mirrors/navidrome
1
0
Fork 0
mirror of https://github.com/navidrome/navidrome.git synced 2025-04-05 21:47:36 +03:00
Code Issues Projects Releases Packages Wiki Activity
4050 commits 25 branches 103 tags 76 MiB
Commit graph

23 commits

Author SHA1 Message Date
Deluan
09ae41a2da sec(subsonic): authentication bypass in Subsonic API with non-existent username 
Signed-off-by: Deluan <deluan@navidrome.org>
 2025-02-20 20:14:19 -05:00
crazygolem
1e96b858a9
Add support for Reverse Proxy auth in Subsonic endpoints (#2558) 
* feat(subsonic): Add support for Reverse Proxy auth - #2557

Signed-off-by: Jeremiah Menétrey <superjun1@gmail.com>

* Small refactoring

---------

Signed-off-by: Jeremiah Menétrey <superjun1@gmail.com>
Co-authored-by: Deluan Quintão <deluan@navidrome.org>
 2024-04-27 13:47:42 -04:00
Deluan
31882abf6f Upgrade Ginkgo to V2 2022-07-26 16:53:17 -04:00
Deluan
b65e76293a Only send events to clients who need it 
- User events (star, rating, plays) only sent to same user
- Don't send to the client (browser window) that originated the event
 2021-06-15 18:59:26 -04:00
Deluan
22ce5b6282 Removed unnecessary code 2021-05-11 18:55:58 -04:00
Deluan
7d96167abc Upgrade to go-chi 5 2021-05-11 17:21:18 -04:00
Deluan
e3fe8399c8 Fix DevAutoCreateAdminPassword 2021-05-01 18:40:02 -04:00
Deluan
6ee45a9ccc Move project to Navidrome GitHub organization 2021-02-06 21:46:35 -05:00
Deluan
d0bf37a8a9 Move mock datastore to tests package 2020-10-27 15:23:49 -04:00
Deluan
596a4897a3 Do not force username to always be lowercase in the DB 2020-09-01 18:00:19 -04:00
Deluan
100f6a0645 Removed engine.Users 2020-08-14 12:10:37 -04:00
Deluan
df05760769 Move engine package under subsonic, as it should only be used by the Subsonic API.master 
The idea is to move reusable code from `engine` to `core`, in future refactorings
 2020-08-04 21:29:35 -04:00
Deluan
f8362a4acb Fix staticcheck's SA1029 2020-05-13 16:49:55 -04:00
Deluan
0ba5840a65 Don't set a playerId cookie it cannot register the player 2020-04-04 20:26:36 -04:00
Deluan
39993810b3 feat: add transcodedSuffix to Subsonic API responses 2020-03-17 15:20:35 -04:00
Deluan
8ec78900c5 feat: transcoding and player datastores and configuration 2020-03-17 15:20:35 -04:00
Deluan
abb99a8501 feat: add authentication via JWT token 2020-02-06 18:41:34 -05:00
Deluan
1278863416 feat: support clients that send the API params as a x-www-form-urlencoded POST 2020-01-27 15:10:46 -05:00
Deluan
bee55c04c8 Rename project to Navidrome 2020-01-23 19:44:08 -05:00
Deluan
f0ee41a8af Add context to all methods in engine layer 2020-01-22 08:39:57 -05:00
Deluan
2cc983638c Add authenticated user to context 2020-01-20 18:12:17 -05:00
Deluan
99c28731d4 Authenticate Subsonic API calls using the DB 2020-01-20 13:42:43 -05:00
Deluan
7610b42f4b Moved package api to subsonic under server 2020-01-19 18:23:09 -05:00
Renamed from api/middlewares_test.go (Browse further)