feat(jellyfinapi): switch to API tokens instead of auth tokens (#868)

* feat(jellyfinapi): create Jellyfin API key from admin user * fix(jellyfinapi): add migration script for Jellyfin API key * feat(jellyfinapi): use Jellyfin API key instead of admin auth token * fix(jellyfinapi): fix api key migration * feat(jellyfinapi): add API key field to Jellyfin settings * fix: move the API key field in the Jellyfin settings
2024-08-13 16:01:45 +02:00
parent 12f908de7f
commit bd4da6d5fc
13 changed files with 309 additions and 235 deletions
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@@ -324,7 +324,6 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
        jellyfinUsername: account.User.Name,
        jellyfinUserId: account.User.Id,
        jellyfinDeviceId: deviceId,
-        jellyfinAuthToken: account.AccessToken,
        permissions: Permission.ADMIN,
        avatar: account.User.PrimaryImageTag
          ? `${jellyfinHost}/Users/${account.User.Id}/Images/Primary/?tag=${account.User.PrimaryImageTag}&quality=90`
@@ -335,6 +334,14 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
        userType: UserType.JELLYFIN,
      });

+      // Create an API key on Jellyfin from this admin user
+      const jellyfinClient = new JellyfinAPI(
+        hostname,
+        account.AccessToken,
+        deviceId
+      );
+      const apiKey = await jellyfinClient.createApiToken('Jellyseerr');
+
      const serverName = await jellyfinserver.getServerName();

      settings.jellyfin.name = serverName;
@@ -343,6 +350,7 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
      settings.jellyfin.port = body.port ?? 8096;
      settings.jellyfin.urlBase = body.urlBase ?? '';
      settings.jellyfin.useSsl = body.useSsl ?? false;
+      settings.jellyfin.apiKey = apiKey;
      settings.save();
      startJobs();

@@ -366,10 +374,6 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
          jellyfinUsername: account.User.Name,
        }
      );
-      // Let's check if their authtoken is up to date
-      if (user.jellyfinAuthToken !== account.AccessToken) {
-        user.jellyfinAuthToken = account.AccessToken;
-      }
      // Update the users avatar with their jellyfin profile pic (incase it changed)
      if (account.User.PrimaryImageTag) {
        user.avatar = `${jellyfinHost}/Users/${account.User.Id}/Images/Primary/?tag=${account.User.PrimaryImageTag}&quality=90`;
@@ -421,7 +425,6 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
        jellyfinUsername: account.User.Name,
        jellyfinUserId: account.User.Id,
        jellyfinDeviceId: deviceId,
-        jellyfinAuthToken: account.AccessToken,
        permissions: settings.main.defaultPermissions,
        avatar: account.User.PrimaryImageTag
          ? `${jellyfinHost}/Users/${account.User.Id}/Images/Primary/?tag=${account.User.PrimaryImageTag}&quality=90`