From f068133a76a8fdac01a01d13c2618a1fbf015fc9 Mon Sep 17 00:00:00 2001
From: Brian Witt <brianwitt@gmail.com>
Date: Sun, 17 May 2026 10:36:41 -0700
Subject: [PATCH] use qbittorrent api key

Signed-off-by: Brian Witt <brianwitt@gmail.com>
---
 .../java/org/transdroid/daemon/Daemon.java    |  2 +-
 .../qBittorrent/QBittorrentAdapter.java       | 29 +++++++++++++++++--
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/app/src/main/java/org/transdroid/daemon/Daemon.java b/app/src/main/java/org/transdroid/daemon/Daemon.java
index ae4d6e9c..4b759ecb 100644
--- a/app/src/main/java/org/transdroid/daemon/Daemon.java
+++ b/app/src/main/java/org/transdroid/daemon/Daemon.java
@@ -420,7 +420,7 @@ public static boolean supportsFirstLastPiece(Daemon type) {
     }
 
     public static boolean supportsExtraPassword(Daemon type) {
-        return type == Deluge || type == Aria2;
+        return type == Deluge || type == Aria2 || type == qBittorrent;
     }
 
     public static boolean supportsRemoteRssManagement(Daemon type) {
diff --git a/app/src/main/java/org/transdroid/daemon/adapters/qBittorrent/QBittorrentAdapter.java b/app/src/main/java/org/transdroid/daemon/adapters/qBittorrent/QBittorrentAdapter.java
index 4ed173a1..3dec1980 100644
--- a/app/src/main/java/org/transdroid/daemon/adapters/qBittorrent/QBittorrentAdapter.java
+++ b/app/src/main/java/org/transdroid/daemon/adapters/qBittorrent/QBittorrentAdapter.java
@@ -171,6 +171,10 @@ private int parseVersionNumber(String versionText) {
     }
 
     private synchronized void ensureAuthenticated(Log log) throws DaemonException {
+        if (hasApiKey()) {
+            return;
+        }
+
         // Have we already authenticated?  Check if we have the cookie that we need
         if (isAuthenticated()) {
             return;
@@ -218,6 +222,19 @@ private boolean isSessionCookie(Cookie cookie) {
         return name.equals("SID") || name.startsWith("QBT_SID_");
     }
 
+    private boolean hasApiKey() {
+        return getApiKey() != null;
+    }
+
+    private String getApiKey() {
+        String apiKey = settings.getExtraPassword();
+        if (apiKey == null) {
+            return null;
+        }
+        apiKey = apiKey.trim();
+        return apiKey.length() == 0 ? null : apiKey;
+    }
+
     @Override
     public DaemonTaskResult executeTask(Log log, DaemonTask task) {
 
@@ -595,12 +612,18 @@ private String makeUploadRequest(String path, String file, Log log) throws Daemo
     private String makeWebRequest(HttpPost httppost, Log log) throws DaemonException {
 
         try {
+            String apiKey = getApiKey();
+            if (apiKey != null) {
+                httppost.setHeader("Authorization", "Bearer " + apiKey);
+            }
+
             // Execute
             HttpResponse response = httpclient.execute(httppost);
 
-            // Throw exception on 403
-            if (response.getStatusLine().getStatusCode() == 403) {
-                throw new DaemonException(ExceptionType.AuthenticationFailure, "Response code 403");
+            // Throw exception on authentication failure
+            int statusCode = response.getStatusLine().getStatusCode();
+            if (statusCode == 401 || statusCode == 403) {
+                throw new DaemonException(ExceptionType.AuthenticationFailure, "Response code " + statusCode);
             }
 
             HttpEntity entity = response.getEntity();