lib/vidmoly-upload.js

@@ -111,19 +111,20 @@ class VidmolyUploader {
       throw new Error('Vidmoly Login fehlgeschlagen: Falscher Username oder Passwort');
     }
 
-    // Verify by directly probing the upload-config API. If we get a valid
+    // Verify session by hitting the new SPA dashboard at /my. On the old XFS
-    // JSON with sess_id/upload_url back, we're in. This is the only thing
+    // site the login page included a <form name="password">; the SPA dashboard
-    // we actually need to work, so check it up front instead of guessing
+    // doesn't contain that form when the session is valid (it's rendered by
-    // from SPA HTML markers.
+    // JS), so the absence of a password field + presence of any known marker
+    // (Dashboard / Logout / the user's own username) indicates we're in.
     if (this.cookies.size === 0) {
       throw new Error('Vidmoly Login fehlgeschlagen: Keine Session erhalten');
     }
-    const probe = await this._fetch(`${BASE_URL}/api/upload/config`);
+    const verifyRes = await this._fetch(`${BASE_URL}/my`);
-    const probeBody = await probe.text();
+    const verifyBody = await verifyRes.text();
-    let probeJson = null;
+    const hasPasswordForm = /<form[^>]*>[\s\S]{0,800}?name=["']password["']/i.test(verifyBody);
-    try { probeJson = JSON.parse(probeBody); } catch {}
+    const hasDashboardMarker = /(?:Dashboard|Video[- ]Manager|Logout|dashboard|my[_ -]?(account|files))/i.test(verifyBody);
-    if (!probeJson || !probeJson.sess_id || !probeJson.upload_url) {
+    if (hasPasswordForm || !hasDashboardMarker) {
-      throw new Error('Vidmoly Login fehlgeschlagen: Session konnte nicht verifiziert werden (API-Probe)');
+      throw new Error('Vidmoly Login fehlgeschlagen: Session konnte nicht verifiziert werden');
     }
   }
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "multi-hoster-uploader",
-  "version": "2.9.7",
+  "version": "2.9.6",
   "description": "Upload files to doodstream, voe, vidmoly, byse simultaneously",
   "main": "main.js",
   "scripts": {