Emby Users (not Guests) with Emby Connect - Allow transfer of password

[Magic815 18]

So I realize the title is confusing, but this is my feature request:

 

I have a use case, where I want all the users who view my Emby server to each have Emby Connect accounts. However, I also want those users to each show up on the web login page with their own profile icon.

 

Right now the only way I can do this is through the following:

 

1. Tell the user to sign up for an Emby Connect account at: https://emby.media/connect.html

2. I go into Emby Server > Manage Server > Users > +Add User

3. I then give them a profile/icon name, set their user access settings how I want them, and I add in their Emby Connect username/email 

4. The user then gets an email sent to them with a link, that then gives them access to the server

 

Normally, that's where I'd like the process to end. However, there is still the last step of a user profile password. By default, doing the above steps will successfully create a user profile (that is linked to an Emby Connect account), but the user profile on the web page does not have any password protection. Because of this, I then need to ask the user to do the following:

 

5. Click into their user profile, go into settings, and create a new password.

6. They can either re-type their Emby Connect password, or they can create a different one (which lets them have two different passwords that will get them into the web app).

 

 

To me, steps 5 and 6 seem extraneous and unneeded. What if you all could put in a tickbox setting that allowed me (as the Emby Server Admin), to transfer their Emby Connect password to the user profile I'm making for them? Attached are two concepts I've come up with. Thoughts?

Edited August 11, 2017 by Magic815

[darkassassin07 429]

Instead if transferring the password from emby connect,

what about a feature to require a password change the next time a user logs in?

Useful both at first sign-up as well as later down the line as an admin being able to force users to update their passwords.

 

 

I do like the idea of forcing the user to have/set a password, I'm just not sure transferring those credentials between emby connect and local servers is a great plan, especially with not all users using tls/ssl (https)

Edited August 11, 2017 by darkassassin07

[ebr 14935]

Can't you create local users and then link them to Connect accounts to achieve what you want?

[Magic815 18]

Instead if transferring the password from emby connect,

what about a feature to require a password change the next time a user logs in?

Useful both at first sign-up as well as later down the line as an admin being able to force users to update their passwords.

 

 

I do like the idea of forcing the user to have/set a password, I'm just not sure transferring those credentials between emby connect and local servers is a great plan, especially with not all users using tls/ssl (https)

True - I guess the key piece of my request is that the user is forced to create a profile password on their first sign in (if I select it to be that way when I make their user profile).

 

What you could do is take my option 1, and ignore the bit about "transfer from Emby Connect." Instead it would just say "Force password creation". If I check that, then what I'd want the user to see is the following:

 

1. They go to the web app, and click on their profile icon

2. With their first log in, they are asked to provide their Emby Connect username and password

3. They are then asked to create a profile password (and the notice could state that they can make it the same as their Emby Connect password or something different)

4. Then it logs them in.

5. Anytime after that, when they click their profile icon it asks them for their profile password.

 

 

Can't you create local users and then link them to Connect accounts to achieve what you want?

That's exactly what steps 1 through 4 in my first post are doing. By default, this creates a user profile with no password protection. I'm asking to have a setting when I create the local user profile to force password protection on their first log in. RIght now, I have to send them a follow up / reminder email to go into their user profile and set a password. For all 4 people I've done this with (various family members), they've all immediately asked "Why? I've already created a password."

Edited August 11, 2017 by Magic815

[ebr 14935]

Ah, okay.

 

Just curious - Why are you hooking them up to Connect if they aren't going to use Connect to access the server...?

[Magic815 18]

Ah, okay.

 

Just curious - Why are you hooking them up to Connect if they aren't going to use Connect to access the server...?

Well - so - they might use Emby Connect. For web viewing they won't. But then they also have various other devices (TVs, Nvidia Shields, etc) where they could very likely want to Emby Connect with. For those, having the linked Emby Connect account comes in handy.

Edited August 11, 2017 by Magic815

[darkassassin07 429]

Mb connect doesn't actually log you into the server though does it? I thought it just connected you to the login page. (I don't use it myself, I just have an easy domain name)

 

Even still, if the user does not set a profile password asside from mb connect, direct connections to the server (both lan/wan ip) give a login page, and that user has no password

[ebr 14935]

Okay.  One thing you could do is give these people a random password on the local account.  They don't need to know this password because the system should also allow their Emby Connect (forum) password for validation.

[ebr 14935]

Mb connect doesn't actually log you into the server though does it? I thought it just connected you to the login page. (I don't use it myself, I just have an easy domain name)

 

No, Connect takes you right in so that they don't have to enter two passwords.

[darkassassin07 429]

Okay. One thing you could do is give these people a random password on the local account. They don't need to know this password because the system should also allow their Emby Connect (forum) password for validation.

Great for users that exclusively use mb connect, but anyone that connects via the web app now doesn't know their password.

 

 

When I created my users I set their passwords to 1234, then told them to change it when they logged in. But that relies on trust that they will do it. With a few of my users I had to nag them for a few days to do it.

 

It would be much simpler to be able to force them to change/create passwords on next login. Maybe if that login was from mb connect, notify them the password they are setting is for the local account and only used for non mb connect connections

Edited August 11, 2017 by darkassassin07

[ebr 14935]

Have you had them try using their Emby Connect password on the web login form?

[Magic815 18]

Okay.  One thing you could do is give these people a random password on the local account.  They don't need to know this password because the system should also allow their Emby Connect (forum) password for validation.

Got it. This works as a good workaround. Although, I still think that a setting to force password creation could be useful - curious to the thoughts of the developers!

 

For now, I'll give everyone a extremely long and hard to guess password, so that it triggers the password prompt. Then they'll naturally go with the Emby Connect password they just made. Still would be nice to have a checkbox instead of making up a never-to-be-used password. Just a thought!

[darkassassin07 429]

(I don't use it myself, I just have an easy domain name)

 

(mb connect)

 

In my particular case, I just want to be able to create a user account locally and have said user be required to set a password with out having to give them instructions or sign up to anything.

Just go to 'domain.com' and click on your name, enter temp pass, now enter your desired pass.

Edited August 11, 2017 by darkassassin07

[ebr 14935]

Got it. This works as a good workaround. Although, I still think that a setting to force password creation could be useful - curious to the thoughts of the developers!

 

Yes, this is still not a bad idea but in your case, you don't really need it.

 

We designed the password validation to accept either the local pw or the one on the linked Connect account for this very reason - users would be confused by needing two passwords.