joshpatra/allstarr
1
0
Fork 0
mirror of https://github.com/SoPat712/allstarr.git synced 2026-02-09 23:55:10 -05:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

refactor: make authentication truly transparent proxy

Browse Source 
- Pass through ALL Jellyfin responses (success and error) without modification
- Move session capabilities posting to background task (don't block auth response)
- Remove generic error fallbacks - always return Jellyfin's actual response
- Simplify logic: if Jellyfin returns a response, pass it through; if not, return status code only
This commit is contained in:
Josh Patra
2026-02-07 11:45:16 -05:00
parent d88ed64e37
commit da8cb29e08
1 changed files with 47 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
allstarr/Controllers/JellyfinController.cs
View File

@@ -1830,61 +1830,64 @@ public class JellyfinController : ControllerBase
_logger.LogInformation("Authentication request received");
// DO NOT log request body or detailed headers - contains password
// Forward to Jellyfin server with client headers
// Forward to Jellyfin server with client headers - completely transparent proxy
var (result, statusCode) = await _proxyService.PostJsonAsync("Users/AuthenticateByName", body, Request.Headers);
if (statusCode != 200)
// Pass through Jellyfin's response exactly as-is (transparent proxy)
if (result != null)
{
_logger.LogWarning("Authentication failed - status {StatusCode}", statusCode);
var responseJson = result.RootElement.GetRawText();
// Pass through Jellyfin's error response if available
if (result != null)
// On successful auth, post session capabilities in background
if (statusCode == 200)
{
return StatusCode(statusCode, result.RootElement.GetRawText());
}
// Fallback to generic error if no response body
if (statusCode == 401)
{
return Unauthorized(new { error = "Invalid username or password" });
}
return StatusCode(statusCode, new { error = "Authentication failed" });
}
_logger.LogInformation("Authentication successful");
// Post session capabilities immediately after authentication
// This ensures Jellyfin creates a session that will show up in the dashboard
try
{
_logger.LogInformation("🔧 Posting session capabilities after authentication");
var capabilities = new
{
PlayableMediaTypes = new[] { "Audio" },
SupportedCommands = Array.Empty<string>(),
SupportsMediaControl = false,
SupportsPersistentIdentifier = true,
SupportsSync = false
};
var capabilitiesJson = JsonSerializer.Serialize(capabilities);
var (capResult, capStatus) = await _proxyService.PostJsonAsync("Sessions/Capabilities/Full", capabilitiesJson, Request.Headers);
if (capStatus == 204 || capStatus == 200)
{
_logger.LogInformation("✓ Session capabilities posted after auth ({StatusCode})", capStatus);
_logger.LogInformation("Authentication successful, posting session capabilities in background");
// Don't await - do this in background so we return auth response immediately
_ = Task.Run(async () =>
{
try
{
_logger.LogInformation("🔧 Posting session capabilities after authentication");
var capabilities = new
{
PlayableMediaTypes = new[] { "Audio" },
SupportedCommands = Array.Empty<string>(),
SupportsMediaControl = false,
SupportsPersistentIdentifier = true,
SupportsSync = false
};
var capabilitiesJson = JsonSerializer.Serialize(capabilities);
var (capResult, capStatus) = await _proxyService.PostJsonAsync("Sessions/Capabilities/Full", capabilitiesJson, Request.Headers);
if (capStatus == 204 || capStatus == 200)
{
_logger.LogInformation("✓ Session capabilities posted after auth ({StatusCode})", capStatus);
}
else
{
_logger.LogWarning("⚠ Session capabilities returned {StatusCode} after auth", capStatus);
}
}
catch (Exception ex)
{
_logger.LogWarning(ex, "Failed to post session capabilities after auth");
}
});
}
else
{
_logger.LogWarning("⚠ Session capabilities returned {StatusCode} after auth", capStatus);
_logger.LogWarning("Authentication failed - status {StatusCode}", statusCode);
}
}
catch (Exception ex)
{
_logger.LogWarning(ex, "Failed to post session capabilities after auth, continuing anyway");
// Return Jellyfin's exact response
return Content(responseJson, "application/json");
}
return Content(result.RootElement.GetRawText(), "application/json");
// No response body from Jellyfin - return status code only
_logger.LogWarning("Authentication request returned {StatusCode} with no response body", statusCode);
return StatusCode(statusCode);
}
catch (Exception ex)
{