1 files changed, 16 insertions, 1 deletions

diff --git a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
index bb6192b03..a753d6083 100644
--- a/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
+++ b/Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
@@ -1,6 +1,7 @@
 using System.Security.Claims;
 using System.Text.Encodings.Web;
 using System.Threading.Tasks;
+using Jellyfin.Api.Enums;
 using MediaBrowser.Controller.Net;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.Extensions.Logging;
@@ -8,10 +9,21 @@ using Microsoft.Extensions.Options;
 
 namespace Jellyfin.Api.Auth
 {
+    /// <summary>
+    /// Custom authentication handler wrapping the legacy authentication.
+    /// </summary>
     public class CustomAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
     {
         private readonly IAuthService _authService;
 
+        /// <summary>
+        /// Initializes a new instance of the <see cref="CustomAuthenticationHandler" /> class.
+        /// </summary>
+        /// <param name="authService">The jellyfin authentication service.</param>
+        /// <param name="options">Options monitor.</param>
+        /// <param name="logger">The logger.</param>
+        /// <param name="encoder">The url encoder.</param>
+        /// <param name="clock">The system clock.</param>
         public CustomAuthenticationHandler(
             IAuthService authService,
             IOptionsMonitor<AuthenticationSchemeOptions> options,
@@ -22,6 +34,7 @@ namespace Jellyfin.Api.Auth
             _authService = authService;
         }
 
+        /// <inheritdoc />
         protected override Task<AuthenticateResult> HandleAuthenticateAsync()
         {
             var authenticatedAttribute = new AuthenticatedAttribute();
@@ -36,7 +49,9 @@ namespace Jellyfin.Api.Auth
                 var claims = new[]
                 {
                     new Claim(ClaimTypes.Name, user.Name),
-                    new Claim(ClaimTypes.Role, user.Policy.IsAdministrator ? "Administrator" : "User"),
+                    new Claim(
+                        ClaimTypes.Role,
+                        value: user.Policy.IsAdministrator ? UserRole.Administrator.ToString() : UserRole.User.ToString())
                 };
                 var identity = new ClaimsIdentity(claims, Scheme.Name);
                 var principal = new ClaimsPrincipal(identity);