release: 2901262036

backend/app/routers/auth.py

@@ -10,6 +10,7 @@ from ..db import (
     get_user_by_username,
     set_user_password,
     set_jellyfin_auth_cache,
+    set_user_jellyseerr_id,
     get_user_activity,
     get_user_activity_summary,
     get_user_request_stats,
@@ -26,7 +27,10 @@ router = APIRouter(prefix="/auth", tags=["auth"])
 
 
 def _normalize_username(value: str) -> str:
-    return value.strip().lower()
+    normalized = value.strip().lower()
+    if "@" in normalized:
+        normalized = normalized.split("@", 1)[0]
+    return normalized
 
 
 def _is_recent_jellyfin_auth(last_auth_at: str) -> bool:
@@ -53,6 +57,22 @@ def _has_valid_jellyfin_cache(user: dict, password: str) -> bool:
         return False
     return _is_recent_jellyfin_auth(last_auth_at)
 
+def _extract_jellyseerr_user_id(response: dict) -> int | None:
+    if not isinstance(response, dict):
+        return None
+    candidate = response
+    if isinstance(response.get("user"), dict):
+        candidate = response.get("user")
+    for key in ("id", "userId", "Id"):
+        value = candidate.get(key) if isinstance(candidate, dict) else None
+        if value is None:
+            continue
+        try:
+            return int(value)
+        except (TypeError, ValueError):
+            continue
+    return None
+
 
 @router.post("/login")
 async def login(form_data: OAuth2PasswordRequestForm = Depends()) -> dict:
@@ -125,10 +145,19 @@ async def jellyseerr_login(form_data: OAuth2PasswordRequestForm = Depends()) ->
         raise HTTPException(status_code=status.HTTP_502_BAD_GATEWAY, detail=str(exc)) from exc
     if not isinstance(response, dict):
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid Jellyseerr credentials")
-    create_user_if_missing(form_data.username, "jellyseerr-user", role="user", auth_provider="jellyseerr")
+    jellyseerr_user_id = _extract_jellyseerr_user_id(response)
+    create_user_if_missing(
+        form_data.username,
+        "jellyseerr-user",
+        role="user",
+        auth_provider="jellyseerr",
+        jellyseerr_user_id=jellyseerr_user_id,
+    )
     user = get_user_by_username(form_data.username)
     if user and user.get("is_blocked"):
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="User is blocked")
+    if jellyseerr_user_id is not None:
+        set_user_jellyseerr_id(form_data.username, jellyseerr_user_id)
     token = create_access_token(form_data.username, "user")
     set_last_login(form_data.username)
     return {"access_token": token, "token_type": "bearer", "user": {"username": form_data.username, "role": "user"}}
@@ -143,7 +172,7 @@ async def me(current_user: dict = Depends(get_current_user)) -> dict:
 async def profile(current_user: dict = Depends(get_current_user)) -> dict:
     username = current_user.get("username") or ""
     username_norm = _normalize_username(username) if username else ""
-    stats = get_user_request_stats(username_norm)
+    stats = get_user_request_stats(username_norm, current_user.get("jellyseerr_user_id"))
     global_total = get_global_request_total()
     share = (stats.get("total", 0) / global_total) if global_total else 0
     activity_summary = get_user_activity_summary(username) if username else {}