From 5b656ae229f4b839beb7a8c0dfdb41155c93860b Mon Sep 17 00:00:00 2001 From: Rick van Lieshout Date: Sun, 9 Jun 2024 13:07:49 +0200 Subject: [PATCH] feat: API now allows you to set the so you can control who can interact with the API. --- CHANGELOG.md | 1 + README.md | 1 + src/constants/settings.ts | 1 + src/features/api/index.ts | 7 ++++--- src/pages/settings/preload.ts | 14 +++++++++++--- src/pages/settings/settings.html | 10 ++++++++++ src/scripts/settings.ts | 6 ++++++ 7 files changed, 34 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 82ade28..a6c6f96 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Simplified `MediaInfo` & `Options` types - Added `playingFrom` information to the info API - also changed the way we update Album info since Playing From now shows the correct Album. +- API now allows you to set the `hostname` so you can control who can interact with the API. ## [5.13.1] diff --git a/README.md b/README.md index eb3083c..5ad261f 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,7 @@ The web version of [listen.tidal.com](https://listen.tidal.com) running in elect - [ListenBrainz](https://listenbrainz.org/?redirect=false) integration - Songwhip.com integration (hotkey `ctrl + w`) - Discord RPC integration (showing "now listening", "Browsing", etc) + - Flatpak version only works if both Discord and Tidal-HiFi are flatpaks - MPRIS integration - UI + Json config (`~/.config/tidal-hifi/`, or `~/.var/app/com.mastermindzh.tidal-hifi/` for Flatpak) diff --git a/src/constants/settings.ts b/src/constants/settings.ts index c435f76..02604a4 100644 --- a/src/constants/settings.ts +++ b/src/constants/settings.ts @@ -14,6 +14,7 @@ export const settings = { apiSettings: { root: "apiSettings", port: "apiSettings.port", + hostname: "apiSettings.hostname", }, customCSS: "customCSS", disableBackgroundThrottle: "disableBackgroundThrottle", diff --git a/src/features/api/index.ts b/src/features/api/index.ts index cbe0b3f..38a2333 100644 --- a/src/features/api/index.ts +++ b/src/features/api/index.ts @@ -1,7 +1,6 @@ +import cors from "cors"; import { BrowserWindow, dialog } from "electron"; import express from "express"; -import swaggerSpec from "./swagger.json"; -import cors from "cors"; import swaggerUi from "swagger-ui-express"; import { settingsStore } from "../../scripts/settings"; import { settings } from "./../../constants/settings"; @@ -9,12 +8,14 @@ import { addCurrentInfo } from "./features/current"; import { addPlaybackControl } from "./features/player"; import { addSettingsAPI } from "./features/settings/settings"; import { addLegacyApi } from "./legacy"; +import swaggerSpec from "./swagger.json"; /** * Function to enable TIDAL Hi-Fi's express api */ export const startApi = (mainWindow: BrowserWindow) => { const port = settingsStore.get(settings.apiSettings.port); + const hostname = settingsStore.get(settings.apiSettings.hostname) ?? "127.0.0.1"; const expressApp = express(); expressApp.use(cors()); @@ -29,7 +30,7 @@ export const startApi = (mainWindow: BrowserWindow) => { addCurrentInfo(expressApp); addSettingsAPI(expressApp, mainWindow); - const expressInstance = expressApp.listen(port, "127.0.0.1"); + const expressInstance = expressApp.listen(port, hostname); expressInstance.on("error", function (e: { code: string }) { let message = e.code; if (e.code === "EADDRINUSE") { diff --git a/src/pages/settings/preload.ts b/src/pages/settings/preload.ts index c8573e5..db3c040 100644 --- a/src/pages/settings/preload.ts +++ b/src/pages/settings/preload.ts @@ -24,7 +24,7 @@ const switchesWithSettings = { switch: "discord_show_song", classToHide: "discord_show_song_options", settingsKey: settings.discord.showSong, - } + }, }; let adBlock: HTMLInputElement, @@ -35,6 +35,7 @@ let adBlock: HTMLInputElement, enableCustomHotkeys: HTMLInputElement, enableDiscord: HTMLInputElement, gpuRasterization: HTMLInputElement, + hostname: HTMLInputElement, menuBar: HTMLInputElement, minimizeOnClose: HTMLInputElement, mpris: HTMLInputElement, @@ -127,6 +128,7 @@ function refreshSettings() { enableDiscord.checked = settingsStore.get(settings.enableDiscord); enableWaylandSupport.checked = settingsStore.get(settings.flags.enableWaylandSupport); gpuRasterization.checked = settingsStore.get(settings.flags.gpuRasterization); + hostname.value = settingsStore.get(settings.apiSettings.hostname); menuBar.checked = settingsStore.get(settings.menuBar); minimizeOnClose.checked = settingsStore.get(settings.minimizeOnClose); mpris.checked = settingsStore.get(settings.mpris); @@ -243,6 +245,7 @@ window.addEventListener("DOMContentLoaded", () => { enableDiscord = get("enableDiscord"); enableWaylandSupport = get("enableWaylandSupport"); gpuRasterization = get("gpuRasterization"); + hostname = get("hostname"); menuBar = get("menuBar"); minimizeOnClose = get("minimizeOnClose"); mpris = get("mprisCheckbox"); @@ -264,7 +267,7 @@ window.addEventListener("DOMContentLoaded", () => { discord_button_text = get("discord_button_text"); discord_show_song = get("discord_show_song"); discord_using_text = get("discord_using_text"); - discord_idle_text = get("discord_idle_text") + discord_idle_text = get("discord_idle_text"); refreshSettings(); addInputListener(adBlock, settings.adBlock); @@ -276,6 +279,7 @@ window.addEventListener("DOMContentLoaded", () => { addInputListener(enableDiscord, settings.enableDiscord, switchesWithSettings.discord); addInputListener(enableWaylandSupport, settings.flags.enableWaylandSupport); addInputListener(gpuRasterization, settings.flags.gpuRasterization); + addInputListener(hostname, settings.apiSettings.hostname); addInputListener(menuBar, settings.menuBar); addInputListener(minimizeOnClose, settings.minimizeOnClose); addInputListener(mpris, settings.mpris); @@ -299,7 +303,11 @@ window.addEventListener("DOMContentLoaded", () => { addInputListener(discord_details_prefix, settings.discord.detailsPrefix); addInputListener(discord_include_timestamps, settings.discord.includeTimestamps); addInputListener(discord_button_text, settings.discord.buttonText); - addInputListener(discord_show_song, settings.discord.showSong, switchesWithSettings.discord_show_song); + addInputListener( + discord_show_song, + settings.discord.showSong, + switchesWithSettings.discord_show_song + ); addInputListener(discord_idle_text, settings.discord.idleText); addInputListener(discord_using_text, settings.discord.usingText); }); diff --git a/src/pages/settings/settings.html b/src/pages/settings/settings.html index a9d281a..5c06b43 100644 --- a/src/pages/settings/settings.html +++ b/src/pages/settings/settings.html @@ -167,6 +167,16 @@ +
+
+

API hostname

+

By default (127.0.0.1) only local apps can interface with the API.
+ Change to 0.0.0.0 to allow anyone to interact with it.
+ Other options are available +

+ +
+

Playback control

diff --git a/src/scripts/settings.ts b/src/scripts/settings.ts index d9cc7b5..b113e96 100644 --- a/src/scripts/settings.ts +++ b/src/scripts/settings.ts @@ -31,6 +31,7 @@ export const settingsStore = new Store({ api: true, apiSettings: { port: 47836, + hostname: "127.0.0.1", }, customCSS: [], disableBackgroundThrottle: true, @@ -101,6 +102,11 @@ export const settingsStore = new Store({ }, ]); }, + "5.14.0": (migrationStore) => { + buildMigration("5.14.0", migrationStore, [ + { key: settings.apiSettings.hostname, value: "127.0.0.1" }, + ]); + }, }, });