Skip to content

v0.1.5: Please update
Compare
Choose a tag to compare
@hrfee hrfee released this 20 Aug 19:25
· 1630 commits to main since this release
v0.1.5
ee3b421
This commit was signed with the committer’s verified signature. The key has expired.
hrfee Harvey Tindall
GPG key ID: BBC65952848FB1A2
Expired
Learn about vigilant mode.

Fixes a terrible flaw with jellyfin_login that meant /getToken would accept blank username and password if anyone had previously logged in. The login form in the web UI won't accept blank fields, but this could easily be changed by anyone. Sorry if this put anybody at risk.

This release also adds login persistence, using a refresh token that is stored in a secure cookie. Login sessions should last a day unless you choose to log out.

Changelog

d144077 Add refresh tokens for persistent login, logout button
ee3b421 Fixed flaw with jellyfin_login; store refresh token in cookies
29a79a1 Moved PKGBUILD to AUR, mention in readme
681d2ce link to usr/bin, add license

Assets 8