Merge commit from fork

Fix a logic flaw in the jellyfin auth guard that allowed unauthenticated users to register accounts
on Plex-configured instances by authenticating against an attacker-controlled Jellyfin server.

server/routes/auth.ts

@@ -244,8 +244,7 @@ authRoutes.post('/jellyfin', async (req, res, next) => {
     (settings.main.mediaServerLogin === false ||
       // media server is neither jellyfin or emby
       (settings.main.mediaServerType !== MediaServerType.JELLYFIN &&
-        settings.main.mediaServerType !== MediaServerType.EMBY &&
-        settings.jellyfin.ip !== ''))
+        settings.main.mediaServerType !== MediaServerType.EMBY))
   ) {
     return res.status(500).json({ error: 'Jellyfin login is disabled' });
   }