homarr icon indicating copy to clipboard operation
homarr copied to clipboard

Published 20 hours ago verified publisher icon ajnart

Changed from username and password to api key for jellyfin

Open conner-replogle opened this issue 1 year ago • 10 comments

Category

Feature

Overview

Changed Jellyfin from username & password to api as some people wanted including myself. I am not aware of why this wasn't done at first, so let me know if this is breaking something or if there was a reason not to do this.

Related Issue

#1635

conner-replogle avatar Jan 14 '24 02:01 conner-replogle

Hi, thanks for the contribution. I think this is a nice idea - you're right that API keys should be the default. However, this isn't a good idea to implement it like this, as it will be a breaking change. It means, that every user will have to redo their setup. Many will just not bother with it.

One solution would be to have fields for username, password and API key, but currently, they are required. I'd suggest that we add the option to make fields required or optional in the widget definition. WDYT @Meierschlumpf @ajnart @Tagaishi

This way, the user could choose between API key and user / PW + existing installations wouldn't break.

manuel-rw avatar Jan 14 '24 11:01 manuel-rw

Hi, thanks for the contribution. I think this is a nice idea - you're right that API keys should be the default. However, this isn't a good idea to implement it like this, as it will be a breaking change. It means, that every user will have to redo their setup. Many will just not bother with it.

One solution would be to have fields for username, password and API key, but currently, they are required. I'd suggest that we add the option to make fields required or optional in the widget definition. WDYT @Meierschlumpf @ajnart @Tagaishi

This way, the user could choose between API key and user / PW + existing installations wouldn't break.

Maybe it makes more sense to have multiple options of combinations. Then we could like make that one of them is still required (either username / password or apiKey)

Meierschlumpf avatar Jan 15 '24 05:01 Meierschlumpf

We would need to rework how the options are setup to allow that, I just pushed a commit with an attempt to do so, though I am not finished with it. It is not perfect since all it does is make the fields optional and it fails to enforce username/password or api Key

conner-replogle avatar Jan 15 '24 05:01 conner-replogle

I'm confused. The diff here doesn't show any additional changes. However, I can see that you did make when I click "Compare" on your force-push: https://github.com/ajnart/homarr/compare/4c958653a943f3f6eb9803dc47296facfee9e26f..130414491d999cdde73bca18e1406c667f717fe1 @Meierschlumpf can you confirm this? Did you maybe push it incorrectly?

manuel-rw avatar Jan 16 '24 19:01 manuel-rw

Oh shoot, I had realized I accidentally pushed my config with some username/passwords in it so i tried to find a way to delete it but I guess I can't. I'll repush the changes in a minute.

conner-replogle avatar Jan 16 '24 19:01 conner-replogle

Oh shoot, I had realized I accidentally pushed my config with some username/passwords in it so i tried to find a way to delete it but I guess I can't. I'll repush the changes in a minute.

Yeah unfortunately that's not possible on GitHub, you'll need to change it 😅. Or you can open a GitHub support ticket to remove it. I've already done it in the past

ajnart avatar Jan 16 '24 19:01 ajnart

I changed the password so I guess its fine but man I gotta keep and eye out for that

conner-replogle avatar Jan 16 '24 19:01 conner-replogle

Can confirm, I looked at your commits. If your domain ends with .dev, change your credentials immediately. Your commit is public to everyone. There are hundreds of automated scanners always looking for passwords - so your account is most likely compromised.

manuel-rw avatar Jan 16 '24 19:01 manuel-rw

Okay my recent commits username/password works and Api key but there is not enforcement that you do either it basically is all optional fields I don't believe this will be a breaking change for configs but not entirely sure. I managed to commit this time without doxxing myself lol. I changed my password btw

conner-replogle avatar Jan 16 '24 20:01 conner-replogle

@conner-replogle did you see the review ?

ajnart avatar Feb 15 '24 06:02 ajnart

@conner-replogle

manuel-rw avatar Mar 09 '24 16:03 manuel-rw

Oh i forgot I even opened this yeah Ill implement those changes later today :0

conner-replogle avatar Mar 09 '24 17:03 conner-replogle

Also as a sidenote, if the isRequired is added that means we can probably add it to the torrent client that doesn't require user/pass, I don't remember which one it is but a bunch of people said "I don't have a username / password" and we told them to put anything inside of the fields

ajnart avatar Mar 15 '24 14:03 ajnart

To be honest I'm a rust developer not a js/ts so I really don't know how to use prettier just ran the command in package.json can you send me a command to use to only do the files

conner-replogle avatar Mar 15 '24 14:03 conner-replogle

To be honest I'm a rust developer not a js/ts so I really don't know how to use prettier just ran the command in package.json can you send me a command to use to only do the files

if you use VS.code, just hit f1 and type Format Document. Or Shift Alt F. It might prompt you to select which formatter you want to use so be careful to click on prettier if it does.

SeDemal avatar Mar 15 '24 18:03 SeDemal

I'll close this. There are wayyyy too many changes and it's been stale for quite a while. If anyone's motivated to do this feel free to open a new PR (with just the related changes)

ajnart avatar Apr 18 '24 08:04 ajnart

Alrady implemented in v1.0.0

Meierschlumpf avatar Apr 18 '24 10:04 Meierschlumpf