Improve temporary device token flow

2025-07-06 05:01:14 -07:00 · 2021-03-09 23:09:57 -08:00 · 2021-03-09 23:09:57 -08:00 · 15f90ea433
commit 15f90ea433
parent f7e1dc97d8
4 changed files with 33 additions and 26 deletions
--- a/data/interfaces/default/mobile_devices_table.html
+++ b/data/interfaces/default/mobile_devices_table.html
@ -98,7 +98,9 @@ DOCUMENTATION :: END
                        $.ajax({
                            url: 'verify_mobile_device',
                            type: 'GET',
-                            data: { device_token: token },
+                            data: {
+                                device_token: token
+                            },
                            success: function (data) {
                                if (data.result === 'success') {
                                    verifiedDevice = true;
@ -135,7 +137,10 @@ DOCUMENTATION :: END
            $.ajax({
                url: 'verify_mobile_device',
                type: 'GET',
-                data: { cancel: true },
+                data: {
+                    device_token: $('#api_qr_token').val(),
+                    cancel: true
+                },
                success: function (data) {
                    showMsg('<i class="fa fa-times"></i> ' + data.message, false, true, 5000, false);
                }
--- a/plexpy/api2.py
+++ b/plexpy/api2.py
@ -146,7 +146,7 @@ class API2(object):
            if not self._api_app and self._api_apikey == plexpy.CONFIG.API_KEY:
                self._api_authenticated = True

-            elif self._api_app and self._api_apikey == mobile_app.get_temp_device_token() and \
+            elif self._api_app and mobile_app.get_temp_device_token(self._api_apikey) and \
                    self._api_cmd == 'register_device':
                self._api_authenticated = True

@ -469,7 +469,7 @@ class API2(object):
            self._api_msg = 'Device registration successful.'
            self._api_result_type = 'success'

-            mobile_app.set_temp_device_token(True)
+            mobile_app.set_temp_device_token(self._api_apikey, success=True)

            plex_server = plextv.get_server_resources(return_info=True)
            tautulli = plexpy.get_tautulli_info()
--- a/plexpy/mobile_app.py
+++ b/plexpy/mobile_app.py
@ -32,32 +32,34 @@ else:
    from plexpy import logger


-TEMP_DEVICE_TOKEN = None
-INVALIDATE_TIMER = None
-
 _ONESIGNAL_APP_ID = '3b4b666a-d557-4b92-acdf-e2c8c4b95357'

+TEMP_DEVICE_TOKENS = {}

-def set_temp_device_token(token=None):
-    global TEMP_DEVICE_TOKEN
-    TEMP_DEVICE_TOKEN = token

-    if TEMP_DEVICE_TOKEN:
-        logger._BLACKLIST_WORDS.add(TEMP_DEVICE_TOKEN)
-    else:
-        logger._BLACKLIST_WORDS.discard(TEMP_DEVICE_TOKEN)
+def set_temp_device_token(token=None, remove=False, add=False, success=False):
+    global TEMP_DEVICE_TOKENS

-    if TEMP_DEVICE_TOKEN is not None:
-        global INVALIDATE_TIMER
-        if INVALIDATE_TIMER:
-            INVALIDATE_TIMER.cancel()
+    if token in TEMP_DEVICE_TOKENS and success:
+        if isinstance(TEMP_DEVICE_TOKENS[token], threading.Timer):
+            TEMP_DEVICE_TOKENS[token].cancel()
+        TEMP_DEVICE_TOKENS[token] = True
+
+    elif token in TEMP_DEVICE_TOKENS and remove:
+        if isinstance(TEMP_DEVICE_TOKENS[token], threading.Timer):
+            TEMP_DEVICE_TOKENS[token].cancel()
+        del TEMP_DEVICE_TOKENS[token]
+        logger._BLACKLIST_WORDS.discard(token)
+
+    elif token not in TEMP_DEVICE_TOKENS and add:
        invalidate_time = 5 * 60  # 5 minutes
-        INVALIDATE_TIMER = threading.Timer(invalidate_time, set_temp_device_token, args=[None])
-        INVALIDATE_TIMER.start()
+        TEMP_DEVICE_TOKENS[token] = threading.Timer(invalidate_time, set_temp_device_token, args=[token, True])
+        TEMP_DEVICE_TOKENS[token].start()
+        logger._BLACKLIST_WORDS.add(token)


-def get_temp_device_token():
-    return TEMP_DEVICE_TOKEN
+def get_temp_device_token(token=None):
+    return TEMP_DEVICE_TOKENS.get(token)


 def get_mobile_devices(device_id=None, device_token=None):
--- a/plexpy/webserve.py
+++ b/plexpy/webserve.py
@ -3804,12 +3804,12 @@ class WebInterface(object):
    @requireAuth(member_of("admin"))
    def verify_mobile_device(self, device_token='', cancel=False, **kwargs):
        if helpers.bool_true(cancel):
-            mobile_app.set_temp_device_token(None)
+            mobile_app.set_temp_device_token(device_token, remove=True)
            return {'result': 'error', 'message': 'Device registration cancelled.'}

-        result = mobile_app.get_temp_device_token()
+        result = mobile_app.get_temp_device_token(device_token)
        if result is True:
-            mobile_app.set_temp_device_token(None)
+            mobile_app.set_temp_device_token(device_token, remove=True)
            return {'result': 'success', 'message': 'Device registered successfully.', 'data': result}
        else:
            return {'result': 'error', 'message': 'Device not registered.'}
@ -4254,7 +4254,7 @@ class WebInterface(object):
        logger._BLACKLIST_WORDS.add(apikey)

        if helpers.bool_true(device):
-            mobile_app.set_temp_device_token(apikey)
+            mobile_app.set_temp_device_token(apikey, add=True)

        return apikey