Melon Users Guide

Melon has support for as many users as you want to create. This guide will talk about some specifics around users and how to invite new ones.

Account Types

Admin Accounts

When you first start Melon, you'll setup an account username and password. This is the first Admin account for the instance. Admin accounts can do whatever they please permission wise, so should be given out to only trusted individuals.

User Accounts

User accounts are additional users added to your Melon server. They can listen to tracks, make their own playlists, rate songs, and get their own stats logging. When a user creates a playlist or a collection or a queue, it is considered owned by them, and only visible and editable to them. These objects have properties for allowing other users to view/edit. Additionally, Admins can bypass these restrictions.

Pass Accounts

Pass accounts are currently mostly unused. These are accounts that will be allowed certain endpoints used for Listening Parties. For example, sending a link to a friend to generate them a temporary "Pass Account", that only lets them listen along with the listening party, and then expires with the listening party.

Server Accounts

This isn't technically an account, but it is a user type. This is given to JWT that are granted through auth/code-authenticate. When you invite a user, you generate a code that allows them to call auth/code-authenticate on your server. This generates them a one time use JWT that is a server account. This allows them to call api/users/create, the only api endpoint accessible by server accounts. They create their user, then discard the server account and login to their newly made one.

How to Invite someone

! There are currently no GUI methods for creating new users. !

They way this will work is the inviter will generate an invite code, pass it to the new user along with the server url, and then create their user. This can be accomplished now by calling auth/invite, then auth/code-authenticate, and then using the JWT to call api/users/create.

User properties

Users have a few properties they can set. They can set a Bio and Favorite Track/Album/Artist. You can also choose if your stats are public, aka viewable by other users.

User Friends

! This feature is not fully implemented !

Users can add other users on the server as friends. This will bypass the restrictions for viewing their stats (but not their playlists/collections).

Username / Password changes

api/users exposes endpoints for changing your current Username and Password. If you need to change your Username or Password, you need a valid JWT. These last for an hour, so if you've logged in over the past hour your current one will still do. Once you've changed your Username or Password, all your JWT tokens will become invalid and you'll need to login with your new credentials.

If you do not know / have access to your password anymore, an Admin account can override the JWT restriction and change your password for you. (Note, in the future I'd like Admins to be able to distribute an Invite Token style code to let users change their password on their own, so the admin doesn't need to know the password to change it)