feat(emby): Show end-user external IP address to Emby when logging in as an Emby user (#4949)

Fixes #4947
2025-08-20 13:23:20 -07:00 · 2023-05-27 18:01:32 +02:00 · 2023-05-27 18:01:32 +02:00 · 79cef7e0f8
commit 79cef7e0f8
parent 60c1990959
6 changed files with 44 additions and 29 deletions
--- a/src/Ombi.Api.Emby/EmbyApi.cs
+++ b/src/Ombi.Api.Emby/EmbyApi.cs
@ -56,7 +56,7 @@ namespace Ombi.Api.Emby
            return obj;
        }

-        public async Task<EmbyUser> LogIn(string username, string password, string apiKey, string baseUri)
+        public async Task<EmbyUser> LogIn(string username, string password, string apiKey, string baseUri, string clientIpAddress)
        {
            var request = new Request("emby/users/authenticatebyname", baseUri, HttpMethod.Post);
            var body = new
@ -71,6 +71,11 @@ namespace Ombi.Api.Emby
                $"MediaBrowser Client=\"Ombi\", Device=\"Ombi\", DeviceId=\"v3\", Version=\"v3\"");
            AddHeaders(request, apiKey);

+            if (!string.IsNullOrEmpty(clientIpAddress))
+            {
+                request.AddHeader("X-Forwarded-For", clientIpAddress);
+            }
+
            var obj = await Api.Request<EmbyUser>(request);
            return obj;
        }
--- a/src/Ombi.Api.Emby/IBaseEmbyApi.cs
+++ b/src/Ombi.Api.Emby/IBaseEmbyApi.cs
@ -11,7 +11,7 @@ namespace Ombi.Api.Emby
    {
        Task<EmbySystemInfo> GetSystemInformation(string apiKey, string baseUrl);
        Task<List<EmbyUser>> GetUsers(string baseUri, string apiKey);
-        Task<EmbyUser> LogIn(string username, string password, string apiKey, string baseUri);
+        Task<EmbyUser> LogIn(string username, string password, string apiKey, string baseUri, string clientIpAddress);

        Task<EmbyItemContainer<EmbyMovie>> GetAllMovies(string apiKey, string parentIdFilder, int startIndex, int count, string userId,
            string baseUri);
--- a/src/Ombi.Core/Authentication/OmbiUserManager.cs
+++ b/src/Ombi.Core/Authentication/OmbiUserManager.cs
@ -69,6 +69,8 @@ namespace Ombi.Core.Authentication
        private readonly ISettingsService<EmbySettings> _embySettings;
        private readonly ISettingsService<JellyfinSettings> _jellyfinSettings;
        private readonly ISettingsService<AuthenticationSettings> _authSettings;
+        private string _clientIpAddress;
+        public string ClientIpAddress { get => _clientIpAddress; set => _clientIpAddress = value; }

        public override async Task<bool> CheckPasswordAsync(OmbiUser user, string password)
        {
@ -88,7 +90,7 @@ namespace Ombi.Core.Authentication
            }
            if (user.UserType == UserType.EmbyUser || user.UserType == UserType.EmbyConnectUser)
            {
-                return await CheckEmbyPasswordAsync(user, password);
+                return await CheckEmbyPasswordAsync(user, password, ClientIpAddress);
            }
            if (user.UserType == UserType.JellyfinUser)
            {
@ -168,7 +170,7 @@ namespace Ombi.Core.Authentication
        /// <param name="user"></param>
        /// <param name="password"></param>
        /// <returns></returns>
-        private async Task<bool> CheckEmbyPasswordAsync(OmbiUser user, string password)
+        private async Task<bool> CheckEmbyPasswordAsync(OmbiUser user, string password, string clientIpAddress="")
        {
            var embySettings = await _embySettings.GetSettingsAsync();
            var client = _embyApi.CreateClient(embySettings);
@ -196,7 +198,7 @@ namespace Ombi.Core.Authentication
            {
                try
                {
-                    var result = await client.LogIn(user.UserName, password, server.ApiKey, server.FullUri);
+                    var result = await client.LogIn(user.UserName, password, server.ApiKey, server.FullUri, clientIpAddress);
                    if (result != null)
                    {
                        return true;
--- a/src/Ombi/Controllers/BaseController.cs
+++ b/src/Ombi/Controllers/BaseController.cs
@ -0,0 +1,28 @@
+
+using System.Linq;
+using Microsoft.AspNetCore.Mvc;
+
+public class BaseController : Controller
+{
+    protected string GetRequestIP()
+    {
+        string ip = null;
+
+        if (Request.HttpContext?.Request?.Headers != null && Request.HttpContext.Request.Headers.ContainsKey("X-Forwarded-For"))
+        {
+            var forwardedip = Request.HttpContext.Request.Headers["X-Forwarded-For"].ToString();
+            ip = forwardedip.TrimEnd(',').Split(",").Select(s => s.Trim()).FirstOrDefault();
+        }
+
+        if (string.IsNullOrWhiteSpace(ip) && Request.HttpContext?.Connection?.RemoteIpAddress != null)
+            ip = Request.HttpContext.Connection.RemoteIpAddress.ToString();
+
+        if (string.IsNullOrWhiteSpace(ip) && Request.HttpContext?.Request?.Headers != null && Request.HttpContext.Request.Headers.ContainsKey("REMOTE_ADDR"))
+        {
+            var remoteip = Request.HttpContext.Request.Headers["REMOTE_ADDR"].ToString();
+            ip = remoteip.TrimEnd(',').Split(",").Select(s => s.Trim()).FirstOrDefault();
+        }
+
+        return ip;
+    }
+}
--- a/src/Ombi/Controllers/V1/IdentityController.cs
+++ b/src/Ombi/Controllers/V1/IdentityController.cs
@ -44,7 +44,7 @@ namespace Ombi.Controllers.V1
    [ApiV1]
    [Produces("application/json")]
    [ApiController]
-    public class IdentityController : Controller
+    public class IdentityController : BaseController
    {
        public IdentityController(OmbiUserManager user,
            RoleManager<IdentityRole> rm,
@ -555,6 +555,7 @@ namespace Ombi.Controllers.V1
            }

            // Make sure the pass is ok
+            UserManager.ClientIpAddress = GetRequestIP();
            var passwordCheck = await UserManager.CheckPasswordAsync(user, ui.CurrentPassword);
            if (!passwordCheck)
            {
--- a/src/Ombi/Controllers/V1/TokenController.cs
+++ b/src/Ombi/Controllers/V1/TokenController.cs
@ -33,7 +33,7 @@ namespace Ombi.Controllers.V1
    [ApiV1]
    [Produces("application/json")]
    [ApiController]
-    public class TokenController : ControllerBase
+    public class TokenController : BaseController
    {
        public TokenController(OmbiUserManager um, ITokenRepository token,
            IPlexOAuthManager oAuthManager, ILogger<TokenController> logger, ISettingsService<AuthenticationSettings> auth,
@ -82,7 +82,7 @@ namespace Ombi.Controllers.V1
                    user.EmailLogin = true;
                }

-
+                _userManager.ClientIpAddress = GetRequestIP();
                // Verify Password
                if (await _userManager.CheckPasswordAsync(user, model.Password))
                {
@ -269,27 +269,6 @@ namespace Ombi.Controllers.V1
            public string Userename { get; set; }
        }

-        private string GetRequestIP()
-        {
-            string ip = null;
-
-            if (Request.HttpContext?.Request?.Headers != null && Request.HttpContext.Request.Headers.ContainsKey("X-Forwarded-For"))
-            {
-                var forwardedip = Request.HttpContext.Request.Headers["X-Forwarded-For"].ToString();
-                ip = forwardedip.TrimEnd(',').Split(",").Select(s => s.Trim()).FirstOrDefault();
-            }
-
-            if (string.IsNullOrWhiteSpace(ip) && Request.HttpContext?.Connection?.RemoteIpAddress != null)
-                ip = Request.HttpContext.Connection.RemoteIpAddress.ToString();
-
-            if (string.IsNullOrWhiteSpace(ip) && Request.HttpContext?.Request?.Headers != null && Request.HttpContext.Request.Headers.ContainsKey("REMOTE_ADDR"))
-            {
-                var remoteip = Request.HttpContext.Request.Headers["REMOTE_ADDR"].ToString();
-                ip = remoteip.TrimEnd(',').Split(",").Select(s => s.Trim()).FirstOrDefault();
-            }
-
-            return ip;
-        }

        [HttpPost("header_auth")]
        [ProducesResponseType(401)]