Luke 37008 Posted May 29, 2023 Share Posted May 29, 2023 This is sure to cause temporary problems but it's for the best. Going forward, all api routes that you add will require authentication, unless you explicitly add this attribute: [Unauthenticated] If your plugin is creating a custom api, and if you're feeding that url to something external, then you'll need to make a decision on whether to make it unauthenticated or require the caller to provide authentication. Please let me know if you have questions. Thanks. @chef @roaku @Cheesegeezer @MikePlanet @ShaneP @mickle026 @rechigo @TeamB @pünktchen 3 Link to comment Share on other sites More sharing options...
roaku 792 Posted May 29, 2023 Share Posted May 29, 2023 Trying to see if I follow. I have custom API endpoints in my plugins, but they're only used in the context of an admin user visiting a plugin config page. Nothing external to Emby accesses these endpoints. Data is retrieved from my endpoints through calls to the Emby provided ApiClient.getJSON, which appears to load an access token into the http request by way of ApiClient.fetch. So, my plugins should be unaffected by this change? 1 Link to comment Share on other sites More sharing options...
Luke 37008 Posted May 29, 2023 Author Share Posted May 29, 2023 7 hours ago, roaku said: So, my plugins should be unaffected by this change? Sounds like they will be unaffected. 2 Link to comment Share on other sites More sharing options...
mickle026 400 Posted May 31, 2023 Share Posted May 31, 2023 I litterally have no idea where this would go, is there an example anywhere? I think i am aslo unaffected as all of my endpoints are run from admin config pages, but I would like to understand this. Link to comment Share on other sites More sharing options...
Luke 37008 Posted May 31, 2023 Author Share Posted May 31, 2023 1 hour ago, mickle026 said: I think i am aslo unaffected as all of my endpoints are run from admin config pages, but I would like to understand this. Yes, sounds like it. Link to comment Share on other sites More sharing options...
TeamB 2352 Posted May 31, 2023 Share Posted May 31, 2023 4 hours ago, mickle026 said: I litterally have no idea where this would go, is there an example anywhere? I think i am aslo unaffected as all of my endpoints are run from admin config pages, but I would like to understand this. they go just above the class definition with the route https://github.com/faush01/playback_reporting/blob/e7bef6c12978b222ab1c1f374d0f142b65edcf2c/playback_reporting/Api/UserActivityAPI.cs#L43 1 Link to comment Share on other sites More sharing options...
mickle026 400 Posted May 31, 2023 Share Posted May 31, 2023 I had thought that, but was getting a compiler error. I was missing - using MediaBrowser.Controller.Net; Thanks @TeamB Link to comment Share on other sites More sharing options...
Luke 37008 Posted June 4, 2023 Author Share Posted June 4, 2023 New build and beta nugget package are now up. Thanks guys. Link to comment Share on other sites More sharing options...
shure 24 Posted June 9, 2023 Share Posted June 9, 2023 After updating to 4.8.0.39, there is a changement that ApiClient.getPluginConfiguration() just work for admin now. if user use it, response 401 and Unauthorized. Link to comment Share on other sites More sharing options...
shure 24 Posted June 10, 2023 Share Posted June 10, 2023 [Authenticated(FeatureIds = new String[] { "YourPluginFeatureIds" })] is very useful if your plugin is enable for user Link to comment Share on other sites More sharing options...
Luke 37008 Posted June 11, 2023 Author Share Posted June 11, 2023 On 6/9/2023 at 7:05 PM, shure said: After updating to 4.8.0.39, there is a changement that ApiClient.getPluginConfiguration() just work for admin now. if user use it, response 401 and Unauthorized. Yup. Link to comment Share on other sites More sharing options...
elsagranger 1 Posted February 26 Share Posted February 26 (edited) I have users running clients on both 4.8.0.37+ and 4.8.0.37- (including ~4.7), how can I develop my plugin so that in both versions can achieve that there is no need to authenticate a specific api endpoint. There is no [Unauthenticated] available for the 4.7 nugget package. Such as this issue: https://github.com/kookxiang/jellyfin-plugin-bangumi/issues/110 , problem raising from that client with 4.7 version is still running and I have to keep the dependency version low. Edited February 26 by elsagranger Link to comment Share on other sites More sharing options...
Luke 37008 Posted February 26 Author Share Posted February 26 3 hours ago, elsagranger said: I have users running clients on both 4.8.0.37+ and 4.8.0.37- (including ~4.7), how can I develop my plugin so that in both versions can achieve that there is no need to authenticate a specific api endpoint. There is no [Unauthenticated] available for the 4.7 nugget package. Such as this issue: https://github.com/kookxiang/jellyfin-plugin-bangumi/issues/110 , problem raising from that client with 4.7 version is still running and I have to keep the dependency version low. With a single code base you can’t. You’ll need to develop two versions and distribute the right versions to the right people. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now