lib/vidmoly-upload.js

@@ -81,40 +81,43 @@ class VidmolyUploader {
   }
 
   /**
-   * Login to Vidmoly via the new JSON API (replaces the old XFS form POST
-   * at `/` with `op=login`, which the SPA redesign deprecated). The response
-   * sets a `vidmoly_session` HttpOnly cookie that the upload API checks.
+   * Login to Vidmoly
    */
   async login(username, password) {
-    // Warm up — get baseline cookies (cf_clearance etc.)
-    try {
+    // First GET the main page to get initial cookies
     const initRes = await this._fetch(BASE_URL);
     await initRes.text();
-    } catch {}
 
-    const res = await this._fetch(`${BASE_URL}/api/auth/login`, {
+    // POST login
+    const loginData = new URLSearchParams({
+      op: 'login',
+      login: username,
+      password: password,
+      redirect: ''
+    });
+
+    const res = await this._fetch(BASE_URL, {
       method: 'POST',
-      body: JSON.stringify({ login: username, password }),
+      body: loginData.toString(),
       headers: {
-        'Content-Type': 'application/json',
-        'Accept': 'application/json',
-        'Origin': BASE_URL,
-        'Referer': `${BASE_URL}/login`
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Referer': BASE_URL
       }
     });
 
     const body = await res.text();
-    if (res.status === 401 || res.status === 403 || /incorrect|invalid|wrong/i.test(body)) {
+
+    if (body.includes('Incorrect Login or Password')) {
       throw new Error('Vidmoly Login fehlgeschlagen: Falscher Username oder Passwort');
     }
-    if (res.status < 200 || res.status >= 300) {
-      throw new Error(`Vidmoly Login fehlgeschlagen: HTTP ${res.status}`);
-    }
-    if (!this.cookies.has('vidmoly_session')) {
-      throw new Error('Vidmoly Login fehlgeschlagen: Keine Session erhalten (vidmoly_session fehlt)');
-    }
 
-    // Probe the upload API so downstream getUploadParams() has a warm path.
+    // Verify by directly probing the upload-config API. If we get a valid
+    // JSON with sess_id/upload_url back, we're in. This is the only thing
+    // we actually need to work, so check it up front instead of guessing
+    // from SPA HTML markers.
+    if (this.cookies.size === 0) {
+      throw new Error('Vidmoly Login fehlgeschlagen: Keine Session erhalten');
+    }
     const probe = await this._fetch(`${BASE_URL}/api/upload/config`);
     const probeBody = await probe.text();
     let probeJson = null;

package.json

@@ -1,6 +1,6 @@
 {
   "name": "multi-hoster-uploader",
-  "version": "2.9.8",
+  "version": "2.9.7",
   "description": "Upload files to doodstream, voe, vidmoly, byse simultaneously",
   "main": "main.js",
   "scripts": {