From db49b2024d399d90f2d1500b262374efc42f333c Mon Sep 17 00:00:00 2001
From: TheCatLady <52870424+TheCatLady@users.noreply.github.com>
Date: Mon, 26 Apr 2021 08:06:54 -0400
Subject: [PATCH] feat: add option to only allow Plex sign-in from existing
users (#1496)
* feat: add option to only allow Plex login from existing users
* fix: remove newPlexLogin from public settings
---
overseerr-api.yml | 3 ++
server/lib/settings.ts | 2 ++
server/routes/auth.ts | 30 +++++++++++++++----
src/components/Settings/SettingsPlex.tsx | 7 ++---
.../Settings/SettingsUsers/index.tsx | 24 ++++++++++++++-
src/i18n/locale/en.json | 9 +++---
6 files changed, 60 insertions(+), 15 deletions(-)
diff --git a/overseerr-api.yml b/overseerr-api.yml
index 0a739720..460a2a17 100644
--- a/overseerr-api.yml
+++ b/overseerr-api.yml
@@ -126,6 +126,9 @@ components:
localLogin:
type: boolean
example: true
+ newPlexLogin:
+ type: boolean
+ example: true
defaultPermissions:
type: number
example: 32
diff --git a/server/lib/settings.ts b/server/lib/settings.ts
index c0c86b90..1f6fc89d 100644
--- a/server/lib/settings.ts
+++ b/server/lib/settings.ts
@@ -82,6 +82,7 @@ export interface MainSettings {
};
hideAvailable: boolean;
localLogin: boolean;
+ newPlexLogin: boolean;
region: string;
originalLanguage: string;
trustProxy: boolean;
@@ -242,6 +243,7 @@ class Settings {
},
hideAvailable: false,
localLogin: true,
+ newPlexLogin: true,
region: '',
originalLanguage: '',
trustProxy: false,
diff --git a/server/routes/auth.ts b/server/routes/auth.ts
index d5bf42bc..ca94e2a8 100644
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@@ -1,12 +1,12 @@
import { Router } from 'express';
import { getRepository } from 'typeorm';
-import { User } from '../entity/User';
import PlexTvAPI from '../api/plextv';
-import { isAuthenticated } from '../middleware/auth';
+import { UserType } from '../constants/user';
+import { User } from '../entity/User';
import { Permission } from '../lib/permissions';
-import logger from '../logger';
import { getSettings } from '../lib/settings';
-import { UserType } from '../constants/user';
+import logger from '../logger';
+import { isAuthenticated } from '../middleware/auth';
const authRoutes = Router();
@@ -79,6 +79,24 @@ authRoutes.post('/plex', async (req, res, next) => {
// Double check that we didn't create the first admin user before running this
if (!user) {
+ if (!settings.main.newPlexLogin) {
+ logger.info(
+ 'Failed sign-in attempt from user who has not been imported to Overseerr.',
+ {
+ label: 'Auth',
+ account: {
+ ...account,
+ authentication_token: '__REDACTED__',
+ authToken: '__REDACTED__',
+ },
+ }
+ );
+ return next({
+ status: 403,
+ message: 'Access denied.',
+ });
+ }
+
// If we get to this point, the user does not already exist so we need to create the
// user _assuming_ they have access to the Plex server
const mainUser = await userRepository.findOneOrFail({
@@ -112,7 +130,7 @@ authRoutes.post('/plex', async (req, res, next) => {
);
return next({
status: 403,
- message: 'You do not have access to this Plex server.',
+ message: 'Access denied.',
});
}
}
@@ -128,7 +146,7 @@ authRoutes.post('/plex', async (req, res, next) => {
logger.error(e.message, { label: 'Auth' });
return next({
status: 500,
- message: 'Something went wrong. Is your auth token valid?',
+ message: 'Something went wrong.',
});
}
});
diff --git a/src/components/Settings/SettingsPlex.tsx b/src/components/Settings/SettingsPlex.tsx
index 324fecc1..5b3fbd39 100644
--- a/src/components/Settings/SettingsPlex.tsx
+++ b/src/components/Settings/SettingsPlex.tsx
@@ -21,7 +21,7 @@ const messages = defineMessages({
plex: 'Plex',
plexsettings: 'Plex Settings',
plexsettingsDescription:
- 'Configure the settings for your Plex server. Overseerr scans your Plex libraries to see what content is available.',
+ 'Configure the settings for your Plex server. Overseerr scans your Plex libraries to determine content availability.',
servername: 'Server Name',
servernameTip: 'Automatically retrieved from Plex after saving',
servernamePlaceholder: 'Plex Server Name',
@@ -40,11 +40,10 @@ const messages = defineMessages({
toastPlexConnectingSuccess: 'Plex connection established successfully!',
toastPlexConnectingFailure: 'Failed to connect to Plex.',
settingUpPlexDescription:
- 'To set up Plex, you can either enter your details manually or select a server retrieved from plex.tv. Press the button to the right of the dropdown to fetch the list of available servers.',
+ 'To set up Plex, you can either enter the details manually or select a server retrieved from plex.tv. Press the button to the right of the dropdown to fetch the list of available servers.',
hostname: 'Hostname or IP Address',
port: 'Port',
enablessl: 'Enable SSL',
- timeout: 'Timeout',
plexlibraries: 'Plex Libraries',
plexlibrariesDescription:
'The libraries Overseerr scans for titles. Set up and save your Plex connection settings, then click the button below if no libraries are listed.',
@@ -58,7 +57,7 @@ const messages = defineMessages({
librariesRemaining: 'Libraries Remaining: {count}',
startscan: 'Start Scan',
cancelscan: 'Cancel Scan',
- validationHostnameRequired: 'You must provide a hostname or IP address',
+ validationHostnameRequired: 'You must provide a valid hostname or IP address',
validationPortRequired: 'You must provide a valid port number',
});
diff --git a/src/components/Settings/SettingsUsers/index.tsx b/src/components/Settings/SettingsUsers/index.tsx
index c933a414..5f17b33e 100644
--- a/src/components/Settings/SettingsUsers/index.tsx
+++ b/src/components/Settings/SettingsUsers/index.tsx
@@ -19,6 +19,8 @@ const messages = defineMessages({
toastSettingsSuccess: 'User settings saved successfully!',
toastSettingsFailure: 'Something went wrong while saving settings.',
localLogin: 'Enable Local Sign-In',
+ newPlexLogin: 'Enable New Plex User Sign-In',
+ newPlexLoginTip: 'Allow Plex users to sign in without first being imported',
movieRequestLimitLabel: 'Global Movie Request Limit',
tvRequestLimitLabel: 'Global Series Request Limit',
defaultPermissions: 'Default Permissions',
@@ -53,6 +55,7 @@ const SettingsUsers: React.FC = () => {
{
try {
await axios.post('/api/v1/settings/main', {
localLogin: values.localLogin,
+ newPlexLogin: values.newPlexLogin,
defaultQuotas: {
movie: {
quotaLimit: values.movieQuotaLimit,
@@ -96,7 +100,7 @@ const SettingsUsers: React.FC = () => {