functions which take *gin.Context (the latter optionally). The
protocol for the request is determined from X-Forwarded-Proto(col), so
make sure your proxy includes it.
The wiki will have been updated to mention the new option.
it was being checked in the EmailAddress record, only set if Jellyfin
login is disabled, or "access jfa-go" is checked for a
non-Jellyfin-admin user in Accounts. Instead, i've factored out the
actual auth code into a "canAccessAdminPage"-ish function, which is
called for this too. Should fix#378.
instead of just applying the cookie to the hostname you accessed jfa-go
on, it is applied to the one you set in jfa-go. The result is you'll
have to login twice if you access on localhost:8056 instead
of accounts.jellyf.in.
mautrix-go now include a cryptohelper package, which solves all my
issues and just works. the setting is now on by default, however
packages are not yet built with it.
jellyseerr already did this, but it's been standardised a little more.
Mediabrowser uses it's own genericErr function and error types due to
being a separate package, while jellyseerr and ombi now share errors
defined in common/.
Get/GetKey/SetKey/DeleteKey methods are used for access to
email/discord/telegram/matrix, everywhere. Mutex added for each, avoids
concurrent read/write issues. Will also make potential transition to
database easier.
user-auth.go contains slightly adjusted versions of auth.go functions,
for authorizing jellyfin users (admin or not). Refactored auth.go so that
most code is shared. User auth isn't hooked up yet, nor has it been
tested.
New "Access jfa-go" column allows you to select users for jfa-go access.
New "Allow All" setting allows all Jellyfin users access, as disabling
"Admin Only" no longer does this.
Also means times are directly parsed when pulling data from jf/emby,
which was *painful* to get working (something broke the whole program and it
took me an hour to figure out it was this lol). Time parsing should be a
lot stabler too.
with jellyfin_login enabled, the username and password vals in the User
struct would be "". If you disabled 'required' on the login form, blank
username and password would allow you in.
the main JWT is stored temporarily, whereas the refresh token is stored
as a cookie and can only be used to obtain a new main token. Logout
button adds token to blocklist internally and deletes JWT and refresh
token from browser storage.
server now provides a reason for login fail to the web ui, and displays
it inside the login button, which looks a lot nicer than the previously
used error box.
checkInvite no longer loops over all invites and checks for expiry, that
functionality has moved to checkInvites. Couple more rogue print
statements removed aswell.
Modifying settings also formats it nicely, as a bonus.
Also we using shortuuid instead of normal uuidv4 now because its the same
length as what I used in the python version.
