fix: correct "Remove from *arr" button

This PR fixes the "Delete from *arr" button in the request list. It checks from the API whether the
*arr server corresponding to the request still exists before displaying the remove button, and fixes
a cache removal issue that could cause problems when deleting recently added media. This PR also
reverts #1476, which introduced problems during removal.

fix #1494

.all-contributorsrc

@@ -249,7 +249,8 @@
       "avatar_url": "https://avatars.githubusercontent.com/u/854646?v=4",
       "profile": "http://www.piribisoft.com",
       "contributions": [
-        "doc"
+        "doc",
+        "code"
       ]
     },
     {
@@ -711,6 +712,105 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "j0srisk",
+      "name": "Joseph Risk",
+      "avatar_url": "https://avatars.githubusercontent.com/u/18372584?v=4",
+      "profile": "http://josephrisk.com",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Loetwiek",
+      "name": "Loetwiek",
+      "avatar_url": "https://avatars.githubusercontent.com/u/79059734?v=4",
+      "profile": "https://github.com/Loetwiek",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Fuochi",
+      "name": "Fuochi",
+      "avatar_url": "https://avatars.githubusercontent.com/u/4720478?v=4",
+      "profile": "https://github.com/Fuochi",
+      "contributions": [
+        "doc"
+      ]
+    },
+    {
+      "login": "demrich",
+      "name": "David Emrich",
+      "avatar_url": "https://avatars.githubusercontent.com/u/30092389?v=4",
+      "profile": "https://github.com/demrich",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "maxnatamo",
+      "name": "Max T. Kristiansen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5898152?v=4",
+      "profile": "https://maxtrier.dk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "DamsDev1",
+      "name": "Damien Fajole",
+      "avatar_url": "https://avatars.githubusercontent.com/u/60252259?v=4",
+      "profile": "https://damsdev.me",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "AhmedNSidd",
+      "name": "Ahmed Siddiqui",
+      "avatar_url": "https://avatars.githubusercontent.com/u/36286128?v=4",
+      "profile": "https://github.com/AhmedNSidd",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "JackW6809",
+      "name": "JackOXI",
+      "avatar_url": "https://avatars.githubusercontent.com/u/53652452?v=4",
+      "profile": "https://github.com/JackW6809",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "StancuFlorin",
+      "name": "Stancu Florin",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1199404?v=4",
+      "profile": "http://indicus.ro",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "lmiklosko",
+      "name": "Lukas Miklosko",
+      "avatar_url": "https://avatars.githubusercontent.com/u/44380311?v=4",
+      "profile": "https://github.com/lmiklosko",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "gauthier-th",
+      "name": "Gauthier",
+      "avatar_url": "https://avatars.githubusercontent.com/u/37781713?v=4",
+      "profile": "https://gauthierth.fr/",
+      "contributions": [
+        "code"
+      ]
     }
   ]
 }

.github/workflows/ci.yml

@@ -98,6 +98,8 @@ jobs:
           push: true
           build-args: |
             COMMIT_TAG=${{ github.sha }}
+            BUILD_VERSION=develop
+            BUILD_DATE=${{ github.event.repository.updated_at }}
           outputs: |
             type=image,push-by-digest=true,name=fallenbagel/jellyseerr,push=true
             type=image,push-by-digest=true,name=ghcr.io/${{ env.OWNER_LC }}/jellyseerr,push=true

.github/workflows/cypress.yml

@@ -37,6 +37,7 @@ jobs:
           COMMIT_INFO_MESSAGE: ${{github.event.pull_request.title}}
           COMMIT_INFO_SHA: ${{github.event.pull_request.head.sha}}
       - name: Upload video files
+        if: always()
         uses: actions/upload-artifact@v4
         with:
           name: cypress-videos

.github/workflows/preview.yml

@@ -33,5 +33,7 @@ jobs:
           push: true
           build-args: |
             COMMIT_TAG=${{ github.sha }}
+            BUILD_VERSION=${{ steps.get_version.outputs.VERSION }}
+            BUILD_DATE=${{ github.event.repository.updated_at }}
           tags: |
             fallenbagel/jellyseerr:${{ steps.get_version.outputs.VERSION }}

CONTRIBUTING.md

@@ -58,12 +58,27 @@ All help is welcome and greatly appreciated! If you would like to contribute to
 
    - Be sure to follow both the [code](#contributing-code) and [UI text](#ui-text-style) guidelines.
    - Should you need to update your fork, you can do so by rebasing from `upstream`:
+
      ```bash
      git fetch upstream
      git rebase upstream/develop
      git push origin BRANCH_NAME -f
      ```
 
+### Helm Chart
+
+Tools Required:
+
+- [Helm](https://helm.sh/docs/intro/install/)
+- [helm-docs](https://github.com/norwoodj/helm-docs)
+
+Steps:
+
+1. Make the necessary changes.
+2. Test your changes.
+3. Update the `version` in `charts/jellyseerr-chart/Chart.yaml` following [Semantic Versioning (SemVer)](https://semver.org/).
+4. Run the `helm-docs` command to regenerate the chart's README.
+
 ### Contributing Code
 
 - If you are taking on an existing bug or feature ticket, please comment on the [issue](https://github.com/fallenbagel/jellyseerr/issues) to avoid multiple people working on the same thing.

Dockerfile

@@ -38,8 +38,17 @@ RUN echo "{\"commitTag\": \"${COMMIT_TAG}\"}" > committag.json
 
 FROM node:22-alpine
 
-# Metadata for Github Package Registry
-LABEL org.opencontainers.image.source="https://github.com/Fallenbagel/jellyseerr"
+# OCI Meta information
+ARG BUILD_DATE
+ARG BUILD_VERSION
+LABEL \
+    org.opencontainers.image.authors="Fallenbagel" \
+    org.opencontainers.image.source="https://github.com/fallenbagel/jellyseerr" \
+    org.opencontainers.image.created=${BUILD_DATE} \
+    org.opencontainers.image.version=${BUILD_VERSION} \
+    org.opencontainers.image.title="Jellyseerr" \
+    org.opencontainers.image.description="Open-source media request and discovery manager for Jellyfin, Plex, and Emby." \
+    org.opencontainers.image.licenses="MIT"
 
 WORKDIR /app
 

README.md

@@ -335,6 +335,8 @@ Thanks goes to these wonderful people from Overseerr ([emoji key](https://allcon
       <td align="center" valign="top" width="14.28%"><a href="https://github.com/AhmedNSidd"><img src="https://avatars.githubusercontent.com/u/36286128?v=4?s=100" width="100px;" alt="Ahmed Siddiqui"/><br /><sub><b>Ahmed Siddiqui</b></sub></a><br /><a href="https://github.com/sct/overseerr/commits?author=AhmedNSidd" title="Code">💻</a></td>
       <td align="center" valign="top" width="14.28%"><a href="https://github.com/JackW6809"><img src="https://avatars.githubusercontent.com/u/53652452?v=4?s=100" width="100px;" alt="JackOXI"/><br /><sub><b>JackOXI</b></sub></a><br /><a href="https://github.com/sct/overseerr/commits?author=JackW6809" title="Code">💻</a></td>
       <td align="center" valign="top" width="14.28%"><a href="http://indicus.ro"><img src="https://avatars.githubusercontent.com/u/1199404?v=4?s=100" width="100px;" alt="Stancu Florin"/><br /><sub><b>Stancu Florin</b></sub></a><br /><a href="https://github.com/sct/overseerr/commits?author=StancuFlorin" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/lmiklosko"><img src="https://avatars.githubusercontent.com/u/44380311?v=4?s=100" width="100px;" alt="Lukas Miklosko"/><br /><sub><b>Lukas Miklosko</b></sub></a><br /><a href="https://github.com/sct/overseerr/commits?author=lmiklosko" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://gauthierth.fr/"><img src="https://avatars.githubusercontent.com/u/37781713?v=4?s=100" width="100px;" alt="Gauthier"/><br /><sub><b>Gauthier</b></sub></a><br /><a href="https://github.com/sct/overseerr/commits?author=gauthier-th" title="Code">💻</a></td>
     </tr>
   </tbody>
 </table>

charts/jellyseerr-chart/Chart.yaml

@@ -3,8 +3,8 @@ kubeVersion: ">=1.23.0-0"
 name: jellyseerr-chart
 description: Jellyseerr helm chart for Kubernetes
 type: application
-version: 2.1.1
-appVersion: "2.3.0"
+version: 2.3.2
+appVersion: "2.5.1"
 maintainers:
   - name: Jellyseerr
     url: https://github.com/Fallenbagel/jellyseerr

charts/jellyseerr-chart/README.md

@@ -1,6 +1,6 @@
 # jellyseerr-chart
 
-![Version: 2.1.1](https://img.shields.io/badge/Version-2.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.3.0](https://img.shields.io/badge/AppVersion-2.3.0-informational?style=flat-square)
+![Version: 2.3.2](https://img.shields.io/badge/Version-2.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.5.1](https://img.shields.io/badge/AppVersion-2.5.1-informational?style=flat-square)
 
 Jellyseerr helm chart for Kubernetes
 

charts/jellyseerr-chart/templates/persistentvolumeclaim.yaml

@@ -4,6 +4,10 @@ metadata:
   name: {{ include "jellyseerr.configPersistenceName" . }}
   labels:
     {{- include "jellyseerr.labels" . | nindent 4 }}
+  {{- with .Values.config.persistence.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   {{- with .Values.config.persistence.accessModes }}
   accessModes:

docs/getting-started/buildfromsource.mdx

@@ -255,7 +255,8 @@ To run jellyseerr as a service:
 1. Download the [Non-Sucking Service Manager](https://nssm.cc/download)
 2. Install NSSM:
 ```powershell
-nssm install Jellyseerr "C:\Program Files\nodejs\node.exe" ["C:\jellyseerr\dist\index.js"]
+nssm install Jellyseerr "C:\Program Files\nodejs\node.exe" "C:\jellyseerr\dist\index.js"
+nssm set Jellyseerr AppDirectory "C:\jellyseerr"
 nssm set Jellyseerr AppEnvironmentExtra NODE_ENV=production
 ```
 3. Start the service:

docs/getting-started/docker.mdx

@@ -37,7 +37,7 @@ docker run -d \
   -p 5055:5055 \
   -v /path/to/appdata/config:/app/config \
   --restart unless-stopped \
-  fallenbagel/jellyseerr
+  ghcr.io/fallenbagel/jellyseerr
 ```
 :::tip
 If you are using emby, make sure to set the `JELLYFIN_TYPE` environment variable to `emby`.
@@ -55,7 +55,7 @@ docker stop jellyseerr && docker rm Jellyseerr
 ```
 Pull the latest image:
 ```bash
-docker pull fallenbagel/jellyseerr
+docker pull ghcr.io/fallenbagel/jellyseerr
 ```
 Finally, run the container with the same parameters originally used to create the container:
 ```bash
@@ -78,7 +78,7 @@ Define the `jellyseerr` service in your `compose.yaml` as follows:
 ---
 services:
   jellyseerr:
-    image: fallenbagel/jellyseerr:latest
+    image: ghcr.io/fallenbagel/jellyseerr:latest
     container_name: jellyseerr
     environment:
       - LOG_LEVEL=debug
@@ -146,7 +146,7 @@ Then, create and start the Jellyseerr container:
 <Tabs groupId="docker-methods" queryString>
   <TabItem value="docker-cli" label="Docker CLI">
 ```bash
-docker run -d --name jellyseerr -e LOG_LEVEL=debug -e TZ=Asia/Tashkent -p 5055:5055 -v "jellyseerr-data:/app/config" --restart unless-stopped fallenbagel/jellyseerr:latest
+docker run -d --name jellyseerr -e LOG_LEVEL=debug -e TZ=Asia/Tashkent -p 5055:5055 -v "jellyseerr-data:/app/config" --restart unless-stopped ghcr.io/fallenbagel/jellyseerr:latest
 ```
 
 #### Updating:

docs/troubleshooting.mdx

@@ -24,6 +24,12 @@ or for Cloudflare's DNS:
 ```bash
 --dns=1.1.1.1
 ```
+or for Quad9 DNS:
+```bash
+--dns=9.9.9.9
+```
+
+You can try them all and see which one works for your network.
 
   </TabItem>
 
@@ -45,6 +51,16 @@ services:
     dns:
       - 1.1.1.1
 ```
+or for Quad9's DNS:
+```yaml
+---
+services:
+  jellyseerr:
+    dns:
+      - 9.9.9.9
+```
+
+You can try them all and see which one works for your network.
 
   </TabItem>
 
@@ -56,7 +72,7 @@ services:
 4. Click on Change adapter settings.
 5. Right-click the network interface connected to the internet and select Properties.
 6. Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
-7. Select Use the following DNS server addresses and enter `8.8.8.8` for Google's DNS or `1.1.1.1` for Cloudflare's DNS.
+7. Select Use the following DNS server addresses and enter `8.8.8.8` for Google's DNS or `1.1.1.1` for Cloudflare's DNS or `9.9.9.9` for Quad9's DNS.
 
   </TabItem>
 
@@ -73,6 +89,10 @@ services:
     ```bash
     nameserver 1.1.1.1
     ```
+    or for Quad9's DNS:
+    ```bash
+    nameserver 9.9.9.9
+    ```
 
   </TabItem>
 </Tabs>
@@ -81,7 +101,7 @@ services:
 
 Sometimes there are configuration issues with IPV6 that prevent the hostname resolution from working correctly.
 
-You can try to force the resolution to use IPV4 first by setting the `FORCE_IPV4_FIRST` environment variable to `true`:
+You can try to force the resolution to use IPV4 first by going to `Settings > Networking > Advanced Networking` and enabling `Force IPv4 Resolution First` setting and restarting. You can also add the environment variable, `FORCE_IPV4_FIRST=true`:
 
 <Tabs groupId="methods" queryString>
   <TabItem value="docker-cli" label="Docker CLI">

jellyseerr-api.yml

@@ -3965,6 +3965,8 @@ paths:
                   type: string
                 p256dh:
                   type: string
+                userAgent:
+                  type: string
               required:
                 - endpoint
                 - auth
@@ -3972,6 +3974,88 @@ paths:
       responses:
         '204':
           description: Successfully registered push subscription
+  /user/{userId}/pushSubscriptions:
+    get:
+      summary: Get all web push notification settings for a user
+      description: |
+        Returns all web push notification settings for a user in a JSON object.
+      tags:
+        - users
+      parameters:
+        - in: path
+          name: userId
+          required: true
+          schema:
+            type: number
+      responses:
+        '200':
+          description: User web push notification settings in JSON
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  endpoint:
+                    type: string
+                  p256dh:
+                    type: string
+                  auth:
+                    type: string
+                  userAgent:
+                    type: string
+  /user/{userId}/pushSubscription/{key}:
+    get:
+      summary: Get web push notification settings for a user
+      description: |
+        Returns web push notification settings for a user in a JSON object.
+      tags:
+        - users
+      parameters:
+        - in: path
+          name: userId
+          required: true
+          schema:
+            type: number
+        - in: path
+          name: key
+          required: true
+          schema:
+            type: string
+      responses:
+        '200':
+          description: User web push notification settings in JSON
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  endpoint:
+                    type: string
+                  p256dh:
+                    type: string
+                  auth:
+                    type: string
+                  userAgent:
+                    type: string
+    delete:
+      summary: Delete user push subscription by key
+      description: Deletes the user push subscription with the provided key.
+      tags:
+        - users
+      parameters:
+        - in: path
+          name: userId
+          required: true
+          schema:
+            type: number
+        - in: path
+          name: key
+          required: true
+          schema:
+            type: string
+      responses:
+        '204':
+          description: Successfully removed user push subscription
   /user/{userId}:
     get:
       summary: Get user by ID

package.json

@@ -32,6 +32,7 @@
   },
   "license": "MIT",
   "dependencies": {
+    "@dr.pogodin/csurf": "^1.14.1",
     "@formatjs/intl-displaynames": "6.2.6",
     "@formatjs/intl-locale": "3.1.1",
     "@formatjs/intl-pluralrules": "5.1.10",
@@ -43,6 +44,7 @@
     "@svgr/webpack": "6.5.1",
     "@tanem/react-nprogress": "5.0.30",
     "@types/wink-jaro-distance": "^2.0.2",
+    "@types/ua-parser-js": "^0.7.36",
     "ace-builds": "1.15.2",
     "bcrypt": "5.1.0",
     "bowser": "2.11.0",
@@ -51,7 +53,6 @@
     "copy-to-clipboard": "3.3.3",
     "country-flag-icons": "1.5.5",
     "cronstrue": "2.23.0",
-    "csrf-csrf": "^3.1.0",
     "date-fns": "2.29.3",
     "dayjs": "1.11.7",
     "email-templates": "12.0.1",
@@ -64,7 +65,7 @@
     "gravatar-url": "3.1.0",
     "lodash": "4.17.21",
     "mime": "3",
-    "next": "^14.2.24",
+    "next": "^14.2.25",
     "node-cache": "5.1.2",
     "node-gyp": "9.3.1",
     "node-schedule": "2.1.1",
@@ -99,6 +100,7 @@
     "tailwind-merge": "^2.6.0",
     "typeorm": "0.3.11",
     "undici": "^7.3.0",
+    "ua-parser-js": "^1.0.35",
     "web-push": "3.5.0",
     "wink-jaro-distance": "^2.0.0",
     "winston": "3.8.2",

pnpm-lock.yaml

@@ -8,6 +8,9 @@ importers:
 
   .:
     dependencies:
+      '@dr.pogodin/csurf':
+        specifier: ^1.14.1
+        version: 1.14.1
       '@formatjs/intl-displaynames':
         specifier: 6.2.6
         version: 6.2.6
@@ -38,6 +41,9 @@ importers:
       '@tanem/react-nprogress':
         specifier: 5.0.30
         version: 5.0.30(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
+      '@types/ua-parser-js':
+        specifier: ^0.7.36
+        version: 0.7.39
       '@types/wink-jaro-distance':
         specifier: ^2.0.2
         version: 2.0.2
@@ -65,9 +71,6 @@ importers:
       cronstrue:
         specifier: 2.23.0
         version: 2.23.0
-      csrf-csrf:
-        specifier: ^3.1.0
-        version: 3.1.0
       date-fns:
         specifier: 2.29.3
         version: 2.29.3
@@ -105,8 +108,8 @@ importers:
         specifier: '3'
         version: 3.0.0
       next:
-        specifier: ^14.2.24
-        version: 14.2.24(@babel/core@7.24.7)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
+        specifier: ^14.2.25
+        version: 14.2.25(@babel/core@7.24.7)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)
       node-cache:
         specifier: 5.1.2
         version: 5.1.2
@@ -206,6 +209,9 @@ importers:
       typeorm:
         specifier: 0.3.11
         version: 0.3.11(pg@8.11.0)(sqlite3@5.1.7)(ts-node@10.9.1(@swc/core@1.6.5(@swc/helpers@0.5.11))(@types/node@22.10.5)(typescript@4.9.5))
+      ua-parser-js:
+        specifier: ^1.0.35
+        version: 1.0.40
       undici:
         specifier: ^7.3.0
         version: 7.3.0
@@ -1549,6 +1555,10 @@ packages:
   '@dabh/diagnostics@2.0.3':
     resolution: {integrity: sha512-hrlQOIi7hAfzsMqlGSFyVucrx38O+j6wiGOf//H2ecvIEqYN4ADBSS2iLMh5UFyDunCNniUIPk/q3riFv45xRA==}
 
+  '@dr.pogodin/csurf@1.14.1':
+    resolution: {integrity: sha512-ijqJsKSDlepDYbprkEEcqbiYero2y4DeL4X5ivnkbKonliLtH8SfHCEtdUwoRZLPTUy2WeFPHI+gveU+Z8ZxLA==}
+    engines: {node: '>= 18'}
+
   '@emnapi/runtime@1.2.0':
     resolution: {integrity: sha512-bV21/9LQmcQeCPEg3BDFtvwL6cwiTMksYNWQQ4KOxCZikEGalWtenoZ0wCiukJINlGCIi2KXx01g4FoH/LxpzQ==}
 
@@ -2129,62 +2139,62 @@ packages:
   '@messageformat/runtime@3.0.1':
     resolution: {integrity: sha512-6RU5ol2lDtO8bD9Yxe6CZkl0DArdv0qkuoZC+ZwowU+cdRlVE1157wjCmlA5Rsf1Xc/brACnsZa5PZpEDfTFFg==}
 
-  '@next/env@14.2.24':
-    resolution: {integrity: sha512-LAm0Is2KHTNT6IT16lxT+suD0u+VVfYNQqM+EJTKuFRRuY2z+zj01kueWXPCxbMBDt0B5vONYzabHGUNbZYAhA==}
+  '@next/env@14.2.25':
+    resolution: {integrity: sha512-JnzQ2cExDeG7FxJwqAksZ3aqVJrHjFwZQAEJ9gQZSoEhIow7SNoKZzju/AwQ+PLIR4NY8V0rhcVozx/2izDO0w==}
 
   '@next/eslint-plugin-next@14.2.4':
     resolution: {integrity: sha512-svSFxW9f3xDaZA3idQmlFw7SusOuWTpDTAeBlO3AEPDltrraV+lqs7mAc6A27YdnpQVVIA3sODqUAAHdWhVWsA==}
 
-  '@next/swc-darwin-arm64@14.2.24':
-    resolution: {integrity: sha512-7Tdi13aojnAZGpapVU6meVSpNzgrFwZ8joDcNS8cJVNuP3zqqrLqeory9Xec5TJZR/stsGJdfwo8KeyloT3+rQ==}
+  '@next/swc-darwin-arm64@14.2.25':
+    resolution: {integrity: sha512-09clWInF1YRd6le00vt750s3m7SEYNehz9C4PUcSu3bAdCTpjIV4aTYQZ25Ehrr83VR1rZeqtKUPWSI7GfuKZQ==}
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [darwin]
 
-  '@next/swc-darwin-x64@14.2.24':
-    resolution: {integrity: sha512-lXR2WQqUtu69l5JMdTwSvQUkdqAhEWOqJEYUQ21QczQsAlNOW2kWZCucA6b3EXmPbcvmHB1kSZDua/713d52xg==}
+  '@next/swc-darwin-x64@14.2.25':
+    resolution: {integrity: sha512-V+iYM/QR+aYeJl3/FWWU/7Ix4b07ovsQ5IbkwgUK29pTHmq+5UxeDr7/dphvtXEq5pLB/PucfcBNh9KZ8vWbug==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [darwin]
 
-  '@next/swc-linux-arm64-gnu@14.2.24':
-    resolution: {integrity: sha512-nxvJgWOpSNmzidYvvGDfXwxkijb6hL9+cjZx1PVG6urr2h2jUqBALkKjT7kpfurRWicK6hFOvarmaWsINT1hnA==}
+  '@next/swc-linux-arm64-gnu@14.2.25':
+    resolution: {integrity: sha512-LFnV2899PJZAIEHQ4IMmZIgL0FBieh5keMnriMY1cK7ompR+JUd24xeTtKkcaw8QmxmEdhoE5Mu9dPSuDBgtTg==}
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [linux]
 
-  '@next/swc-linux-arm64-musl@14.2.24':
-    resolution: {integrity: sha512-PaBgOPhqa4Abxa3y/P92F3kklNPsiFjcjldQGT7kFmiY5nuFn8ClBEoX8GIpqU1ODP2y8P6hio6vTomx2Vy0UQ==}
+  '@next/swc-linux-arm64-musl@14.2.25':
+    resolution: {integrity: sha512-QC5y5PPTmtqFExcKWKYgUNkHeHE/z3lUsu83di488nyP0ZzQ3Yse2G6TCxz6nNsQwgAx1BehAJTZez+UQxzLfw==}
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [linux]
 
-  '@next/swc-linux-x64-gnu@14.2.24':
-    resolution: {integrity: sha512-vEbyadiRI7GOr94hd2AB15LFVgcJZQWu7Cdi9cWjCMeCiUsHWA0U5BkGPuoYRnTxTn0HacuMb9NeAmStfBCLoQ==}
+  '@next/swc-linux-x64-gnu@14.2.25':
+    resolution: {integrity: sha512-y6/ML4b9eQ2D/56wqatTJN5/JR8/xdObU2Fb1RBidnrr450HLCKr6IJZbPqbv7NXmje61UyxjF5kvSajvjye5w==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [linux]
 
-  '@next/swc-linux-x64-musl@14.2.24':
-    resolution: {integrity: sha512-df0FC9ptaYsd8nQCINCzFtDWtko8PNRTAU0/+d7hy47E0oC17tI54U/0NdGk7l/76jz1J377dvRjmt6IUdkpzQ==}
+  '@next/swc-linux-x64-musl@14.2.25':
+    resolution: {integrity: sha512-sPX0TSXHGUOZFvv96GoBXpB3w4emMqKeMgemrSxI7A6l55VBJp/RKYLwZIB9JxSqYPApqiREaIIap+wWq0RU8w==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [linux]
 
-  '@next/swc-win32-arm64-msvc@14.2.24':
-    resolution: {integrity: sha512-ZEntbLjeYAJ286eAqbxpZHhDFYpYjArotQ+/TW9j7UROh0DUmX7wYDGtsTPpfCV8V+UoqHBPU7q9D4nDNH014Q==}
+  '@next/swc-win32-arm64-msvc@14.2.25':
+    resolution: {integrity: sha512-ReO9S5hkA1DU2cFCsGoOEp7WJkhFzNbU/3VUF6XxNGUCQChyug6hZdYL/istQgfT/GWE6PNIg9cm784OI4ddxQ==}
     engines: {node: '>= 10'}
     cpu: [arm64]
     os: [win32]
 
-  '@next/swc-win32-ia32-msvc@14.2.24':
-    resolution: {integrity: sha512-9KuS+XUXM3T6v7leeWU0erpJ6NsFIwiTFD5nzNg8J5uo/DMIPvCp3L1Ao5HjbHX0gkWPB1VrKoo/Il4F0cGK2Q==}
+  '@next/swc-win32-ia32-msvc@14.2.25':
+    resolution: {integrity: sha512-DZ/gc0o9neuCDyD5IumyTGHVun2dCox5TfPQI/BJTYwpSNYM3CZDI4i6TOdjeq1JMo+Ug4kPSMuZdwsycwFbAw==}
     engines: {node: '>= 10'}
     cpu: [ia32]
     os: [win32]
 
-  '@next/swc-win32-x64-msvc@14.2.24':
-    resolution: {integrity: sha512-cXcJ2+x0fXQ2CntaE00d7uUH+u1Bfp/E0HsNQH79YiLaZE5Rbm7dZzyAYccn3uICM7mw+DxoMqEfGXZtF4Fgaw==}
+  '@next/swc-win32-x64-msvc@14.2.25':
+    resolution: {integrity: sha512-KSznmS6eFjQ9RJ1nEc66kJvtGIL1iZMYmGEXsZPh2YtnLtqrgdVvKXJY2ScjjoFnG6nGLyPFR0UiEvDwVah4Tw==}
     engines: {node: '>= 10'}
     cpu: [x64]
     os: [win32]
@@ -3408,6 +3418,9 @@ packages:
   '@types/triple-beam@1.3.5':
     resolution: {integrity: sha512-6WaYesThRMCl19iryMYP7/x2OVgCtbIVflDGFpWnb9irXI3UjYE4AzmYuiUKY1AJstGijoY+MgUszMgRxIYTYw==}
 
+  '@types/ua-parser-js@0.7.39':
+    resolution: {integrity: sha512-P/oDfpofrdtF5xw433SPALpdSchtJmY7nsJItf8h3KXqOslkbySh8zq4dSWXH2oTjRvJ5PczVEoCZPow6GicLg==}
+
   '@types/unist@2.0.10':
     resolution: {integrity: sha512-IfYcSBWE3hLpBg8+X2SEa8LVkJdJEkT2Ese2aaLs3ptGdVtABxndrMaxuFlQ1qdFf9Q5rDvDpxI3WwgvKFAsQA==}
 
@@ -4405,6 +4418,10 @@ packages:
   cookie-signature@1.0.6:
     resolution: {integrity: sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==}
 
+  cookie-signature@1.2.2:
+    resolution: {integrity: sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg==}
+    engines: {node: '>=6.6.0'}
+
   cookie@0.4.2:
     resolution: {integrity: sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==}
     engines: {node: '>= 0.6'}
@@ -4417,6 +4434,10 @@ packages:
     resolution: {integrity: sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==}
     engines: {node: '>= 0.6'}
 
+  cookie@1.0.2:
+    resolution: {integrity: sha512-9Kr/j4O16ISv8zBBhJoi4bXOYNTkFLOqSL3UDB0njXxCXNezjeyVrJyGOWtgfs/q2km1gwBcfH8q1yEGoMYunA==}
+    engines: {node: '>=18'}
+
   copy-to-clipboard@3.3.3:
     resolution: {integrity: sha512-2KV8NhB5JqC3ky0r9PMCAZKbUHSwtEo4CwCs0KXgruG43gX5PMqDEBbVU4OUzw2MuAWUfsuFmWvEKG5QRfSnJA==}
 
@@ -4509,9 +4530,6 @@ packages:
     resolution: {integrity: sha512-v1plID3y9r/lPhviJ1wrXpLeyUIGAZ2SHNYTEapm7/8A9nLPoyvVp3RK/EPFqn5kEznyWgYZNsRtYYIWbuG8KA==}
     engines: {node: '>=8'}
 
-  csrf-csrf@3.1.0:
-    resolution: {integrity: sha512-kZacFfFbdYFxNnFdigRHCzVAq019vJyUUtgPLjCtzh6jMXcWmf8bGUx/hsqtSEMXaNcPm8iXpjC+hW5aeOsRMg==}
-
   css-select@4.3.0:
     resolution: {integrity: sha512-wPpOYtnsVontu2mODhA19JrqWxNsfdatRKd64kmpRbQgh1KtItko5sTnEpPdpSaJszTOhEMlF/RPz28qj4HqhQ==}
 
@@ -7008,8 +7026,8 @@ packages:
   nerf-dart@1.0.0:
     resolution: {integrity: sha512-EZSPZB70jiVsivaBLYDCyntd5eH8NTSMOn3rB+HxwdmKThGELLdYv8qVIMWvZEFy9w8ZZpW9h9OB32l1rGtj7g==}
 
-  next@14.2.24:
-    resolution: {integrity: sha512-En8VEexSJ0Py2FfVnRRh8gtERwDRaJGNvsvad47ShkC2Yi8AXQPXEA2vKoDJlGFSj5WE5SyF21zNi4M5gyi+SQ==}
+  next@14.2.25:
+    resolution: {integrity: sha512-N5M7xMc4wSb4IkPvEV5X2BRRXUmhVHNyaXwEM86+voXthSZz8ZiRyQW4p9mwAoAPIm6OzuVZtn7idgEJeAJN3Q==}
     engines: {node: '>=18.17.0'}
     hasBin: true
     peerDependencies:
@@ -8317,6 +8335,9 @@ packages:
     deprecated: Rimraf versions prior to v4 are no longer supported
     hasBin: true
 
+  rndm@1.2.0:
+    resolution: {integrity: sha512-fJhQQI5tLrQvYIYFpOnFinzv9dwmR7hRnUz1XqP3OJ1jIweTNOd6aTO4jwQSgcBSFUB+/KHJxuGneime+FdzOw==}
+
   run-applescript@3.2.0:
     resolution: {integrity: sha512-Ep0RsvAjnRcBX1p5vogbaBdAGu/8j/ewpvGqnQYunnLd9SM0vWcPJewPKNnWFggf0hF0pwIgwV5XK7qQ7UZ8Qg==}
     engines: {node: '>=4'}
@@ -9064,6 +9085,10 @@ packages:
   tslib@2.8.1:
     resolution: {integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==}
 
+  tsscmp@1.0.6:
+    resolution: {integrity: sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA==}
+    engines: {node: '>=0.6.x'}
+
   tsutils@3.21.0:
     resolution: {integrity: sha512-mHKK3iUXL+3UF6xL5k0PEhKRUBKPBCv/+RkEOpjRWxxx27KKRBmmA60A9pgOUvMi8GKhRMPEmjBRPzs2W7O1OA==}
     engines: {node: '>= 6'}
@@ -9207,6 +9232,10 @@ packages:
     engines: {node: '>=14.17'}
     hasBin: true
 
+  ua-parser-js@1.0.40:
+    resolution: {integrity: sha512-z6PJ8Lml+v3ichVojCiB8toQJBuwR42ySM4ezjXIqXK3M0HczmKQ3LF4rhU55PfD99KEEXQG6yb7iOMyvYuHew==}
+    hasBin: true
+
   uc.micro@2.1.0:
     resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==}
 
@@ -11290,6 +11319,15 @@ snapshots:
       enabled: 2.0.0
       kuler: 2.0.0
 
+  '@dr.pogodin/csurf@1.14.1':
+    dependencies:
+      cookie: 1.0.2
+      cookie-signature: 1.2.2
+      http-errors: 2.0.0
+      rndm: 1.2.0
+      tsscmp: 1.0.6
+      uid-safe: 2.1.5
+
   '@emnapi/runtime@1.2.0':
     dependencies:
       tslib: 2.6.3
@@ -11835,37 +11873,37 @@ snapshots:
     dependencies:
       make-plural: 7.4.0
 
-  '@next/env@14.2.24': {}
+  '@next/env@14.2.25': {}
 
   '@next/eslint-plugin-next@14.2.4':
     dependencies:
       glob: 10.3.10
 
-  '@next/swc-darwin-arm64@14.2.24':
+  '@next/swc-darwin-arm64@14.2.25':
     optional: true
 
-  '@next/swc-darwin-x64@14.2.24':
+  '@next/swc-darwin-x64@14.2.25':
     optional: true
 
-  '@next/swc-linux-arm64-gnu@14.2.24':
+  '@next/swc-linux-arm64-gnu@14.2.25':
     optional: true
 
-  '@next/swc-linux-arm64-musl@14.2.24':
+  '@next/swc-linux-arm64-musl@14.2.25':
     optional: true
 
-  '@next/swc-linux-x64-gnu@14.2.24':
+  '@next/swc-linux-x64-gnu@14.2.25':
     optional: true
 
-  '@next/swc-linux-x64-musl@14.2.24':
+  '@next/swc-linux-x64-musl@14.2.25':
     optional: true
 
-  '@next/swc-win32-arm64-msvc@14.2.24':
+  '@next/swc-win32-arm64-msvc@14.2.25':
     optional: true
 
-  '@next/swc-win32-ia32-msvc@14.2.24':
+  '@next/swc-win32-ia32-msvc@14.2.25':
     optional: true
 
-  '@next/swc-win32-x64-msvc@14.2.24':
+  '@next/swc-win32-x64-msvc@14.2.25':
     optional: true
 
   '@nodelib/fs.scandir@2.1.5':
@@ -13481,7 +13519,7 @@ snapshots:
   '@swc/helpers@0.5.5':
     dependencies:
       '@swc/counter': 0.1.3
-      tslib: 2.6.3
+      tslib: 2.8.1
 
   '@swc/types@0.1.17':
     dependencies:
@@ -13753,6 +13791,8 @@ snapshots:
 
   '@types/triple-beam@1.3.5': {}
 
+  '@types/ua-parser-js@0.7.39': {}
+
   '@types/unist@2.0.10': {}
 
   '@types/web-push@3.3.2':
@@ -14928,12 +14968,16 @@ snapshots:
 
   cookie-signature@1.0.6: {}
 
+  cookie-signature@1.2.2: {}
+
   cookie@0.4.2: {}
 
   cookie@0.7.1: {}
 
   cookie@0.7.2: {}
 
+  cookie@1.0.2: {}
+
   copy-to-clipboard@3.3.3:
     dependencies:
       toggle-selection: 1.0.6
@@ -15044,10 +15088,6 @@ snapshots:
 
   crypto-random-string@2.0.0: {}
 
-  csrf-csrf@3.1.0:
-    dependencies:
-      http-errors: 2.0.0
-
   css-select@4.3.0:
     dependencies:
       boolbase: 1.0.0
@@ -18264,27 +18304,27 @@ snapshots:
 
   nerf-dart@1.0.0: {}
 
-  next@14.2.24(@babel/core@7.24.7)(react-dom@18.3.1(react@18.3.1))(react@18.3.1):
+  next@14.2.25(@babel/core@7.24.7)(react-dom@18.3.1(react@18.3.1))(react@18.3.1):
     dependencies:
-      '@next/env': 14.2.24
+      '@next/env': 14.2.25
       '@swc/helpers': 0.5.5
       busboy: 1.6.0
-      caniuse-lite: 1.0.30001636
+      caniuse-lite: 1.0.30001700
       graceful-fs: 4.2.11
       postcss: 8.4.31
       react: 18.3.1
       react-dom: 18.3.1(react@18.3.1)
       styled-jsx: 5.1.1(@babel/core@7.24.7)(react@18.3.1)
     optionalDependencies:
-      '@next/swc-darwin-arm64': 14.2.24
-      '@next/swc-darwin-x64': 14.2.24
-      '@next/swc-linux-arm64-gnu': 14.2.24
-      '@next/swc-linux-arm64-musl': 14.2.24
-      '@next/swc-linux-x64-gnu': 14.2.24
-      '@next/swc-linux-x64-musl': 14.2.24
-      '@next/swc-win32-arm64-msvc': 14.2.24
-      '@next/swc-win32-ia32-msvc': 14.2.24
-      '@next/swc-win32-x64-msvc': 14.2.24
+      '@next/swc-darwin-arm64': 14.2.25
+      '@next/swc-darwin-x64': 14.2.25
+      '@next/swc-linux-arm64-gnu': 14.2.25
+      '@next/swc-linux-arm64-musl': 14.2.25
+      '@next/swc-linux-x64-gnu': 14.2.25
+      '@next/swc-linux-x64-musl': 14.2.25
+      '@next/swc-win32-arm64-msvc': 14.2.25
+      '@next/swc-win32-ia32-msvc': 14.2.25
+      '@next/swc-win32-x64-msvc': 14.2.25
     transitivePeerDependencies:
       - '@babel/core'
       - babel-plugin-macros
@@ -19665,6 +19705,8 @@ snapshots:
     dependencies:
       glob: 7.2.3
 
+  rndm@1.2.0: {}
+
   run-applescript@3.2.0:
     dependencies:
       execa: 0.10.0
@@ -20534,6 +20576,8 @@ snapshots:
 
   tslib@2.8.1: {}
 
+  tsscmp@1.0.6: {}
+
   tsutils@3.21.0(typescript@4.9.5):
     dependencies:
       tslib: 1.14.1
@@ -20643,6 +20687,8 @@ snapshots:
 
   typescript@5.5.2: {}
 
+  ua-parser-js@1.0.40: {}
+
   uc.micro@2.1.0:
     optional: true
 

server/api/externalapi.ts

@@ -289,7 +289,7 @@ class ExternalAPI {
     return data;
   }
 
-  protected removeCache(endpoint: string, options?: Record<string, string>) {
+  protected removeCache(endpoint: string, options?: Record<string, unknown>) {
     const cacheKey = this.serializeCacheKey(endpoint, {
       ...this.params,
       ...options,

server/api/jellyfin.ts

@@ -110,11 +110,18 @@ class JellyfinAPI extends ExternalAPI {
     deviceId?: string | null
   ) {
     const settings = getSettings();
+    const safeDeviceId =
+      deviceId && deviceId.length > 0
+        ? deviceId
+        : Buffer.from(`BOT_jellyseerr_fallback_${Date.now()}`).toString(
+            'base64'
+          );
+
     let authHeaderVal: string;
     if (authToken) {
-      authHeaderVal = `MediaBrowser Client="Jellyseerr", Device="Jellyseerr", DeviceId="${deviceId}", Version="${getAppVersion()}", Token="${authToken}"`;
+      authHeaderVal = `MediaBrowser Client="Jellyseerr", Device="Jellyseerr", DeviceId="${safeDeviceId}", Version="${getAppVersion()}", Token="${authToken}"`;
     } else {
-      authHeaderVal = `MediaBrowser Client="Jellyseerr", Device="Jellyseerr", DeviceId="${deviceId}", Version="${getAppVersion()}"`;
+      authHeaderVal = `MediaBrowser Client="Jellyseerr", Device="Jellyseerr", DeviceId="${safeDeviceId}", Version="${getAppVersion()}"`;
     }
 
     super(

server/api/servarr/radarr.ts

@@ -28,6 +28,7 @@ export interface RadarrMovie {
   qualityProfileId: number;
   added: string;
   hasFile: boolean;
+  tags: number[];
 }
 
 class RadarrAPI extends ServarrBase<{ movieId: number }> {
@@ -104,7 +105,7 @@ class RadarrAPI extends ServarrBase<{ movieId: number }> {
           minimumAvailability: options.minimumAvailability,
           tmdbId: options.tmdbId,
           year: options.year,
-          tags: options.tags,
+          tags: Array.from(new Set([...movie.tags, ...options.tags])),
           rootFolderPath: options.rootFolderPath,
           monitored: options.monitored,
           addOptions: {
@@ -241,10 +242,13 @@ class RadarrAPI extends ServarrBase<{ movieId: number }> {
     if (tmdbId) {
       this.removeCache('/movie/lookup', {
         term: `tmdb:${tmdbId}`,
+        headers: this.defaultHeaders,
       });
     }
     if (externalId) {
-      this.removeCache(`/movie/${externalId}`);
+      this.removeCache(`/movie/${externalId}`, {
+        headers: this.defaultHeaders,
+      });
     }
   };
 }

server/api/servarr/sonarr.ts

@@ -184,7 +184,9 @@ class SonarrAPI extends ServarrBase<{
       // If the series already exists, we will simply just update it
       if (series.id) {
         series.monitored = options.monitored ?? series.monitored;
-        series.tags = options.tags ?? series.tags;
+        series.tags = options.tags
+          ? Array.from(new Set([...series.tags, ...options.tags]))
+          : series.tags;
         series.seasons = this.buildSeasonList(options.seasons, series.seasons);
 
         const newSeriesData = await this.put<SonarrSeries>(
@@ -366,14 +368,18 @@ class SonarrAPI extends ServarrBase<{
     if (tvdbId) {
       this.removeCache('/series/lookup', {
         term: `tvdb:${tvdbId}`,
+        headers: this.defaultHeaders,
       });
     }
     if (externalId) {
-      this.removeCache(`/series/${externalId}`);
+      this.removeCache(`/series/${externalId}`, {
+        headers: this.defaultHeaders,
+      });
     }
     if (title) {
       this.removeCache('/series/lookup', {
         term: title,
+        headers: this.defaultHeaders,
       });
     }
   };

server/entity/MediaRequest.ts

@@ -999,7 +999,7 @@ export class MediaRequest {
                 radarrMovie.id,
               [this.is4k ? 'externalServiceSlug4k' : 'externalServiceSlug']:
                 radarrMovie.titleSlug,
-              [this.is4k ? 'serviceId4k' : 'serviceId']: radarrMovie?.id,
+              [this.is4k ? 'serviceId4k' : 'serviceId']: radarrSettings?.id,
             };
 
             await mediaRepository.update({ id: this.media.id }, updateFields);

server/entity/User.ts

@@ -98,6 +98,12 @@ export class User {
   @Column()
   public avatar: string;
 
+  @Column({ type: 'varchar', nullable: true })
+  public avatarETag?: string | null;
+
+  @Column({ type: 'varchar', nullable: true })
+  public avatarVersion?: string | null;
+
   @RelationCount((user: User) => user.requests)
   public requestCount: number;
 

server/entity/UserPushSubscription.ts

@@ -1,4 +1,10 @@
-import { Column, Entity, ManyToOne, PrimaryGeneratedColumn } from 'typeorm';
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  ManyToOne,
+  PrimaryGeneratedColumn,
+} from 'typeorm';
 import { User } from './User';
 
 @Entity()
@@ -18,9 +24,15 @@ export class UserPushSubscription {
   @Column()
   public p256dh: string;
 
-  @Column({ unique: true })
+  @Column()
   public auth: string;
 
+  @Column({ nullable: true })
+  public userAgent: string;
+
+  @CreateDateColumn({ nullable: true })
+  public createdAt: Date;
+
   constructor(init?: Partial<UserPushSubscription>) {
     Object.assign(this, init);
   }

server/index.ts

@@ -1,3 +1,4 @@
+import csurf from '@dr.pogodin/csurf';
 import PlexAPI from '@server/api/plexapi';
 import dataSource, { getRepository, isPgsql } from '@server/datasource';
 import DiscoverSlider from '@server/entity/DiscoverSlider';
@@ -28,7 +29,6 @@ import restartFlag from '@server/utils/restartFlag';
 import { getClientIp } from '@supercharge/request-ip';
 import { TypeormStore } from 'connect-typeorm/out';
 import cookieParser from 'cookie-parser';
-import { doubleCsrf } from 'csrf-csrf';
 import type { NextFunction, Request, Response } from 'express';
 import express from 'express';
 import * as OpenApiValidator from 'express-openapi-validator';
@@ -162,23 +162,18 @@ app
       }
     });
     if (settings.network.csrfProtection) {
-      const { doubleCsrfProtection, generateToken } = doubleCsrf({
-        getSecret: () => settings.clientId,
-        cookieName: 'XSRF-TOKEN',
-        cookieOptions: {
-          httpOnly: true,
-          sameSite: 'strict',
-          secure: !dev,
-        },
-        size: 64,
-        ignoredMethods: ['GET', 'HEAD', 'OPTIONS'],
-      });
-
-      server.use(doubleCsrfProtection);
-
+      server.use(
+        csurf({
+          cookie: {
+            httpOnly: true,
+            sameSite: true,
+            secure: !dev,
+          },
+        })
+      );
       server.use((req, res, next) => {
-        res.cookie('XSRF-TOKEN', generateToken(req, res), {
-          sameSite: 'strict',
+        res.cookie('XSRF-TOKEN', req.csrfToken(), {
+          sameSite: true,
           secure: !dev,
         });
         next();

server/interfaces/api/requestInterfaces.ts

@@ -3,7 +3,10 @@ import type { MediaRequest } from '@server/entity/MediaRequest';
 import type { NonFunctionProperties, PaginatedResponse } from './common';
 
 export interface RequestResultsResponse extends PaginatedResponse {
-  results: NonFunctionProperties<MediaRequest>[];
+  results: (NonFunctionProperties<MediaRequest> & {
+    profileName?: string;
+    canRemove?: boolean;
+  })[];
 }
 
 export type MediaRequestBody = {

server/lib/availabilitySync.ts

@@ -404,6 +404,34 @@ class AvailabilitySync {
             });
           }
 
+          if (
+            !showExists &&
+            (media.status === MediaStatus.AVAILABLE ||
+              media.status === MediaStatus.PARTIALLY_AVAILABLE ||
+              media.seasons.some(
+                (season) => season.status === MediaStatus.AVAILABLE
+              ) ||
+              media.seasons.some(
+                (season) => season.status === MediaStatus.PARTIALLY_AVAILABLE
+              ))
+          ) {
+            await this.mediaUpdater(media, false, mediaServerType);
+          }
+
+          if (
+            !showExists4k &&
+            (media.status4k === MediaStatus.AVAILABLE ||
+              media.status4k === MediaStatus.PARTIALLY_AVAILABLE ||
+              media.seasons.some(
+                (season) => season.status4k === MediaStatus.AVAILABLE
+              ) ||
+              media.seasons.some(
+                (season) => season.status4k === MediaStatus.PARTIALLY_AVAILABLE
+              ))
+          ) {
+            await this.mediaUpdater(media, true, mediaServerType);
+          }
+
           // TODO: Figure out how to run seasonUpdater for each season
 
           if ([...finalSeasons.values()].includes(false)) {
@@ -423,22 +451,6 @@ class AvailabilitySync {
               mediaServerType
             );
           }
-
-          if (
-            !showExists &&
-            (media.status === MediaStatus.AVAILABLE ||
-              media.status === MediaStatus.PARTIALLY_AVAILABLE)
-          ) {
-            await this.mediaUpdater(media, false, mediaServerType);
-          }
-
-          if (
-            !showExists4k &&
-            (media.status4k === MediaStatus.AVAILABLE ||
-              media.status4k === MediaStatus.PARTIALLY_AVAILABLE)
-          ) {
-            await this.mediaUpdater(media, true, mediaServerType);
-          }
         }
       }
     } catch (ex) {
@@ -466,6 +478,10 @@ class AvailabilitySync {
       { status: MediaStatus.PARTIALLY_AVAILABLE },
       { status4k: MediaStatus.AVAILABLE },
       { status4k: MediaStatus.PARTIALLY_AVAILABLE },
+      { seasons: { status: MediaStatus.AVAILABLE } },
+      { seasons: { status: MediaStatus.PARTIALLY_AVAILABLE } },
+      { seasons: { status4k: MediaStatus.AVAILABLE } },
+      { seasons: { status4k: MediaStatus.PARTIALLY_AVAILABLE } },
     ];
 
     let mediaPage: Media[];

server/lib/imageproxy.ts

@@ -193,14 +193,34 @@ class ImageProxy {
   public async clearCachedImage(path: string) {
     // find cacheKey
     const cacheKey = this.getCacheKey(path);
+    const directory = join(this.getCacheDirectory(), cacheKey);
+
+    try {
+      await promises.access(directory);
+    } catch (e) {
+      if (e.code === 'ENOENT') {
+        logger.debug(
+          `Cache directory '${cacheKey}' does not exist; nothing to clear.`,
+          {
+            label: 'Image Cache',
+          }
+        );
+        return;
+      } else {
+        logger.error('Error checking cache directory existence', {
+          label: 'Image Cache',
+          message: e.message,
+        });
+        return;
+      }
+    }
 
     try {
-      const directory = join(this.getCacheDirectory(), cacheKey);
       const files = await promises.readdir(directory);
 
       await promises.rm(directory, { recursive: true });
 
-      logger.info(`Cleared ${files[0]} from cache 'avatar'`, {
+      logger.debug(`Cleared ${files[0]} from cache 'avatar'`, {
         label: 'Image Cache',
       });
     } catch (e) {

server/migration/postgres/1743023615532-UpdateWebPush.ts

@@ -0,0 +1,29 @@
+import type { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class UpdateWebPush1743023615532 implements MigrationInterface {
+  name = 'UpdateWebPush1743023615532';
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" ADD "userAgent" character varying`
+    );
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" ADD "createdAt" TIMESTAMP DEFAULT now()`
+    );
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" DROP CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b"`
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" ADD CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth")`
+    );
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" DROP COLUMN "createdAt"`
+    );
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" DROP COLUMN "userAgent"`
+    );
+  }
+}

server/migration/postgres/1743107707465-AddUserAvatarCacheFields.ts

@@ -0,0 +1,21 @@
+import type { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class AddUserAvatarCacheFields1743107707465
+  implements MigrationInterface
+{
+  name = 'AddUserAvatarCacheFields1743107707465';
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "user" ADD "avatarETag" character varying`
+    );
+    await queryRunner.query(
+      `ALTER TABLE "user" ADD "avatarVersion" character varying`
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "avatarVersion"`);
+    await queryRunner.query(`ALTER TABLE "user" DROP COLUMN "avatarETag"`);
+  }
+}

server/migration/sqlite/1743023610704-UpdateWebPush.ts

@@ -0,0 +1,203 @@
+import type { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class UpdateWebPush1743023610704 implements MigrationInterface {
+  name = 'UpdateWebPush1743023610704';
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `CREATE TABLE "temporary_user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId") SELECT "id", "endpoint", "p256dh", "auth", "userId" FROM "user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "user_push_subscription"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_user_push_subscription" RENAME TO "user_push_subscription"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "temporary_user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt") SELECT "id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt" FROM "user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "user_push_subscription"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_user_push_subscription" RENAME TO "user_push_subscription"`
+    );
+    await queryRunner.query(`DROP INDEX "IDX_6bbafa28411e6046421991ea21"`);
+    await queryRunner.query(
+      `CREATE TABLE "temporary_blacklist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "title" varchar, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "mediaId" integer)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_blacklist"("id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId") SELECT "id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId" FROM "blacklist"`
+    );
+    await queryRunner.query(`DROP TABLE "blacklist"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_blacklist" RENAME TO "blacklist"`
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_6bbafa28411e6046421991ea21" ON "blacklist" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_6bbafa28411e6046421991ea21"`);
+    await queryRunner.query(
+      `CREATE TABLE "temporary_blacklist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "title" varchar, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "mediaId" integer, CONSTRAINT "UQ_5f933c8ed6ad2c31739e6b94886" UNIQUE ("tmdbId"), CONSTRAINT "UQ_e49b27917899e01d7aca6b0b15c" UNIQUE ("mediaId"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_blacklist"("id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId") SELECT "id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId" FROM "blacklist"`
+    );
+    await queryRunner.query(`DROP TABLE "blacklist"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_blacklist" RENAME TO "blacklist"`
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_6bbafa28411e6046421991ea21" ON "blacklist" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_7ff2d11f6a83cb52386eaebe74"`);
+    await queryRunner.query(`DROP INDEX "IDX_41a289eb1fa489c1bc6f38d9c3"`);
+    await queryRunner.query(`DROP INDEX "IDX_7157aad07c73f6a6ae3bbd5ef5"`);
+    await queryRunner.query(
+      `CREATE TABLE "temporary_media" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "tmdbId" integer NOT NULL, "tvdbId" integer, "imdbId" varchar, "status" integer NOT NULL DEFAULT (1), "status4k" integer NOT NULL DEFAULT (1), "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "lastSeasonChange" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP), "mediaAddedAt" datetime DEFAULT (CURRENT_TIMESTAMP), "serviceId" integer, "serviceId4k" integer, "externalServiceId" integer, "externalServiceId4k" integer, "externalServiceSlug" varchar, "externalServiceSlug4k" varchar, "ratingKey" varchar, "ratingKey4k" varchar, "jellyfinMediaId" varchar, "jellyfinMediaId4k" varchar, CONSTRAINT "UQ_41a289eb1fa489c1bc6f38d9c3c" UNIQUE ("tvdbId"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_media"("id", "mediaType", "tmdbId", "tvdbId", "imdbId", "status", "status4k", "createdAt", "updatedAt", "lastSeasonChange", "mediaAddedAt", "serviceId", "serviceId4k", "externalServiceId", "externalServiceId4k", "externalServiceSlug", "externalServiceSlug4k", "ratingKey", "ratingKey4k", "jellyfinMediaId", "jellyfinMediaId4k") SELECT "id", "mediaType", "tmdbId", "tvdbId", "imdbId", "status", "status4k", "createdAt", "updatedAt", "lastSeasonChange", "mediaAddedAt", "serviceId", "serviceId4k", "externalServiceId", "externalServiceId4k", "externalServiceSlug", "externalServiceSlug4k", "ratingKey", "ratingKey4k", "jellyfinMediaId", "jellyfinMediaId4k" FROM "media"`
+    );
+    await queryRunner.query(`DROP TABLE "media"`);
+    await queryRunner.query(`ALTER TABLE "temporary_media" RENAME TO "media"`);
+    await queryRunner.query(
+      `CREATE INDEX "IDX_7ff2d11f6a83cb52386eaebe74" ON "media" ("imdbId") `
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_41a289eb1fa489c1bc6f38d9c3" ON "media" ("tvdbId") `
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_7157aad07c73f6a6ae3bbd5ef5" ON "media" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_939f205946256cc0d2a1ac51a8"`);
+    await queryRunner.query(
+      `CREATE TABLE "temporary_watchlist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "ratingKey" varchar NOT NULL, "mediaType" varchar NOT NULL, "title" varchar NOT NULL, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "requestedById" integer, "mediaId" integer, CONSTRAINT "UNIQUE_USER_DB" UNIQUE ("tmdbId", "requestedById"), CONSTRAINT "FK_ae34e6b153a90672eb9dc4857d7" FOREIGN KEY ("requestedById") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_6641da8d831b93dfcb429f8b8bc" FOREIGN KEY ("mediaId") REFERENCES "media" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_watchlist"("id", "ratingKey", "mediaType", "title", "tmdbId", "createdAt", "updatedAt", "requestedById", "mediaId") SELECT "id", "ratingKey", "mediaType", "title", "tmdbId", "createdAt", "updatedAt", "requestedById", "mediaId" FROM "watchlist"`
+    );
+    await queryRunner.query(`DROP TABLE "watchlist"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_watchlist" RENAME TO "watchlist"`
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_939f205946256cc0d2a1ac51a8" ON "watchlist" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_6bbafa28411e6046421991ea21"`);
+    await queryRunner.query(
+      `CREATE TABLE "temporary_blacklist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "title" varchar, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "mediaId" integer, CONSTRAINT "UQ_5f933c8ed6ad2c31739e6b94886" UNIQUE ("tmdbId"), CONSTRAINT "UQ_e49b27917899e01d7aca6b0b15c" UNIQUE ("mediaId"), CONSTRAINT "FK_53c1ab62c3e5875bc3ac474823e" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION, CONSTRAINT "FK_62b7ade94540f9f8d8bede54b99" FOREIGN KEY ("mediaId") REFERENCES "media" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_blacklist"("id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId") SELECT "id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId" FROM "blacklist"`
+    );
+    await queryRunner.query(`DROP TABLE "blacklist"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_blacklist" RENAME TO "blacklist"`
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_6bbafa28411e6046421991ea21" ON "blacklist" ("tmdbId") `
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(`DROP INDEX "IDX_6bbafa28411e6046421991ea21"`);
+    await queryRunner.query(
+      `ALTER TABLE "blacklist" RENAME TO "temporary_blacklist"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "blacklist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "title" varchar, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "mediaId" integer, CONSTRAINT "UQ_5f933c8ed6ad2c31739e6b94886" UNIQUE ("tmdbId"), CONSTRAINT "UQ_e49b27917899e01d7aca6b0b15c" UNIQUE ("mediaId"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "blacklist"("id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId") SELECT "id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId" FROM "temporary_blacklist"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_blacklist"`);
+    await queryRunner.query(
+      `CREATE INDEX "IDX_6bbafa28411e6046421991ea21" ON "blacklist" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_939f205946256cc0d2a1ac51a8"`);
+    await queryRunner.query(
+      `ALTER TABLE "watchlist" RENAME TO "temporary_watchlist"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "watchlist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "ratingKey" varchar NOT NULL, "mediaType" varchar NOT NULL, "title" varchar NOT NULL, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "requestedById" integer, "mediaId" integer, CONSTRAINT "UNIQUE_USER_DB" UNIQUE ("tmdbId", "requestedById"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "watchlist"("id", "ratingKey", "mediaType", "title", "tmdbId", "createdAt", "updatedAt", "requestedById", "mediaId") SELECT "id", "ratingKey", "mediaType", "title", "tmdbId", "createdAt", "updatedAt", "requestedById", "mediaId" FROM "temporary_watchlist"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_watchlist"`);
+    await queryRunner.query(
+      `CREATE INDEX "IDX_939f205946256cc0d2a1ac51a8" ON "watchlist" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_7157aad07c73f6a6ae3bbd5ef5"`);
+    await queryRunner.query(`DROP INDEX "IDX_41a289eb1fa489c1bc6f38d9c3"`);
+    await queryRunner.query(`DROP INDEX "IDX_7ff2d11f6a83cb52386eaebe74"`);
+    await queryRunner.query(`ALTER TABLE "media" RENAME TO "temporary_media"`);
+    await queryRunner.query(
+      `CREATE TABLE "media" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "tmdbId" integer NOT NULL, "tvdbId" integer, "imdbId" varchar, "status" integer NOT NULL DEFAULT (1), "status4k" integer NOT NULL DEFAULT (1), "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "lastSeasonChange" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP), "mediaAddedAt" datetime, "serviceId" integer, "serviceId4k" integer, "externalServiceId" integer, "externalServiceId4k" integer, "externalServiceSlug" varchar, "externalServiceSlug4k" varchar, "ratingKey" varchar, "ratingKey4k" varchar, "jellyfinMediaId" varchar, "jellyfinMediaId4k" varchar, CONSTRAINT "UQ_41a289eb1fa489c1bc6f38d9c3c" UNIQUE ("tvdbId"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "media"("id", "mediaType", "tmdbId", "tvdbId", "imdbId", "status", "status4k", "createdAt", "updatedAt", "lastSeasonChange", "mediaAddedAt", "serviceId", "serviceId4k", "externalServiceId", "externalServiceId4k", "externalServiceSlug", "externalServiceSlug4k", "ratingKey", "ratingKey4k", "jellyfinMediaId", "jellyfinMediaId4k") SELECT "id", "mediaType", "tmdbId", "tvdbId", "imdbId", "status", "status4k", "createdAt", "updatedAt", "lastSeasonChange", "mediaAddedAt", "serviceId", "serviceId4k", "externalServiceId", "externalServiceId4k", "externalServiceSlug", "externalServiceSlug4k", "ratingKey", "ratingKey4k", "jellyfinMediaId", "jellyfinMediaId4k" FROM "temporary_media"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_media"`);
+    await queryRunner.query(
+      `CREATE INDEX "IDX_7157aad07c73f6a6ae3bbd5ef5" ON "media" ("tmdbId") `
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_41a289eb1fa489c1bc6f38d9c3" ON "media" ("tvdbId") `
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_7ff2d11f6a83cb52386eaebe74" ON "media" ("imdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_6bbafa28411e6046421991ea21"`);
+    await queryRunner.query(
+      `ALTER TABLE "blacklist" RENAME TO "temporary_blacklist"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "blacklist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "title" varchar, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "mediaId" integer)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "blacklist"("id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId") SELECT "id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId" FROM "temporary_blacklist"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_blacklist"`);
+    await queryRunner.query(
+      `CREATE INDEX "IDX_6bbafa28411e6046421991ea21" ON "blacklist" ("tmdbId") `
+    );
+    await queryRunner.query(`DROP INDEX "IDX_6bbafa28411e6046421991ea21"`);
+    await queryRunner.query(
+      `ALTER TABLE "blacklist" RENAME TO "temporary_blacklist"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "blacklist" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "mediaType" varchar NOT NULL, "title" varchar, "tmdbId" integer NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "userId" integer, "mediaId" integer, CONSTRAINT "UQ_6bbafa28411e6046421991ea21c" UNIQUE ("tmdbId", "userId"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "blacklist"("id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId") SELECT "id", "mediaType", "title", "tmdbId", "createdAt", "userId", "mediaId" FROM "temporary_blacklist"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_blacklist"`);
+    await queryRunner.query(
+      `CREATE INDEX "IDX_6bbafa28411e6046421991ea21" ON "blacklist" ("tmdbId") `
+    );
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" RENAME TO "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt") SELECT "id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt" FROM "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_user_push_subscription"`);
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" RENAME TO "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId") SELECT "id", "endpoint", "p256dh", "auth", "userId" FROM "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_user_push_subscription"`);
+  }
+}

server/migration/sqlite/1743107645301-AddUserAvatarCacheFields.ts

@@ -0,0 +1,69 @@
+import type { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class AddUserAvatarCacheFields1743107645301
+  implements MigrationInterface
+{
+  name = 'AddUserAvatarCacheFields1743107645301';
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `CREATE TABLE "temporary_user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt") SELECT "id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt" FROM "user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "user_push_subscription"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_user_push_subscription" RENAME TO "user_push_subscription"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "temporary_user" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar NOT NULL, "username" varchar, "plexId" integer, "plexToken" varchar, "permissions" integer NOT NULL DEFAULT (0), "avatar" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "password" varchar, "userType" integer NOT NULL DEFAULT (1), "plexUsername" varchar, "resetPasswordGuid" varchar, "recoveryLinkExpirationDate" date, "movieQuotaLimit" integer, "movieQuotaDays" integer, "tvQuotaLimit" integer, "tvQuotaDays" integer, "jellyfinUsername" varchar, "jellyfinAuthToken" varchar, "jellyfinUserId" varchar, "jellyfinDeviceId" varchar, "avatarETag" varchar, "avatarVersion" varchar, CONSTRAINT "UQ_e12875dfb3b1d92d7d7c5377e22" UNIQUE ("email"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_user"("id", "email", "username", "plexId", "plexToken", "permissions", "avatar", "createdAt", "updatedAt", "password", "userType", "plexUsername", "resetPasswordGuid", "recoveryLinkExpirationDate", "movieQuotaLimit", "movieQuotaDays", "tvQuotaLimit", "tvQuotaDays", "jellyfinUsername", "jellyfinAuthToken", "jellyfinUserId", "jellyfinDeviceId") SELECT "id", "email", "username", "plexId", "plexToken", "permissions", "avatar", "createdAt", "updatedAt", "password", "userType", "plexUsername", "resetPasswordGuid", "recoveryLinkExpirationDate", "movieQuotaLimit", "movieQuotaDays", "tvQuotaLimit", "tvQuotaDays", "jellyfinUsername", "jellyfinAuthToken", "jellyfinUserId", "jellyfinDeviceId" FROM "user"`
+    );
+    await queryRunner.query(`DROP TABLE "user"`);
+    await queryRunner.query(`ALTER TABLE "temporary_user" RENAME TO "user"`);
+    await queryRunner.query(
+      `CREATE TABLE "temporary_user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "temporary_user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt") SELECT "id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt" FROM "user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "user_push_subscription"`);
+    await queryRunner.query(
+      `ALTER TABLE "temporary_user_push_subscription" RENAME TO "user_push_subscription"`
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" RENAME TO "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt") SELECT "id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt" FROM "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_user_push_subscription"`);
+    await queryRunner.query(`ALTER TABLE "user" RENAME TO "temporary_user"`);
+    await queryRunner.query(
+      `CREATE TABLE "user" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar NOT NULL, "username" varchar, "plexId" integer, "plexToken" varchar, "permissions" integer NOT NULL DEFAULT (0), "avatar" varchar NOT NULL, "createdAt" datetime NOT NULL DEFAULT (datetime('now')), "updatedAt" datetime NOT NULL DEFAULT (datetime('now')), "password" varchar, "userType" integer NOT NULL DEFAULT (1), "plexUsername" varchar, "resetPasswordGuid" varchar, "recoveryLinkExpirationDate" date, "movieQuotaLimit" integer, "movieQuotaDays" integer, "tvQuotaLimit" integer, "tvQuotaDays" integer, "jellyfinUsername" varchar, "jellyfinAuthToken" varchar, "jellyfinUserId" varchar, "jellyfinDeviceId" varchar, CONSTRAINT "UQ_e12875dfb3b1d92d7d7c5377e22" UNIQUE ("email"))`
+    );
+    await queryRunner.query(
+      `INSERT INTO "user"("id", "email", "username", "plexId", "plexToken", "permissions", "avatar", "createdAt", "updatedAt", "password", "userType", "plexUsername", "resetPasswordGuid", "recoveryLinkExpirationDate", "movieQuotaLimit", "movieQuotaDays", "tvQuotaLimit", "tvQuotaDays", "jellyfinUsername", "jellyfinAuthToken", "jellyfinUserId", "jellyfinDeviceId") SELECT "id", "email", "username", "plexId", "plexToken", "permissions", "avatar", "createdAt", "updatedAt", "password", "userType", "plexUsername", "resetPasswordGuid", "recoveryLinkExpirationDate", "movieQuotaLimit", "movieQuotaDays", "tvQuotaLimit", "tvQuotaDays", "jellyfinUsername", "jellyfinAuthToken", "jellyfinUserId", "jellyfinDeviceId" FROM "temporary_user"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_user"`);
+    await queryRunner.query(
+      `ALTER TABLE "user_push_subscription" RENAME TO "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(
+      `CREATE TABLE "user_push_subscription" ("id" integer PRIMARY KEY AUTOINCREMENT NOT NULL, "endpoint" varchar NOT NULL, "p256dh" varchar NOT NULL, "auth" varchar NOT NULL, "userId" integer, "userAgent" varchar, "createdAt" datetime DEFAULT (datetime('now')), CONSTRAINT "UQ_f90ab5a4ed54905a4bb51a7148b" UNIQUE ("auth"), CONSTRAINT "FK_03f7958328e311761b0de675fbe" FOREIGN KEY ("userId") REFERENCES "user" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`
+    );
+    await queryRunner.query(
+      `INSERT INTO "user_push_subscription"("id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt") SELECT "id", "endpoint", "p256dh", "auth", "userId", "userAgent", "createdAt" FROM "temporary_user_push_subscription"`
+    );
+    await queryRunner.query(`DROP TABLE "temporary_user_push_subscription"`);
+  }
+}

server/routes/auth.ts

@@ -10,6 +10,7 @@ import { Permission } from '@server/lib/permissions';
 import { getSettings } from '@server/lib/settings';
 import logger from '@server/logger';
 import { isAuthenticated } from '@server/middleware/auth';
+import { checkAvatarChanged } from '@server/routes/avatarproxy';
 import { ApiError } from '@server/types/error';
 import { getHostname } from '@server/utils/getHostname';
 import * as EmailValidator from 'email-validator';
@@ -216,6 +217,10 @@ authRoutes.post('/plex', async (req, res, next) => {
   }
 });
 
+function getUserAvatarUrl(user: User): string {
+  return `/avatarproxy/${user.jellyfinUserId}?v=${user.avatarVersion}`;
+}
+
 authRoutes.post('/jellyfin', async (req, res, next) => {
   const settings = getSettings();
   const userRepository = getRepository(User);
@@ -343,12 +348,12 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
           jellyfinDeviceId: deviceId,
           jellyfinAuthToken: account.AccessToken,
           permissions: Permission.ADMIN,
-          avatar: `/avatarproxy/${account.User.Id}`,
           userType:
             body.serverType === MediaServerType.JELLYFIN
               ? UserType.JELLYFIN
               : UserType.EMBY,
         });
+        user.avatar = getUserAvatarUrl(user);
 
         await userRepository.save(user);
       } else {
@@ -375,7 +380,7 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
         user.jellyfinDeviceId = deviceId;
         user.jellyfinAuthToken = account.AccessToken;
         user.permissions = Permission.ADMIN;
-        user.avatar = `/avatarproxy/${account.User.Id}`;
+        user.avatar = getUserAvatarUrl(user);
         user.userType =
           body.serverType === MediaServerType.JELLYFIN
             ? UserType.JELLYFIN
@@ -422,7 +427,7 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
           jellyfinUsername: account.User.Name,
         }
       );
-      user.avatar = `/avatarproxy/${account.User.Id}`;
+      user.avatar = getUserAvatarUrl(user);
       user.jellyfinUsername = account.User.Name;
 
       if (user.username === account.User.Name) {
@@ -460,12 +465,12 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
         jellyfinUserId: account.User.Id,
         jellyfinDeviceId: deviceId,
         permissions: settings.main.defaultPermissions,
-        avatar: `/avatarproxy/${account.User.Id}`,
         userType:
           settings.main.mediaServerType === MediaServerType.JELLYFIN
             ? UserType.JELLYFIN
             : UserType.EMBY,
       });
+      user.avatar = getUserAvatarUrl(user);
 
       //initialize Jellyfin/Emby users with local login
       const passedExplicitPassword = body.password && body.password.length > 0;
@@ -475,6 +480,26 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
       await userRepository.save(user);
     }
 
+    if (user && user.jellyfinUserId) {
+      try {
+        const { changed } = await checkAvatarChanged(user);
+
+        if (changed) {
+          user.avatar = getUserAvatarUrl(user);
+          await userRepository.save(user);
+          logger.debug('Avatar updated during login', {
+            userId: user.id,
+            jellyfinUserId: user.jellyfinUserId,
+          });
+        }
+      } catch (error) {
+        logger.error('Error handling avatar during login', {
+          label: 'Auth',
+          errorMessage: error.message,
+        });
+      }
+    }
+
     // Set logged in session
     if (req.session) {
       req.session.userId = user?.id;

server/routes/avatarproxy.ts

@@ -8,10 +8,12 @@ import { getAppVersion } from '@server/utils/appVersion';
 import { getHostname } from '@server/utils/getHostname';
 import { Router } from 'express';
 import gravatarUrl from 'gravatar-url';
+import { createHash } from 'node:crypto';
 
 const router = Router();
 
 let _avatarImageProxy: ImageProxy | null = null;
+
 async function initAvatarImageProxy() {
   if (!_avatarImageProxy) {
     const userRepository = getRepository(User);
@@ -31,6 +33,79 @@ async function initAvatarImageProxy() {
   return _avatarImageProxy;
 }
 
+function getJellyfinAvatarUrl(userId: string) {
+  const settings = getSettings();
+  return settings.main.mediaServerType === MediaServerType.JELLYFIN
+    ? `${getHostname()}/UserImage?UserId=${userId}`
+    : `${getHostname()}/Users/${userId}/Images/Primary?quality=90`;
+}
+
+function computeImageHash(buffer: Buffer): string {
+  return createHash('sha256').update(buffer).digest('hex');
+}
+
+export async function checkAvatarChanged(
+  user: User
+): Promise<{ changed: boolean; etag?: string }> {
+  try {
+    if (!user || !user.jellyfinUserId) {
+      return { changed: false };
+    }
+
+    const jellyfinAvatarUrl = getJellyfinAvatarUrl(user.jellyfinUserId);
+
+    const headResponse = await fetch(jellyfinAvatarUrl, { method: 'HEAD' });
+    if (!headResponse.ok) {
+      return { changed: false };
+    }
+
+    const settings = getSettings();
+    let remoteVersion: string;
+    if (settings.main.mediaServerType === MediaServerType.JELLYFIN) {
+      const remoteLastModifiedStr =
+        headResponse.headers.get('last-modified') || '';
+      remoteVersion = (
+        Date.parse(remoteLastModifiedStr) || Date.now()
+      ).toString();
+    } else if (settings.main.mediaServerType === MediaServerType.EMBY) {
+      remoteVersion =
+        headResponse.headers.get('etag')?.replace(/"/g, '') ||
+        Date.now().toString();
+    } else {
+      remoteVersion = Date.now().toString();
+    }
+
+    if (user.avatarVersion && user.avatarVersion === remoteVersion) {
+      return { changed: false, etag: user.avatarETag ?? undefined };
+    }
+
+    const avatarImageCache = await initAvatarImageProxy();
+    await avatarImageCache.clearCachedImage(jellyfinAvatarUrl);
+    const imageData = await avatarImageCache.getImage(
+      jellyfinAvatarUrl,
+      gravatarUrl(user.email || 'none', { default: 'mm', size: 200 })
+    );
+
+    const newHash = computeImageHash(imageData.imageBuffer);
+
+    const hasChanged = user.avatarETag !== newHash;
+
+    user.avatarVersion = remoteVersion;
+    if (hasChanged) {
+      user.avatarETag = newHash;
+    }
+
+    await getRepository(User).save(user);
+
+    return { changed: hasChanged, etag: newHash };
+  } catch (error) {
+    logger.error('Error checking avatar changes', {
+      errorMessage: error.message,
+    });
+    return { changed: false };
+  }
+}
+
 router.get('/:jellyfinUserId', async (req, res) => {
   try {
     if (!req.params.jellyfinUserId.match(/^[a-f0-9]{32}$/)) {
@@ -46,6 +121,10 @@ router.get('/:jellyfinUserId', async (req, res) => {
 
     const avatarImageCache = await initAvatarImageProxy();
 
+    const userEtag = req.headers['if-none-match'];
+
+    const versionParam = req.query.v;
+
     const user = await getRepository(User).findOne({
       where: { jellyfinUserId: req.params.jellyfinUserId },
     });
@@ -55,13 +134,7 @@ router.get('/:jellyfinUserId', async (req, res) => {
       size: 200,
     });
 
-    const setttings = getSettings();
-    const jellyfinAvatarUrl =
-      setttings.main.mediaServerType === MediaServerType.JELLYFIN
-        ? `${getHostname()}/UserImage?UserId=${req.params.jellyfinUserId}`
-        : `${getHostname()}/Users/${
-            req.params.jellyfinUserId
-          }/Images/Primary?quality=90`;
+    const jellyfinAvatarUrl = getJellyfinAvatarUrl(req.params.jellyfinUserId);
 
     let imageData = await avatarImageCache.getImage(
       jellyfinAvatarUrl,
@@ -73,10 +146,15 @@ router.get('/:jellyfinUserId', async (req, res) => {
       imageData = await avatarImageCache.getImage(fallbackUrl);
     }
 
+    if (userEtag && userEtag === `"${imageData.meta.etag}"` && !versionParam) {
+      return res.status(304).end();
+    }
+
     res.writeHead(200, {
       'Content-Type': `image/${imageData.meta.extension}`,
       'Content-Length': imageData.imageBuffer.length,
       'Cache-Control': `public, max-age=${imageData.meta.curRevalidate}`,
+      ETag: `"${imageData.meta.etag}"`,
       'OS-Cache-Key': imageData.meta.cacheKey,
       'OS-Cache-Status': imageData.meta.cacheMiss ? 'MISS' : 'HIT',
     });

server/routes/request.ts

@@ -189,7 +189,7 @@ requestRoutes.get<Record<string, unknown>, RequestResultsResponse>(
       );
 
       // add profile names to the media requests, with undefined if not found
-      const requestsWithProfileNames = requests.map((r) => {
+      let mappedRequests = requests.map((r) => {
         switch (r.type) {
           case MediaType.MOVIE: {
             const profileName = radarrServers
@@ -212,6 +212,36 @@ requestRoutes.get<Record<string, unknown>, RequestResultsResponse>(
         }
       });
 
+      // add canRemove prop if user has permission
+      if (req.user?.hasPermission(Permission.MANAGE_REQUESTS)) {
+        mappedRequests = mappedRequests.map((r) => {
+          switch (r.type) {
+            case MediaType.MOVIE: {
+              return {
+                ...r,
+                // check if the radarr server for this request is configured
+                canRemove: radarrServers.some(
+                  (server) =>
+                    server.id ===
+                    (r.is4k ? r.media.serviceId4k : r.media.serviceId)
+                ),
+              };
+            }
+            case MediaType.TV: {
+              return {
+                ...r,
+                // check if the sonarr server for this request is configured
+                canRemove: sonarrServers.some(
+                  (server) =>
+                    server.id ===
+                    (r.is4k ? r.media.serviceId4k : r.media.serviceId)
+                ),
+              };
+            }
+          }
+        });
+      }
+
       return res.status(200).json({
         pageInfo: {
           pages: Math.ceil(requestCount / pageSize),
@@ -219,7 +249,7 @@ requestRoutes.get<Record<string, unknown>, RequestResultsResponse>(
           results: requestCount,
           page: Math.ceil(skip / pageSize) + 1,
         },
-        results: requestsWithProfileNames,
+        results: mappedRequests,
       });
     } catch (e) {
       next({ status: 500, message: e.message });

server/routes/user/index.ts

@@ -60,22 +60,24 @@ router.get('/', async (req, res, next) => {
         query = query.orderBy('user.updatedAt', 'DESC');
         break;
       case 'displayname':
-        query = query.orderBy(
-          `CASE WHEN (user.username IS NULL OR user.username = '') THEN (
-             CASE WHEN (user.plexUsername IS NULL OR user.plexUsername = '') THEN (
-               CASE WHEN (user.jellyfinUsername IS NULL OR user.jellyfinUsername = '') THEN
-                 "user"."email"
-               ELSE
-                 LOWER(user.jellyfinUsername)
-               END)
-             ELSE
-               LOWER(user.jellyfinUsername)
-             END)
-           ELSE
-             LOWER(user.username)
-           END`,
-          'ASC'
-        );
+        query = query
+          .addSelect(
+            `CASE WHEN (user.username IS NULL OR user.username = '') THEN (
+              CASE WHEN (user.plexUsername IS NULL OR user.plexUsername = '') THEN (
+                CASE WHEN (user.jellyfinUsername IS NULL OR user.jellyfinUsername = '') THEN
+                  "user"."email"
+                ELSE
+                  LOWER(user.jellyfinUsername)
+                END)
+              ELSE
+                LOWER(user.jellyfinUsername)
+              END)
+            ELSE
+              LOWER(user.username)
+            END`,
+            'displayname_sort_key'
+          )
+          .orderBy('displayname_sort_key', 'ASC');
         break;
       case 'requests':
         query = query
@@ -182,13 +184,15 @@ router.post<
     endpoint: string;
     p256dh: string;
     auth: string;
+    userAgent: string;
   }
 >('/registerPushSubscription', async (req, res, next) => {
   try {
     const userPushSubRepository = getRepository(UserPushSubscription);
 
     const existingSubs = await userPushSubRepository.find({
-      where: { auth: req.body.auth },
+      relations: { user: true },
+      where: { auth: req.body.auth, user: { id: req.user?.id } },
     });
 
     if (existingSubs.length > 0) {
@@ -203,6 +207,7 @@ router.post<
       auth: req.body.auth,
       endpoint: req.body.endpoint,
       p256dh: req.body.p256dh,
+      userAgent: req.body.userAgent,
       user: req.user,
     });
 
@@ -217,6 +222,79 @@ router.post<
   }
 });
 
+router.get<{ userId: number }>(
+  '/:userId/pushSubscriptions',
+  async (req, res, next) => {
+    try {
+      const userPushSubRepository = getRepository(UserPushSubscription);
+
+      const userPushSubs = await userPushSubRepository.find({
+        relations: { user: true },
+        where: { user: { id: req.params.userId } },
+      });
+
+      return res.status(200).json(userPushSubs);
+    } catch (e) {
+      next({ status: 404, message: 'User subscriptions not found.' });
+    }
+  }
+);
+
+router.get<{ userId: number; key: string }>(
+  '/:userId/pushSubscription/:key',
+  async (req, res, next) => {
+    try {
+      const userPushSubRepository = getRepository(UserPushSubscription);
+
+      const userPushSub = await userPushSubRepository.findOneOrFail({
+        relations: {
+          user: true,
+        },
+        where: {
+          user: { id: req.params.userId },
+          p256dh: req.params.key,
+        },
+      });
+
+      return res.status(200).json(userPushSub);
+    } catch (e) {
+      next({ status: 404, message: 'User subscription not found.' });
+    }
+  }
+);
+
+router.delete<{ userId: number; key: string }>(
+  '/:userId/pushSubscription/:key',
+  async (req, res, next) => {
+    try {
+      const userPushSubRepository = getRepository(UserPushSubscription);
+
+      const userPushSub = await userPushSubRepository.findOneOrFail({
+        relations: {
+          user: true,
+        },
+        where: {
+          user: { id: req.params.userId },
+          p256dh: req.params.key,
+        },
+      });
+
+      await userPushSubRepository.remove(userPushSub);
+      return res.status(204).send();
+    } catch (e) {
+      logger.error('Something went wrong deleting the user push subcription', {
+        label: 'API',
+        key: req.params.key,
+        errorMessage: e.message,
+      });
+      return next({
+        status: 500,
+        message: 'User push subcription not found',
+      });
+    }
+  }
+);
+
 router.get<{ id: string }>('/:id', async (req, res, next) => {
   try {
     const userRepository = getRepository(User);

server/types/custom.d.ts

@@ -0,0 +1,4 @@
+declare module '@dr.pogodin/csurf' {
+  import csrf = require('csurf');
+  export = csrf;
+}

server/utils/customProxyAgent.ts

@@ -8,8 +8,9 @@ export default async function createCustomProxyAgent(
 ) {
   const defaultAgent = new Agent({ keepAliveTimeout: 5000 });
 
-  const skipUrl = (url: string) => {
-    const hostname = new URL(url).hostname;
+  const skipUrl = (url: string | URL) => {
+    const hostname =
+      typeof url === 'string' ? new URL(url).hostname : url.hostname;
 
     if (proxySettings.bypassLocalAddresses && isLocalAddress(hostname)) {
       return true;
@@ -38,8 +39,7 @@ export default async function createCustomProxyAgent(
     dispatch: Dispatcher['dispatch']
   ): Dispatcher['dispatch'] => {
     return (opts, handler) => {
-      const url = opts.origin?.toString();
-      return url && skipUrl(url)
+      return opts.origin && skipUrl(opts.origin)
         ? defaultAgent.dispatch(opts, handler)
         : dispatch(opts, handler);
     };
@@ -60,13 +60,10 @@ export default async function createCustomProxyAgent(
         ':' +
         proxySettings.port,
       token,
-      interceptors: {
-        Client: [noProxyInterceptor],
-      },
       keepAliveTimeout: 5000,
     });
 
-    setGlobalDispatcher(proxyAgent);
+    setGlobalDispatcher(proxyAgent.compose(noProxyInterceptor));
   } catch (e) {
     logger.error('Failed to connect to the proxy: ' + e.message, {
       label: 'Proxy',
@@ -95,7 +92,11 @@ export default async function createCustomProxyAgent(
 }
 
 function isLocalAddress(hostname: string) {
-  if (hostname === 'localhost' || hostname === '127.0.0.1') {
+  if (
+    hostname === 'localhost' ||
+    hostname === '127.0.0.1' ||
+    hostname === '::1'
+  ) {
     return true;
   }
 

src/components/AirDateBadge/index.tsx

@@ -14,17 +14,13 @@ type AirDateBadgeProps = {
 const AirDateBadge = ({ airDate }: AirDateBadgeProps) => {
   const WEEK = 1000 * 60 * 60 * 24 * 8;
   const intl = useIntl();
-  const timeZone = Intl.DateTimeFormat().resolvedOptions().timeZone;
   const dAirDate = new Date(airDate);
   const nowDate = new Date();
   const alreadyAired = dAirDate.getTime() < nowDate.getTime();
-
   const compareWeek = new Date(
     alreadyAired ? Date.now() - WEEK : Date.now() + WEEK
   );
-
   let showRelative = false;
-
   if (
     (alreadyAired && dAirDate.getTime() > compareWeek.getTime()) ||
     (!alreadyAired && dAirDate.getTime() < compareWeek.getTime())
@@ -32,6 +28,10 @@ const AirDateBadge = ({ airDate }: AirDateBadgeProps) => {
     showRelative = true;
   }
 
+  const diffInDays = Math.round(
+    (dAirDate.getTime() - nowDate.getTime()) / (1000 * 60 * 60 * 24)
+  );
+
   return (
     <div className="flex items-center space-x-2">
       <Badge badgeType="light">
@@ -39,7 +39,7 @@ const AirDateBadge = ({ airDate }: AirDateBadgeProps) => {
           year: 'numeric',
           month: 'long',
           day: 'numeric',
-          timeZone,
+          timeZone: 'UTC',
         })}
       </Badge>
       {showRelative && (
@@ -49,9 +49,9 @@ const AirDateBadge = ({ airDate }: AirDateBadgeProps) => {
             {
               relativeTime: (
                 <FormattedRelativeTime
-                  value={(dAirDate.getTime() - Date.now()) / 1000}
+                  value={diffInDays}
+                  unit="day"
                   numeric="auto"
-                  updateIntervalInSeconds={1}
                 />
               ),
             }

src/components/Layout/MobileMenu/index.tsx

@@ -255,7 +255,9 @@ const MobileMenu = ({
                             router.pathname.match(link.activeRegExp)
                               ? 'border-indigo-600 from-indigo-700 to-purple-700'
                               : 'border-indigo-500 from-indigo-600 to-purple-600'
-                          } flex h-4 w-4 items-center justify-center !px-[9px] !py-[9px] text-[9px]`}
+                          } flex ${
+                            pendingRequestsCount > 99 ? 'w-6' : 'w-4'
+                          } h-4  items-center justify-center !px-[5px] !py-[7px] text-[8px]`}
                         >
                           {pendingRequestsCount > 99
                             ? '99+'

src/components/Login/JellyfinLogin.tsx

@@ -161,7 +161,6 @@ const JellyfinLogin: React.FC<JellyfinLoginProps> = ({
                         data-form-type="password"
                         data-1pignore="false"
                         data-lpignore="false"
-                        data-bwignore="false"
                       />
                     </div>
                     <div className="flex">

src/components/Login/LocalLogin.tsx

@@ -118,7 +118,6 @@ const LocalLogin = ({ revalidate }: LocalLoginProps) => {
                       className="!bg-gray-700/80 placeholder:text-gray-400"
                       data-1pignore="false"
                       data-lpignore="false"
-                      data-bwignore="false"
                     />
                   </div>
                   <div className="flex">

src/components/MovieDetails/index.tsx

@@ -590,7 +590,7 @@ const MovieDetails = ({ movie }: MovieDetailsProps) => {
                   buttonSize={'md'}
                   onClick={() => setShowBlacklistModal(true)}
                 >
-                  <EyeSlashIcon className={'h-3'} />
+                  <EyeSlashIcon />
                 </Button>
               </Tooltip>
             )}
@@ -608,9 +608,9 @@ const MovieDetails = ({ movie }: MovieDetailsProps) => {
                       onClick={onClickWatchlistBtn}
                     >
                       {isUpdating ? (
-                        <Spinner className="h-3" />
+                        <Spinner />
                       ) : (
-                        <StarIcon className={'h-3 text-amber-300'} />
+                        <StarIcon className={'text-amber-300'} />
                       )}
                     </Button>
                   </Tooltip>
@@ -623,17 +623,15 @@ const MovieDetails = ({ movie }: MovieDetailsProps) => {
                       buttonSize={'md'}
                       onClick={onClickDeleteWatchlistBtn}
                     >
-                      {isUpdating ? (
-                        <Spinner className="h-3" />
-                      ) : (
-                        <MinusCircleIcon className={'h-3'} />
-                      )}
+                      {isUpdating ? <Spinner /> : <MinusCircleIcon />}
                     </Button>
                   </Tooltip>
                 )}
               </>
             )}
-          <PlayButton links={mediaLinks} />
+          <div className="z-20">
+            <PlayButton links={mediaLinks} />
+          </div>
           <RequestButton
             mediaType="movie"
             media={data.mediaInfo}

src/components/RequestList/RequestItem/index.tsx

@@ -20,6 +20,7 @@ import {
 import { MediaRequestStatus } from '@server/constants/media';
 import type { MediaRequest } from '@server/entity/MediaRequest';
 import type { NonFunctionProperties } from '@server/interfaces/api/common';
+import type { RequestResultsResponse } from '@server/interfaces/api/requestInterfaces';
 import type { MovieDetails } from '@server/models/Movie';
 import type { TvDetails } from '@server/models/Tv';
 import Link from 'next/link';
@@ -291,7 +292,7 @@ const RequestItemError = ({
 };
 
 interface RequestItemProps {
-  request: NonFunctionProperties<MediaRequest> & { profileName?: string };
+  request: RequestResultsResponse['results'][number];
   revalidateList: () => void;
 }
 
@@ -706,18 +707,20 @@ const RequestItem = ({ request, revalidateList }: RequestItemProps) => {
                   <TrashIcon />
                   <span>{intl.formatMessage(messages.deleterequest)}</span>
                 </ConfirmButton>
-                <ConfirmButton
-                  onClick={() => deleteMediaFile()}
-                  confirmText={intl.formatMessage(globalMessages.areyousure)}
-                  className="w-full"
-                >
-                  <TrashIcon />
-                  <span>
-                    {intl.formatMessage(messages.removearr, {
-                      arr: request.type === 'movie' ? 'Radarr' : 'Sonarr',
-                    })}
-                  </span>
-                </ConfirmButton>
+                {request.canRemove && (
+                  <ConfirmButton
+                    onClick={() => deleteMediaFile()}
+                    confirmText={intl.formatMessage(globalMessages.areyousure)}
+                    className="w-full"
+                  >
+                    <TrashIcon />
+                    <span>
+                      {intl.formatMessage(messages.removearr, {
+                        arr: request.type === 'movie' ? 'Radarr' : 'Sonarr',
+                      })}
+                    </span>
+                  </ConfirmButton>
+                )}
               </>
             )}
           {requestData.status === MediaRequestStatus.PENDING &&

src/components/RequestModal/TvRequestModal.tsx

@@ -217,7 +217,7 @@ const TvRequestModal = ({
           mediaType: 'tv',
           is4k,
           seasons: settings.currentSettings.partialRequestsEnabled
-            ? selectedSeasons
+            ? selectedSeasons.sort((a, b) => a - b)
             : getAllSeasons().filter(
                 (season) => !getAllRequestedSeasons().includes(season)
               ),

src/components/ServiceWorkerSetup/index.tsx

@@ -1,10 +1,9 @@
 /* eslint-disable no-console */
-import useSettings from '@app/hooks/useSettings';
+
 import { useUser } from '@app/hooks/useUser';
 import { useEffect } from 'react';
 
 const ServiceWorkerSetup = () => {
-  const { currentSettings } = useSettings();
   const { user } = useUser();
   useEffect(() => {
     if ('serviceWorker' in navigator && user?.id) {
@@ -15,40 +14,12 @@ const ServiceWorkerSetup = () => {
             '[SW] Registration successful, scope is:',
             registration.scope
           );
-
-          if (currentSettings.enablePushRegistration) {
-            const sub = await registration.pushManager.subscribe({
-              userVisibleOnly: true,
-              applicationServerKey: currentSettings.vapidPublic,
-            });
-
-            const parsedSub = JSON.parse(JSON.stringify(sub));
-
-            if (parsedSub.keys.p256dh && parsedSub.keys.auth) {
-              const res = await fetch('/api/v1/user/registerPushSubscription', {
-                method: 'POST',
-                headers: {
-                  'Content-Type': 'application/json',
-                },
-                body: JSON.stringify({
-                  endpoint: parsedSub.endpoint,
-                  p256dh: parsedSub.keys.p256dh,
-                  auth: parsedSub.keys.auth,
-                }),
-              });
-              if (!res.ok) throw new Error();
-            }
-          }
         })
         .catch(function (error) {
           console.log('[SW] Service worker registration failed, error:', error);
         });
     }
-  }, [
-    user,
-    currentSettings.vapidPublic,
-    currentSettings.enablePushRegistration,
-  ]);
+  }, [user]);
   return null;
 };
 

src/components/Settings/Notifications/NotificationsEmail.tsx

@@ -221,6 +221,7 @@ const NotificationsEmail = () => {
                     requireTls: values.encryption === 'opportunistic',
                     authUser: values.authUser,
                     authPass: values.authPass,
+                    allowSelfSigned: values.allowSelfSigned,
                     senderName: values.senderName,
                     pgpPrivateKey: values.pgpPrivateKey,
                     pgpPassword: values.pgpPassword,

src/components/Settings/OverrideRule/OverrideRuleTiles.tsx

@@ -141,7 +141,7 @@ const OverrideRuleTiles = ({
       }
       setUsers(users);
     })();
-  }, [rules]);
+  }, [rules, users]);
 
   return (
     <>

src/components/TitleCard/index.tsx

@@ -373,11 +373,10 @@ const TitleCard = ({
                   : intl.formatMessage(globalMessages.tvshow)}
               </div>
             </div>
-            {showDetail &&
-              currentStatus !== MediaStatus.BLACKLISTED &&
-              user?.userType !== UserType.PLEX && (
-                <div className="flex flex-col gap-1">
-                  {toggleWatchlist ? (
+            {showDetail && currentStatus !== MediaStatus.BLACKLISTED && (
+              <div className="flex flex-col gap-1">
+                {user?.userType !== UserType.PLEX &&
+                  (toggleWatchlist ? (
                     <Button
                       buttonType={'ghost'}
                       className="z-40"
@@ -394,23 +393,23 @@ const TitleCard = ({
                     >
                       <MinusCircleIcon className={'h-3'} />
                     </Button>
+                  ))}
+                {showHideButton &&
+                  currentStatus !== MediaStatus.PROCESSING &&
+                  currentStatus !== MediaStatus.AVAILABLE &&
+                  currentStatus !== MediaStatus.PARTIALLY_AVAILABLE &&
+                  currentStatus !== MediaStatus.PENDING && (
+                    <Button
+                      buttonType={'ghost'}
+                      className="z-40"
+                      buttonSize={'sm'}
+                      onClick={() => setShowBlacklistModal(true)}
+                    >
+                      <EyeSlashIcon className={'h-3'} />
+                    </Button>
                   )}
-                  {showHideButton &&
-                    currentStatus !== MediaStatus.PROCESSING &&
-                    currentStatus !== MediaStatus.AVAILABLE &&
-                    currentStatus !== MediaStatus.PARTIALLY_AVAILABLE &&
-                    currentStatus !== MediaStatus.PENDING && (
-                      <Button
-                        buttonType={'ghost'}
-                        className="z-40"
-                        buttonSize={'sm'}
-                        onClick={() => setShowBlacklistModal(true)}
-                      >
-                        <EyeSlashIcon className={'h-3'} />
-                      </Button>
-                    )}
-                </div>
-              )}
+              </div>
+            )}
             {showDetail &&
               showHideButton &&
               currentStatus == MediaStatus.BLACKLISTED && (

src/components/TvDetails/index.tsx

@@ -632,7 +632,7 @@ const TvDetails = ({ tv }: TvDetailsProps) => {
                   buttonSize={'md'}
                   onClick={() => setShowBlacklistModal(true)}
                 >
-                  <EyeSlashIcon className={'h-3'} />
+                  <EyeSlashIcon />
                 </Button>
               </Tooltip>
             )}
@@ -650,9 +650,9 @@ const TvDetails = ({ tv }: TvDetailsProps) => {
                       onClick={onClickWatchlistBtn}
                     >
                       {isUpdating ? (
-                        <Spinner className="h-3" />
+                        <Spinner />
                       ) : (
-                        <StarIcon className={'h-3 text-amber-300'} />
+                        <StarIcon className={'text-amber-300'} />
                       )}
                     </Button>
                   </Tooltip>
@@ -665,17 +665,15 @@ const TvDetails = ({ tv }: TvDetailsProps) => {
                       buttonSize={'md'}
                       onClick={onClickDeleteWatchlistBtn}
                     >
-                      {isUpdating ? (
-                        <Spinner className="h-3" />
-                      ) : (
-                        <MinusCircleIcon className={'h-3'} />
-                      )}
+                      {isUpdating ? <Spinner /> : <MinusCircleIcon />}
                     </Button>
                   </Tooltip>
                 )}
               </>
             )}
-          <PlayButton links={mediaLinks} />
+          <div className="z-20">
+            <PlayButton links={mediaLinks} />
+          </div>
           <RequestButton
             mediaType="tv"
             onUpdate={() => revalidate()}

src/components/UserList/PlexImportModal.tsx

@@ -57,9 +57,9 @@ const PlexImportModal = ({ onCancel, onComplete }: PlexImportProps) => {
         }),
       });
       if (!res.ok) throw new Error();
-      const { data: createdUsers } = await res.json();
+      const createdUsers = await res.json();
 
-      if (!createdUsers.length) {
+      if (!Array.isArray(createdUsers) || createdUsers.length === 0) {
         throw new Error('No users were imported from Plex.');
       }
 

src/components/UserProfile/UserSettings/UserGeneralSettings/index.tsx

@@ -415,7 +415,7 @@ const UserGeneralSettings = () => {
                   </span>
                 </label>
                 <div className="form-input-area">
-                  <div className="form-input-field">
+                  <div className="form-input-field relative z-[22]">
                     <RegionSelector
                       name="discoverRegion"
                       value={values.discoverRegion ?? ''}
@@ -433,7 +433,7 @@ const UserGeneralSettings = () => {
                   </span>
                 </label>
                 <div className="form-input-area">
-                  <div className="form-input-field">
+                  <div className="form-input-field relative z-[21]">
                     <LanguageSelector
                       setFieldValue={setFieldValue}
                       serverValue={currentSettings.originalLanguage}
@@ -451,7 +451,7 @@ const UserGeneralSettings = () => {
                   </span>
                 </label>
                 <div className="form-input-area">
-                  <div className="form-input-field">
+                  <div className="form-input-field relative z-20">
                     <RegionSelector
                       name="streamingRegion"
                       value={values.streamingRegion || ''}

src/components/UserProfile/UserSettings/UserNotificationSettings/UserNotificationsWebPush.tsx

@@ -1,136 +0,0 @@
-import Button from '@app/components/Common/Button';
-import LoadingSpinner from '@app/components/Common/LoadingSpinner';
-import NotificationTypeSelector, {
-  ALL_NOTIFICATIONS,
-} from '@app/components/NotificationTypeSelector';
-import { useUser } from '@app/hooks/useUser';
-import globalMessages from '@app/i18n/globalMessages';
-import defineMessages from '@app/utils/defineMessages';
-import { ArrowDownOnSquareIcon } from '@heroicons/react/24/outline';
-import type { UserSettingsNotificationsResponse } from '@server/interfaces/api/userSettingsInterfaces';
-import { Form, Formik } from 'formik';
-import { useRouter } from 'next/router';
-import { useIntl } from 'react-intl';
-import { useToasts } from 'react-toast-notifications';
-import useSWR, { mutate } from 'swr';
-
-const messages = defineMessages(
-  'components.UserProfile.UserSettings.UserNotificationSettings',
-  {
-    webpushsettingssaved: 'Web push notification settings saved successfully!',
-    webpushsettingsfailed: 'Web push notification settings failed to save.',
-  }
-);
-
-const UserWebPushSettings = () => {
-  const intl = useIntl();
-  const { addToast } = useToasts();
-  const router = useRouter();
-  const { user } = useUser({ id: Number(router.query.userId) });
-  const {
-    data,
-    error,
-    mutate: revalidate,
-  } = useSWR<UserSettingsNotificationsResponse>(
-    user ? `/api/v1/user/${user?.id}/settings/notifications` : null
-  );
-
-  if (!data && !error) {
-    return <LoadingSpinner />;
-  }
-
-  return (
-    <Formik
-      initialValues={{
-        types: data?.notificationTypes.webpush ?? ALL_NOTIFICATIONS,
-      }}
-      enableReinitialize
-      onSubmit={async (values) => {
-        try {
-          const res = await fetch(
-            `/api/v1/user/${user?.id}/settings/notifications`,
-            {
-              method: 'POST',
-              headers: {
-                'Content-Type': 'application/json',
-              },
-              body: JSON.stringify({
-                pgpKey: data?.pgpKey,
-                discordId: data?.discordId,
-                pushbulletAccessToken: data?.pushbulletAccessToken,
-                pushoverApplicationToken: data?.pushoverApplicationToken,
-                pushoverUserKey: data?.pushoverUserKey,
-                telegramChatId: data?.telegramChatId,
-                telegramSendSilently: data?.telegramSendSilently,
-                notificationTypes: {
-                  webpush: values.types,
-                },
-              }),
-            }
-          );
-          if (!res.ok) throw new Error();
-          mutate('/api/v1/settings/public');
-          addToast(intl.formatMessage(messages.webpushsettingssaved), {
-            appearance: 'success',
-            autoDismiss: true,
-          });
-        } catch (e) {
-          addToast(intl.formatMessage(messages.webpushsettingsfailed), {
-            appearance: 'error',
-            autoDismiss: true,
-          });
-        } finally {
-          revalidate();
-        }
-      }}
-    >
-      {({
-        errors,
-        touched,
-        isSubmitting,
-        isValid,
-        values,
-        setFieldValue,
-        setFieldTouched,
-      }) => {
-        return (
-          <Form className="section">
-            <NotificationTypeSelector
-              user={user}
-              currentTypes={values.types}
-              onUpdate={(newTypes) => {
-                setFieldValue('types', newTypes);
-                setFieldTouched('types');
-              }}
-              error={
-                errors.types && touched.types
-                  ? (errors.types as string)
-                  : undefined
-              }
-            />
-            <div className="actions">
-              <div className="flex justify-end">
-                <span className="ml-3 inline-flex rounded-md shadow-sm">
-                  <Button
-                    buttonType="primary"
-                    type="submit"
-                    disabled={isSubmitting || !isValid}
-                  >
-                    <ArrowDownOnSquareIcon />
-                    <span>
-                      {isSubmitting
-                        ? intl.formatMessage(globalMessages.saving)
-                        : intl.formatMessage(globalMessages.save)}
-                    </span>
-                  </Button>
-                </span>
-              </div>
-            </div>
-          </Form>
-        );
-      }}
-    </Formik>
-  );
-};
-
-export default UserWebPushSettings;

src/components/UserProfile/UserSettings/UserNotificationSettings/UserNotificationsWebPush/DeviceItem.tsx

@@ -0,0 +1,110 @@
+import ConfirmButton from '@app/components/Common/ConfirmButton';
+import globalMessages from '@app/i18n/globalMessages';
+import defineMessages from '@app/utils/defineMessages';
+import {
+  ComputerDesktopIcon,
+  DevicePhoneMobileIcon,
+  TrashIcon,
+} from '@heroicons/react/24/solid';
+import { useIntl } from 'react-intl';
+import { UAParser } from 'ua-parser-js';
+
+interface DeviceItemProps {
+  disablePushNotifications: (p256dh: string) => void;
+  device: {
+    endpoint: string;
+    p256dh: string;
+    auth: string;
+    userAgent: string;
+    createdAt: Date;
+  };
+}
+
+const messages = defineMessages(
+  'components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush',
+  {
+    operatingsystem: 'Operating System',
+    browser: 'Browser',
+    engine: 'Engine',
+    deletesubscription: 'Delete Subscription',
+    unknown: 'Unknown',
+  }
+);
+
+const DeviceItem = ({ disablePushNotifications, device }: DeviceItemProps) => {
+  const intl = useIntl();
+
+  return (
+    <div className="relative flex w-full flex-col justify-between overflow-hidden rounded-xl bg-gray-800 py-4 text-gray-400 shadow-md ring-1 ring-gray-700 xl:h-28 xl:flex-row">
+      <div className="relative flex w-full flex-col justify-between overflow-hidden sm:flex-row">
+        <div className="relative z-10 flex w-full items-center overflow-hidden pl-4 pr-4 sm:pr-0 xl:w-7/12 2xl:w-2/3">
+          <div className="relative h-auto w-12 flex-shrink-0 scale-100 transform-gpu overflow-hidden rounded-md transition duration-300 hover:scale-105">
+            {UAParser(device.userAgent).device.type === 'mobile' ? (
+              <DevicePhoneMobileIcon />
+            ) : (
+              <ComputerDesktopIcon />
+            )}
+          </div>
+          <div className="flex flex-col justify-center overflow-hidden pl-2 xl:pl-4">
+            <div className="pt-0.5 text-xs font-medium text-white sm:pt-1">
+              {device.createdAt
+                ? intl.formatDate(device.createdAt, {
+                    year: 'numeric',
+                    month: 'long',
+                    day: 'numeric',
+                  })
+                : 'N/A'}
+            </div>
+            <div className="mr-2 min-w-0 truncate text-lg font-bold text-white hover:underline xl:text-xl">
+              {device.userAgent
+                ? UAParser(device.userAgent).device.model
+                : intl.formatMessage(messages.unknown)}
+            </div>
+          </div>
+        </div>
+        <div className="z-10 mt-4 ml-4 flex w-full flex-col justify-center overflow-hidden pr-4 text-sm sm:ml-2 sm:mt-0 xl:flex-1 xl:pr-0">
+          <div className="card-field">
+            <span className="card-field-name">
+              {intl.formatMessage(messages.operatingsystem)}
+            </span>
+            <span className="flex truncate text-sm text-gray-300">
+              {device.userAgent ? UAParser(device.userAgent).os.name : 'N/A'}
+            </span>
+          </div>
+          <div className="card-field">
+            <span className="card-field-name">
+              {intl.formatMessage(messages.browser)}
+            </span>
+            <span className="flex truncate text-sm text-gray-300">
+              {device.userAgent
+                ? UAParser(device.userAgent).browser.name
+                : 'N/A'}
+            </span>
+          </div>
+          <div className="card-field">
+            <span className="card-field-name">
+              {intl.formatMessage(messages.engine)}
+            </span>
+            <span className="flex truncate text-sm text-gray-300">
+              {device.userAgent
+                ? UAParser(device.userAgent).engine.name
+                : 'N/A'}
+            </span>
+          </div>
+        </div>
+      </div>
+      <div className="z-10 mt-4 flex w-full flex-col justify-center space-y-2 pl-4 pr-4 xl:mt-0 xl:w-96 xl:items-end xl:pl-0">
+        <ConfirmButton
+          onClick={() => disablePushNotifications(device.p256dh)}
+          confirmText={intl.formatMessage(globalMessages.areyousure)}
+          className="w-full"
+        >
+          <TrashIcon />
+          <span>{intl.formatMessage(messages.deletesubscription)}</span>
+        </ConfirmButton>
+      </div>
+    </div>
+  );
+};
+
+export default DeviceItem;

src/components/UserProfile/UserSettings/UserNotificationSettings/UserNotificationsWebPush/index.tsx

@@ -0,0 +1,378 @@
+import Alert from '@app/components/Common/Alert';
+import Button from '@app/components/Common/Button';
+import LoadingSpinner from '@app/components/Common/LoadingSpinner';
+import NotificationTypeSelector, {
+  ALL_NOTIFICATIONS,
+} from '@app/components/NotificationTypeSelector';
+import DeviceItem from '@app/components/UserProfile/UserSettings/UserNotificationSettings/UserNotificationsWebPush/DeviceItem';
+import useSettings from '@app/hooks/useSettings';
+import { useUser } from '@app/hooks/useUser';
+import globalMessages from '@app/i18n/globalMessages';
+import defineMessages from '@app/utils/defineMessages';
+import { ArrowDownOnSquareIcon } from '@heroicons/react/24/outline';
+import {
+  CloudArrowDownIcon,
+  CloudArrowUpIcon,
+} from '@heroicons/react/24/solid';
+import type { UserPushSubscription } from '@server/entity/UserPushSubscription';
+import type { UserSettingsNotificationsResponse } from '@server/interfaces/api/userSettingsInterfaces';
+import { Form, Formik } from 'formik';
+import { useRouter } from 'next/router';
+import { useEffect, useState } from 'react';
+import { useIntl } from 'react-intl';
+import { useToasts } from 'react-toast-notifications';
+import useSWR, { mutate } from 'swr';
+
+const messages = defineMessages(
+  'components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush',
+  {
+    webpushsettingssaved: 'Web push notification settings saved successfully!',
+    webpushsettingsfailed: 'Web push notification settings failed to save.',
+    enablewebpush: 'Enable web push',
+    disablewebpush: 'Disable web push',
+    managedevices: 'Manage Devices',
+    type: 'type',
+    created: 'Created',
+    device: 'Device',
+    subscriptiondeleted: 'Subscription deleted.',
+    subscriptiondeleteerror:
+      'Something went wrong while deleting the user subscription.',
+    nodevicestoshow: 'You have no web push subscriptions to show.',
+    webpushhasbeenenabled: 'Web push has been enabled.',
+    webpushhasbeendisabled: 'Web push has been disabled.',
+    enablingwebpusherror: 'Something went wrong while enabling web push.',
+    disablingwebpusherror: 'Something went wrong while disabling web push.',
+  }
+);
+
+const UserWebPushSettings = () => {
+  const intl = useIntl();
+  const { addToast } = useToasts();
+  const router = useRouter();
+  const { user } = useUser({ id: Number(router.query.userId) });
+  const { currentSettings } = useSettings();
+  const [webPushEnabled, setWebPushEnabled] = useState(false);
+  const {
+    data,
+    error,
+    mutate: revalidate,
+  } = useSWR<UserSettingsNotificationsResponse>(
+    user ? `/api/v1/user/${user?.id}/settings/notifications` : null
+  );
+  const { data: dataDevices, mutate: revalidateDevices } = useSWR<
+    {
+      endpoint: string;
+      p256dh: string;
+      auth: string;
+      userAgent: string;
+      createdAt: Date;
+    }[]
+  >(`/api/v1/user/${user?.id}/pushSubscriptions`, { revalidateOnMount: true });
+
+  // Subscribes to the push manager
+  // Will only add to the database if subscribing for the first time
+  const enablePushNotifications = () => {
+    if ('serviceWorker' in navigator && user?.id) {
+      navigator.serviceWorker
+        .getRegistration('/sw.js')
+        .then(async (registration) => {
+          if (currentSettings.enablePushRegistration) {
+            const sub = await registration?.pushManager.subscribe({
+              userVisibleOnly: true,
+              applicationServerKey: currentSettings.vapidPublic,
+            });
+            const parsedSub = JSON.parse(JSON.stringify(sub));
+
+            if (parsedSub.keys.p256dh && parsedSub.keys.auth) {
+              const res = await fetch('/api/v1/user/registerPushSubscription', {
+                method: 'POST',
+                headers: {
+                  'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                  endpoint: parsedSub.endpoint,
+                  p256dh: parsedSub.keys.p256dh,
+                  auth: parsedSub.keys.auth,
+                  userAgent: navigator.userAgent,
+                }),
+              });
+              if (!res.ok) {
+                throw new Error(res.statusText);
+              }
+              setWebPushEnabled(true);
+              addToast(intl.formatMessage(messages.webpushhasbeenenabled), {
+                appearance: 'success',
+                autoDismiss: true,
+              });
+            }
+          }
+        })
+        .catch(function () {
+          addToast(intl.formatMessage(messages.enablingwebpusherror), {
+            autoDismiss: true,
+            appearance: 'error',
+          });
+        })
+        .finally(function () {
+          revalidateDevices();
+        });
+    }
+  };
+
+  // Unsubscribes from the push manager
+  // Deletes/disables corresponding push subscription from database
+  const disablePushNotifications = async (p256dh?: string) => {
+    if ('serviceWorker' in navigator && user?.id) {
+      navigator.serviceWorker.getRegistration('/sw.js').then((registration) => {
+        registration?.pushManager
+          .getSubscription()
+          .then(async (subscription) => {
+            const parsedSub = JSON.parse(JSON.stringify(subscription));
+
+            const res = await fetch(
+              `/api/v1/user/${user?.id}/pushSubscription/${
+                p256dh ? p256dh : parsedSub.keys.p256dh
+              }`,
+              {
+                method: 'DELETE',
+              }
+            );
+            if (!res.ok) {
+              throw new Error(res.statusText);
+            }
+            if (subscription && (p256dh === parsedSub.keys.p256dh || !p256dh)) {
+              subscription.unsubscribe();
+              setWebPushEnabled(false);
+            }
+            addToast(
+              intl.formatMessage(
+                p256dh
+                  ? messages.subscriptiondeleted
+                  : messages.webpushhasbeendisabled
+              ),
+              {
+                autoDismiss: true,
+                appearance: 'success',
+              }
+            );
+          })
+          .catch(function () {
+            addToast(
+              intl.formatMessage(
+                p256dh
+                  ? messages.subscriptiondeleteerror
+                  : messages.disablingwebpusherror
+              ),
+              {
+                autoDismiss: true,
+                appearance: 'error',
+              }
+            );
+          })
+          .finally(function () {
+            revalidateDevices();
+          });
+      });
+    }
+  };
+
+  // Checks our current subscription on page load
+  // Will set the web push state to true if subscribed
+  useEffect(() => {
+    if ('serviceWorker' in navigator && user?.id) {
+      navigator.serviceWorker
+        .getRegistration('/sw.js')
+        .then(async (registration) => {
+          await registration?.pushManager
+            .getSubscription()
+            .then(async (subscription) => {
+              if (subscription) {
+                const parsedKey = JSON.parse(JSON.stringify(subscription));
+                const response = await fetch(
+                  `/api/v1/user/${user.id}/pushSubscription/${parsedKey.keys.p256dh}`
+                );
+
+                if (!response.ok) {
+                  throw new Error(response.statusText);
+                }
+
+                const currentUserPushSub = {
+                  data: (await response.json()) as UserPushSubscription,
+                };
+
+                if (currentUserPushSub.data.p256dh !== parsedKey.keys.p256dh) {
+                  return;
+                }
+                setWebPushEnabled(true);
+              } else {
+                setWebPushEnabled(false);
+              }
+            });
+        })
+        .catch(function (error) {
+          setWebPushEnabled(false);
+          // eslint-disable-next-line no-console
+          console.log(
+            '[SW] Failure retrieving push manager subscription, error:',
+            error
+          );
+        });
+    }
+  }, [user?.id]);
+
+  if (!data && !error) {
+    return <LoadingSpinner />;
+  }
+
+  return (
+    <>
+      <Formik
+        initialValues={{
+          types: data?.notificationTypes.webpush ?? ALL_NOTIFICATIONS,
+        }}
+        enableReinitialize
+        onSubmit={async (values) => {
+          try {
+            const res = await fetch(
+              `/api/v1/user/${user?.id}/settings/notifications`,
+              {
+                method: 'POST',
+                headers: {
+                  'Content-Type': 'application/json',
+                },
+                body: JSON.stringify({
+                  pgpKey: data?.pgpKey,
+                  discordId: data?.discordId,
+                  pushbulletAccessToken: data?.pushbulletAccessToken,
+                  pushoverApplicationToken: data?.pushoverApplicationToken,
+                  pushoverUserKey: data?.pushoverUserKey,
+                  telegramChatId: data?.telegramChatId,
+                  telegramSendSilently: data?.telegramSendSilently,
+                  notificationTypes: {
+                    webpush: values.types,
+                  },
+                }),
+              }
+            );
+            if (!res.ok) {
+              throw new Error(res.statusText);
+            }
+            mutate('/api/v1/settings/public');
+            addToast(intl.formatMessage(messages.webpushsettingssaved), {
+              appearance: 'success',
+              autoDismiss: true,
+            });
+          } catch (e) {
+            addToast(intl.formatMessage(messages.webpushsettingsfailed), {
+              appearance: 'error',
+              autoDismiss: true,
+            });
+          } finally {
+            revalidate();
+          }
+        }}
+      >
+        {({
+          errors,
+          touched,
+          isSubmitting,
+          isValid,
+          values,
+          setFieldValue,
+          setFieldTouched,
+        }) => {
+          return (
+            <Form className="section">
+              <NotificationTypeSelector
+                user={user}
+                currentTypes={values.types}
+                onUpdate={(newTypes) => {
+                  setFieldValue('types', newTypes);
+                  setFieldTouched('types');
+                }}
+                error={
+                  errors.types && touched.types
+                    ? (errors.types as string)
+                    : undefined
+                }
+              />
+              <div className="actions">
+                <div className="flex justify-end">
+                  <span className="ml-3 inline-flex rounded-md shadow-sm">
+                    <Button
+                      buttonType={`${webPushEnabled ? 'danger' : 'primary'}`}
+                      type="button"
+                      onClick={() =>
+                        webPushEnabled
+                          ? disablePushNotifications()
+                          : enablePushNotifications()
+                      }
+                    >
+                      {webPushEnabled ? (
+                        <CloudArrowDownIcon />
+                      ) : (
+                        <CloudArrowUpIcon />
+                      )}
+                      <span>
+                        {webPushEnabled
+                          ? intl.formatMessage(messages.disablewebpush)
+                          : intl.formatMessage(messages.enablewebpush)}
+                      </span>
+                    </Button>
+                  </span>
+                  <span className="ml-3 inline-flex rounded-md shadow-sm">
+                    <Button
+                      buttonType="primary"
+                      type="submit"
+                      disabled={isSubmitting || !isValid}
+                    >
+                      <ArrowDownOnSquareIcon />
+                      <span>
+                        {isSubmitting
+                          ? intl.formatMessage(globalMessages.saving)
+                          : intl.formatMessage(globalMessages.save)}
+                      </span>
+                    </Button>
+                  </span>
+                </div>
+              </div>
+            </Form>
+          );
+        }}
+      </Formik>
+      <div className="mt-10 mb-6">
+        <h3 className="heading">
+          {intl.formatMessage(messages.managedevices)}
+        </h3>
+        <div className="section">
+          {dataDevices?.length ? (
+            dataDevices
+              ?.sort((a, b) => {
+                const dateA = a.createdAt ? new Date(a.createdAt).getTime() : 0;
+                const dateB = b.createdAt ? new Date(b.createdAt).getTime() : 0;
+                return dateB - dateA;
+              })
+              .map((device, index) => (
+                <div className="py-2" key={`device-list-${index}`}>
+                  <DeviceItem
+                    key={index}
+                    disablePushNotifications={disablePushNotifications}
+                    device={device}
+                  />
+                </div>
+              ))
+          ) : (
+            <>
+              <Alert
+                title={intl.formatMessage(messages.nodevicestoshow)}
+                type="info"
+              />
+            </>
+          )}
+        </div>
+      </div>
+    </>
+  );
+};
+
+export default UserWebPushSettings;

src/i18n/locale/en.json

@@ -1339,6 +1339,26 @@
   "components.UserProfile.UserSettings.UserLinkedAccountsSettings.noPermissionDescription": "You do not have permission to modify this user's linked accounts.",
   "components.UserProfile.UserSettings.UserLinkedAccountsSettings.plexErrorExists": "This account is already linked to a Plex user",
   "components.UserProfile.UserSettings.UserLinkedAccountsSettings.plexErrorUnauthorized": "Unable to connect to Plex using your credentials",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.browser": "Browser",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.created": "Created",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.deletesubscription": "Delete Subscription",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.device": "Device",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.disablewebpush": "Disable web push",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.disablingwebpusherror": "Something went wrong while disabling web push.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.enablewebpush": "Enable web push",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.enablingwebpusherror": "Something went wrong while enabling web push.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.engine": "Engine",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.managedevices": "Manage Devices",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.nodevicestoshow": "You have no web push subscriptions to show.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.operatingsystem": "Operating System",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.subscriptiondeleted": "Subscription deleted.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.subscriptiondeleteerror": "Something went wrong while deleting the user subscription.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.type": "type",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.unknown": "Unknown",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.webpushhasbeendisabled": "Web push has been disabled.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.webpushhasbeenenabled": "Web push has been enabled.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.webpushsettingsfailed": "Web push notification settings failed to save.",
+  "components.UserProfile.UserSettings.UserNotificationSettings.UserNotificationsWebPush.webpushsettingssaved": "Web push notification settings saved successfully!",
   "components.UserProfile.UserSettings.UserNotificationSettings.deviceDefault": "Device Default",
   "components.UserProfile.UserSettings.UserNotificationSettings.discordId": "User ID",
   "components.UserProfile.UserSettings.UserNotificationSettings.discordIdTip": "The <FindDiscordIdLink>multi-digit ID number</FindDiscordIdLink> associated with your user account",
@@ -1378,8 +1398,6 @@
   "components.UserProfile.UserSettings.UserNotificationSettings.validationTelegramChatId": "You must provide a valid chat ID",
   "components.UserProfile.UserSettings.UserNotificationSettings.validationTelegramMessageThreadId": "The thread/topic ID must be a positive whole number",
   "components.UserProfile.UserSettings.UserNotificationSettings.webpush": "Web Push",
-  "components.UserProfile.UserSettings.UserNotificationSettings.webpushsettingsfailed": "Web push notification settings failed to save.",
-  "components.UserProfile.UserSettings.UserNotificationSettings.webpushsettingssaved": "Web push notification settings saved successfully!",
   "components.UserProfile.UserSettings.UserPasswordChange.confirmpassword": "Confirm Password",
   "components.UserProfile.UserSettings.UserPasswordChange.currentpassword": "Current Password",
   "components.UserProfile.UserSettings.UserPasswordChange.newpassword": "New Password",

src/pages/_app.tsx

@@ -242,7 +242,9 @@ CoreApp.getInitialProps = async (initialProps) => {
   if (ctx.res) {
     // Check if app is initialized and redirect if necessary
     const res = await fetch(
-      `http://localhost:${process.env.PORT || 5055}/api/v1/settings/public`
+      `http://${process.env.HOST || 'localhost'}:${
+        process.env.PORT || 5055
+      }/api/v1/settings/public`
     );
     if (!res.ok) throw new Error();
     currentSettings = await res.json();
@@ -260,7 +262,9 @@ CoreApp.getInitialProps = async (initialProps) => {
       try {
         // Attempt to get the user by running a request to the local api
         const res = await fetch(
-          `http://localhost:${process.env.PORT || 5055}/api/v1/auth/me`,
+          `http://${process.env.HOST || 'localhost'}:${
+            process.env.PORT || 5055
+          }/api/v1/auth/me`,
           {
             headers:
               ctx.req && ctx.req.headers.cookie

src/pages/collection/[collectionId]/index.tsx

@@ -14,9 +14,9 @@ export const getServerSideProps: GetServerSideProps<
   CollectionPageProps
 > = async (ctx) => {
   const res = await fetch(
-    `http://localhost:${process.env.PORT || 5055}/api/v1/collection/${
-      ctx.query.collectionId
-    }`,
+    `http://${process.env.HOST || 'localhost'}:${
+      process.env.PORT || 5055
+    }/api/v1/collection/${ctx.query.collectionId}`,
     {
       headers: ctx.req?.headers?.cookie
         ? { cookie: ctx.req.headers.cookie }

src/pages/movie/[movieId]/index.tsx

@@ -14,9 +14,9 @@ export const getServerSideProps: GetServerSideProps<MoviePageProps> = async (
   ctx
 ) => {
   const res = await fetch(
-    `http://localhost:${process.env.PORT || 5055}/api/v1/movie/${
-      ctx.query.movieId
-    }`,
+    `http://${process.env.HOST || 'localhost'}:${
+      process.env.PORT || 5055
+    }/api/v1/movie/${ctx.query.movieId}`,
     {
       headers: ctx.req?.headers?.cookie
         ? { cookie: ctx.req.headers.cookie }

src/pages/tv/[tvId]/index.tsx

@@ -14,7 +14,9 @@ export const getServerSideProps: GetServerSideProps<TvPageProps> = async (
   ctx
 ) => {
   const res = await fetch(
-    `http://localhost:${process.env.PORT || 5055}/api/v1/tv/${ctx.query.tvId}`,
+    `http://${process.env.HOST || 'localhost'}:${
+      process.env.PORT || 5055
+    }/api/v1/tv/${ctx.query.tvId}`,
     {
       headers: ctx.req?.headers?.cookie
         ? { cookie: ctx.req.headers.cookie }

src/utils/fetchOverride.ts

@@ -31,7 +31,7 @@ if (typeof window !== 'undefined') {
 
     const headers = {
       ...(init?.headers || {}),
-      ...(csrfToken ? { 'X-CSRF-TOKEN': csrfToken } : {}),
+      ...(csrfToken ? { 'XSRF-TOKEN': csrfToken } : {}),
     };
 
     const newInit: RequestInit = {