From b75fc7b2384ce760432620faaa92277dcd42b8e1 Mon Sep 17 00:00:00 2001 From: TheCatLady <52870424+TheCatLady@users.noreply.github.com> Date: Tue, 5 Apr 2022 19:31:14 -0400 Subject: [PATCH] fix(auth): resolve local/password authentication issues (#2677) * fix(auth): only add Plex ID to user after verifying server access * fix(auth): do not fail local auth if fetching Plex users is unsuccessful --- server/routes/auth.ts | 57 ++++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/server/routes/auth.ts b/server/routes/auth.ts index 1a12f9e49..b6394d17f 100644 --- a/server/routes/auth.ts +++ b/server/routes/auth.ts @@ -210,30 +210,43 @@ authRoutes.post('/local', async (req, res, next) => { const mainPlexTv = new PlexTvAPI(mainUser.plexToken ?? ''); if (!user.plexId) { - const plexUsersResponse = await mainPlexTv.getUsers(); - const account = plexUsersResponse.MediaContainer.User.find( - (account) => - account.$.email && - account.$.email.toLowerCase() === user.email.toLowerCase() - )?.$; - - if (account) { - logger.info('Found matching Plex user; updating user with Plex data', { - label: 'API', - ip: req.ip, - email: body.email, - userId: user.id, - plexId: account.id, - plexUsername: account.username, - }); + try { + const plexUsersResponse = await mainPlexTv.getUsers(); + const account = plexUsersResponse.MediaContainer.User.find( + (account) => + account.$.email && + account.$.email.toLowerCase() === user.email.toLowerCase() + )?.$; + + if ( + account && + (await mainPlexTv.checkUserAccess(parseInt(account.id))) + ) { + logger.info( + 'Found matching Plex user; updating user with Plex data', + { + label: 'API', + ip: req.ip, + email: body.email, + userId: user.id, + plexId: account.id, + plexUsername: account.username, + } + ); - user.plexId = parseInt(account.id); - user.avatar = account.thumb; - user.email = account.email; - user.plexUsername = account.username; - user.userType = UserType.PLEX; + user.plexId = parseInt(account.id); + user.avatar = account.thumb; + user.email = account.email; + user.plexUsername = account.username; + user.userType = UserType.PLEX; - await userRepository.save(user); + await userRepository.save(user); + } + } catch (e) { + logger.error('Something went wrong fetching Plex users', { + label: 'API', + errorMessage: e.message, + }); } }