mirror of https://github.com/Ombi-app/Ombi
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
790 lines
33 KiB
790 lines
33 KiB
8 years ago
|
#region Copyright
|
||
|
|
// /************************************************************************
|
||
|
|
// Copyright (c) 2016 Jamie Rees
|
||
|
|
// File: UserLoginModule.cs
|
||
|
|
// Created By: Jamie Rees
|
||
|
|
//
|
||
|
|
// Permission is hereby granted, free of charge, to any person obtaining
|
||
|
|
// a copy of this software and associated documentation files (the
|
||
|
|
// "Software"), to deal in the Software without restriction, including
|
||
|
|
// without limitation the rights to use, copy, modify, merge, publish,
|
||
|
|
// distribute, sublicense, and/or sell copies of the Software, and to
|
||
|
|
// permit persons to whom the Software is furnished to do so, subject to
|
||
|
|
// the following conditions:
|
||
|
|
//
|
||
|
|
// The above copyright notice and this permission notice shall be
|
||
|
|
// included in all copies or substantial portions of the Software.
|
||
|
|
//
|
||
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||
|
|
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||
|
|
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
||
|
|
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
||
|
|
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
||
|
|
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||
|
|
// ************************************************************************/
|
||
|
|
#endregion
|
||
|
|
|
||
|
|
using System;
|
||
8 years ago
|
using System.IO;
|
||
|
8 years ago
|
using System.Linq;
|
||
|
8 years ago
|
using System.Reflection;
|
||
|
8 years ago
|
using System.Threading.Tasks;
|
||
|
|
using Nancy;
|
||
|
|
using Nancy.Extensions;
|
||
8 years ago
|
using Nancy.Linker;
|
||
|
8 years ago
|
using NLog;
|
||
|
8 years ago
|
using Ombi.Api;
|
||
|
8 years ago
|
using Ombi.Api.Interfaces;
|
||
|
8 years ago
|
using Ombi.Api.Models.Emby;
|
||
|
8 years ago
|
using Ombi.Api.Models.Plex;
|
||
|
|
using Ombi.Core;
|
||
|
|
using Ombi.Core.SettingModels;
|
||
|
|
using Ombi.Core.Users;
|
||
|
|
using Ombi.Helpers;
|
||
|
|
using Ombi.Helpers.Analytics;
|
||
|
|
using Ombi.Helpers.Permissions;
|
||
|
|
using Ombi.Store;
|
||
|
|
using Ombi.Store.Models;
|
||
|
8 years ago
|
using Ombi.Store.Models.Emby;
|
||
|
8 years ago
|
using Ombi.Store.Models.Plex;
|
||
|
8 years ago
|
using Ombi.Store.Repository;
|
||
|
|
using Ombi.UI.Authentication;
|
||
|
|
using ISecurityExtensions = Ombi.Core.ISecurityExtensions;
|
||
|
8 years ago
|
|
||
|
8 years ago
|
|
||
|
8 years ago
|
namespace Ombi.UI.Modules
|
||
|
8 years ago
|
{
|
||
|
|
public class UserLoginModule : BaseModule
|
||
|
|
{
|
||
|
8 years ago
|
public UserLoginModule(ISettingsService<AuthenticationSettings> auth, IPlexApi api, ISettingsService<PlexSettings> plexSettings, ISettingsService<PlexRequestSettings> pr,
|
||
|
8 years ago
|
ISettingsService<LandingPageSettings> lp, IAnalytics a, IResourceLinker linker, IRepository<UserLogins> userLogins, IExternalUserRepository<PlexUsers> plexUsers, ICustomUserMapper custom,
|
||
|
8 years ago
|
ISecurityExtensions security, ISettingsService<UserManagementSettings> userManagementSettings, IEmbyApi embyApi, ISettingsService<EmbySettings> emby, IExternalUserRepository<EmbyUsers> embyU,
|
||
|
|
IUserHelper userHelper)
|
||
|
8 years ago
|
: base("userlogin", pr, security)
|
||
|
8 years ago
|
{
|
||
|
|
AuthService = auth;
|
||
|
|
LandingPageSettings = lp;
|
||
|
|
Analytics = a;
|
||
8 years ago
|
PlexApi = api;
|
||
|
8 years ago
|
PlexSettings = plexSettings;
|
||
|
8 years ago
|
Linker = linker;
|
||
|
8 years ago
|
UserLogins = userLogins;
|
||
|
8 years ago
|
PlexUserRepository = plexUsers;
|
||
|
|
CustomUserMapper = custom;
|
||
|
8 years ago
|
UserManagementSettings = userManagementSettings;
|
||
|
8 years ago
|
EmbySettings = emby;
|
||
|
|
EmbyApi = embyApi;
|
||
|
|
EmbyUserRepository = embyU;
|
||
|
8 years ago
|
UserHelper = userHelper;
|
||
|
8 years ago
|
|
||
|
8 years ago
|
Post["/", true] = async (x, ct) => await LoginUser();
|
||
|
8 years ago
|
Get["/logout"] = x => Logout();
|
||
|
8 years ago
|
|
||
|
8 years ago
|
Get["UserLoginIndex", "/", true] = async (x, ct) =>
|
||
|
8 years ago
|
{
|
||
|
|
if (Request.Query["landing"] == null)
|
||
|
|
{
|
||
|
|
var s = await LandingPageSettings.GetSettingsAsync();
|
||
|
|
if (s.Enabled)
|
||
|
|
{
|
||
|
|
if (s.BeforeLogin) // Before login
|
||
|
|
{
|
||
|
|
if (string.IsNullOrEmpty(Username))
|
||
|
|
{
|
||
|
|
// They are not logged in
|
||
|
|
return
|
||
|
|
Context.GetRedirect(Linker.BuildRelativeUri(Context, "LandingPageIndex").ToString());
|
||
|
|
}
|
||
|
|
return Context.GetRedirect(Linker.BuildRelativeUri(Context, "SearchIndex").ToString());
|
||
|
|
}
|
||
|
|
|
||
|
|
// After login
|
||
|
|
if (string.IsNullOrEmpty(Username))
|
||
|
|
{
|
||
|
|
// Not logged in yet
|
||
|
8 years ago
|
return Context.GetRedirect(Linker.BuildRelativeUri(Context, "UserLoginIndex").ToString() + "?landing");
|
||
|
8 years ago
|
}
|
||
|
|
// Send them to landing
|
||
|
|
var landingUrl = Linker.BuildRelativeUri(Context, "LandingPageIndex").ToString();
|
||
|
|
return Context.GetRedirect(landingUrl);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!string.IsNullOrEmpty(Username) || IsAdmin)
|
||
|
|
{
|
||
|
|
var url = Linker.BuildRelativeUri(Context, "SearchIndex").ToString();
|
||
|
|
return Response.AsRedirect(url);
|
||
|
|
}
|
||
|
|
var settings = await AuthService.GetSettingsAsync();
|
||
|
|
return View["Username", settings];
|
||
|
|
};
|
||
|
|
|
||
|
|
Post["/login", true] = async (x, ct) => await UsernameLogin();
|
||
|
|
Post["/password", true] = async (x, ct) => await PasswordLogin();
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
|
private ISettingsService<AuthenticationSettings> AuthService { get; }
|
||
|
|
private ISettingsService<LandingPageSettings> LandingPageSettings { get; }
|
||
|
8 years ago
|
private ISettingsService<PlexSettings> PlexSettings { get; }
|
||
|
8 years ago
|
private ISettingsService<EmbySettings> EmbySettings { get; }
|
||
|
8 years ago
|
private IPlexApi PlexApi { get; }
|
||
|
8 years ago
|
private IEmbyApi EmbyApi { get; }
|
||
|
8 years ago
|
private IResourceLinker Linker { get; }
|
||
|
8 years ago
|
private IAnalytics Analytics { get; }
|
||
|
8 years ago
|
private IRepository<UserLogins> UserLogins { get; }
|
||
|
8 years ago
|
private IExternalUserRepository<PlexUsers> PlexUserRepository { get; }
|
||
|
8 years ago
|
private IExternalUserRepository<EmbyUsers> EmbyUserRepository { get; }
|
||
|
8 years ago
|
private ICustomUserMapper CustomUserMapper { get; }
|
||
|
8 years ago
|
private ISettingsService<UserManagementSettings> UserManagementSettings { get; }
|
||
|
8 years ago
|
private IUserHelper UserHelper { get; }
|
||
|
8 years ago
|
|
||
|
|
private static Logger Log = LogManager.GetCurrentClassLogger();
|
||
|
|
|
||
|
8 years ago
|
private async Task<Response> UsernameLogin()
|
||
|
|
{
|
||
|
|
var username = Request.Form.username.Value;
|
||
|
|
var dateTimeOffset = Request.Form.DateTimeOffset;
|
||
|
|
var loginGuid = Guid.Empty;
|
||
|
|
var settings = await AuthService.GetSettingsAsync();
|
||
|
|
|
||
|
|
if (string.IsNullOrWhiteSpace(username) || IsUserInDeniedList(username, settings))
|
||
|
|
{
|
||
|
|
return Response.AsJson(new { result = false, message = Resources.UI.UserLogin_IncorrectUserPass });
|
||
|
|
}
|
||
|
|
|
||
|
|
var plexSettings = await PlexSettings.GetSettingsAsync();
|
||
|
8 years ago
|
var embySettings = await EmbySettings.GetSettingsAsync();
|
||
|
8 years ago
|
|
||
|
|
var authenticated = false;
|
||
|
|
var isOwner = false;
|
||
|
|
var userId = string.Empty;
|
||
|
8 years ago
|
EmbyUser embyUser = null;
|
||
|
8 years ago
|
|
||
|
8 years ago
|
if (plexSettings.Enable)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
if (settings.UserAuthentication) // Check against the users in Plex
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
try
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
Log.Debug("Need to auth");
|
||
|
|
authenticated = CheckIfUserIsInPlexFriends(username, plexSettings.PlexAuthToken);
|
||
|
|
if (authenticated)
|
||
|
|
{
|
||
|
|
userId = GetUserIdIsInPlexFriends(username, plexSettings.PlexAuthToken);
|
||
|
|
}
|
||
|
|
if (CheckIfUserIsOwner(plexSettings.PlexAuthToken, username))
|
||
|
|
{
|
||
|
|
Log.Debug("User is the account owner");
|
||
|
|
authenticated = true;
|
||
|
|
isOwner = true;
|
||
|
|
userId = GetOwnerId(plexSettings.PlexAuthToken, username);
|
||
|
|
}
|
||
|
|
Log.Debug("Friends list result = {0}", authenticated);
|
||
|
8 years ago
|
}
|
||
|
8 years ago
|
catch (Exception)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
return Response.AsJson(new {result = false, message = Resources.UI.UserLogin_IncorrectUserPass});
|
||
|
8 years ago
|
}
|
||
|
8 years ago
|
}
|
||
|
8 years ago
|
else if (!settings.UserAuthentication) // No auth, let them pass!
|
||
|
8 years ago
|
{
|
||
|
|
authenticated = true;
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
if (embySettings.Enable)
|
||
|
|
{
|
||
|
|
if (settings.UserAuthentication) // Check against the users in Plex
|
||
|
|
{
|
||
|
|
Log.Debug("Need to auth");
|
||
|
|
authenticated = CheckIfEmbyUser(username, embySettings);
|
||
|
|
if (authenticated)
|
||
|
|
{
|
||
|
|
embyUser = GetEmbyUser(username, embySettings);
|
||
|
|
userId = embyUser?.Id;
|
||
|
|
}
|
||
|
|
if (embyUser?.Policy?.IsAdministrator ?? false)
|
||
|
|
{
|
||
|
|
Log.Debug("User is the account owner");
|
||
|
|
authenticated = true;
|
||
|
|
isOwner = true;
|
||
|
|
}
|
||
|
|
Log.Debug("Friends list result = {0}", authenticated);
|
||
|
|
}
|
||
|
|
else if (!settings.UserAuthentication) // No auth, let them pass!
|
||
|
8 years ago
|
{
|
||
|
|
authenticated = true;
|
||
|
|
}
|
||
|
|
}
|
||
|
8 years ago
|
|
||
|
|
UsersModel dbUser = await IsDbuser(username);
|
||
|
|
if (dbUser != null) // in the db?
|
||
|
|
{
|
||
|
|
var perms = (Permissions)dbUser.Permissions;
|
||
|
|
authenticated = true;
|
||
|
|
isOwner = perms.HasFlag(Permissions.Administrator);
|
||
|
|
userId = dbUser.UserGuid;
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
if (settings.UsePassword || isOwner || Security.HasPermissions(username, Permissions.Administrator))
|
||
|
8 years ago
|
{
|
||
|
|
Session[SessionKeys.UserLoginName] = username;
|
||
|
|
|
||
|
|
var path = Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), "Views", "UserLogin");
|
||
|
|
var file = System.IO.Directory.GetFiles(path).FirstOrDefault(x => x.Contains("Password.cshtml"));
|
||
|
|
var html = File.ReadAllText(file);
|
||
|
|
|
||
|
|
return Response.AsJson(new { result = true, usePassword = true, html });
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!authenticated)
|
||
|
|
{
|
||
|
|
return Response.AsJson(new { result = false, message = Resources.UI.UserLogin_IncorrectUserPass });
|
||
|
|
}
|
||
|
8 years ago
|
var result = await AuthenticationSetup(userId, username, dateTimeOffset, loginGuid, isOwner, plexSettings.Enable, embySettings.Enable);
|
||
|
8 years ago
|
|
||
|
|
|
||
|
8 years ago
|
var landingSettings = await LandingPageSettings.GetSettingsAsync();
|
||
|
|
|
||
|
|
if (landingSettings.Enabled)
|
||
|
|
{
|
||
|
|
if (!landingSettings.BeforeLogin) // After Login
|
||
|
|
{
|
||
|
|
var uri = Linker.BuildRelativeUri(Context, "LandingPageIndex");
|
||
|
|
if (loginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
return CustomModuleExtensions.LoginAndRedirect(this, result.LoginGuid, null, uri.ToString());
|
||
|
|
}
|
||
|
|
return Response.AsRedirect(uri.ToString());
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
8 years ago
|
var retVal = Linker.BuildRelativeUri(Context, "SearchIndex");
|
||
|
|
if (result.LoginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
return CustomModuleExtensions.LoginAndRedirect(this, result.LoginGuid, null, retVal.ToString());
|
||
|
|
}
|
||
|
|
return Response.AsJson(new { result = true, url = retVal.ToString() });
|
||
|
|
}
|
||
|
|
|
||
|
|
private async Task<PlexUsers> IsPlexUser(string username)
|
||
|
|
{
|
||
|
|
var plexLocalUsers = await PlexUserRepository.GetAllAsync();
|
||
|
|
|
||
|
|
var plexLocal = plexLocalUsers.FirstOrDefault(x => x.Username == username);
|
||
|
|
return plexLocal;
|
||
|
|
}
|
||
|
|
|
||
|
|
private async Task<UsersModel> IsDbuser(string username)
|
||
|
|
{
|
||
|
|
var localUsers = await CustomUserMapper.GetUsersAsync();
|
||
|
|
|
||
|
|
var dbUser = localUsers.FirstOrDefault(x => x.UserName == username);
|
||
|
|
return dbUser;
|
||
|
|
}
|
||
|
|
|
||
|
|
private async Task<Response> PasswordLogin()
|
||
|
|
{
|
||
|
|
var password = Request.Form.password.Value;
|
||
|
|
|
||
|
|
if (string.IsNullOrEmpty(password))
|
||
|
|
{
|
||
|
|
|
||
|
|
return Response.AsJson(new { result = false, message = Resources.UI.UserLogin_IncorrectUserPass });
|
||
|
|
}
|
||
|
|
|
||
|
|
var dateTimeOffset = Request.Form.DateTimeOffset;
|
||
|
|
var loginGuid = Guid.Empty;
|
||
|
|
var settings = await AuthService.GetSettingsAsync();
|
||
|
|
var username = Session[SessionKeys.UserLoginName].ToString();
|
||
|
|
var authenticated = false;
|
||
|
|
var isOwner = false;
|
||
|
|
var userId = string.Empty;
|
||
|
|
|
||
|
|
var plexSettings = await PlexSettings.GetSettingsAsync();
|
||
|
8 years ago
|
var embySettings = await EmbySettings.GetSettingsAsync();
|
||
|
8 years ago
|
|
||
|
8 years ago
|
// attempt local login first as it has the least amount of overhead
|
||
|
|
userId = CustomUserMapper.ValidateUser(username, password)?.ToString();
|
||
|
|
if (userId != null)
|
||
|
|
{
|
||
|
|
authenticated = true;
|
||
|
|
}
|
||
|
|
else if (userId == null && plexSettings.Enable)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
if (settings.UserAuthentication) // Authenticate with Plex
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
Log.Debug("Need to auth and also provide pass");
|
||
|
8 years ago
|
var signedIn = (PlexAuthentication) PlexApi.SignIn(username, password);
|
||
|
8 years ago
|
if (signedIn.user?.authentication_token != null)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
Log.Debug("Correct credentials, checking if the user is account owner or in the friends list");
|
||
|
|
if (CheckIfUserIsOwner(plexSettings.PlexAuthToken, signedIn.user?.username))
|
||
|
|
{
|
||
|
|
Log.Debug("User is the account owner");
|
||
|
|
authenticated = true;
|
||
|
|
isOwner = true;
|
||
|
|
}
|
||
|
|
else
|
||
|
|
{
|
||
|
|
authenticated = CheckIfUserIsInPlexFriends(username, plexSettings.PlexAuthToken);
|
||
|
|
Log.Debug("Friends list result = {0}", authenticated);
|
||
|
|
}
|
||
|
|
userId = signedIn.user.uuid;
|
||
|
8 years ago
|
}
|
||
|
8 years ago
|
}
|
||
|
|
}
|
||
|
8 years ago
|
else if (userId == null && embySettings.Enable)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
if (settings.UserAuthentication) // Authenticate with Emby
|
||
|
8 years ago
|
{
|
||
|
|
Log.Debug("Need to auth and also provide pass");
|
||
|
8 years ago
|
EmbyUser signedIn = null;
|
||
|
|
try
|
||
|
|
{
|
||
|
|
signedIn = (EmbyUser)EmbyApi.LogIn(username, password, embySettings.ApiKey, embySettings.FullUri);
|
||
|
|
}
|
||
|
|
catch (Exception e)
|
||
|
|
{
|
||
|
|
Log.Error(e);
|
||
|
|
}
|
||
|
8 years ago
|
if (signedIn != null)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
Log.Debug("Correct credentials, checking if the user is account owner or in the friends list");
|
||
|
|
if (signedIn?.Policy?.IsAdministrator ?? false)
|
||
|
|
{
|
||
|
|
Log.Debug("User is the account owner");
|
||
|
|
authenticated = true;
|
||
|
|
isOwner = true;
|
||
|
|
}
|
||
|
|
else
|
||
|
|
{
|
||
|
|
authenticated = CheckIfEmbyUser(username, embySettings);
|
||
|
|
Log.Debug("Friends list result = {0}", authenticated);
|
||
|
|
}
|
||
|
|
userId = signedIn?.Id;
|
||
|
8 years ago
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
if (!authenticated)
|
||
|
|
{
|
||
|
|
return Response.AsJson(new { result = false, message = Resources.UI.UserLogin_IncorrectUserPass });
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
var m = await AuthenticationSetup(userId, username, dateTimeOffset, loginGuid, isOwner, plexSettings.Enable, embySettings.Enable);
|
||
|
8 years ago
|
|
||
|
8 years ago
|
var landingSettings = await LandingPageSettings.GetSettingsAsync();
|
||
|
|
|
||
|
|
if (landingSettings.Enabled)
|
||
|
|
{
|
||
|
|
if (!landingSettings.BeforeLogin) // After Login
|
||
|
|
{
|
||
|
|
var uri = Linker.BuildRelativeUri(Context, "LandingPageIndex");
|
||
|
|
if (m.LoginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
return CustomModuleExtensions.LoginAndRedirect(this, m.LoginGuid, null, uri.ToString());
|
||
|
|
}
|
||
|
|
return Response.AsRedirect(uri.ToString());
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
var retVal = Linker.BuildRelativeUri(Context, "SearchIndex");
|
||
|
|
if (m.LoginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
return CustomModuleExtensions.LoginAndRedirect(this, m.LoginGuid, null, retVal.ToString());
|
||
|
|
}
|
||
|
|
return Response.AsJson(new { result = true, url = retVal.ToString() });
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
private async Task<Response> LoginUser()
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
var userId = string.Empty;
|
||
|
8 years ago
|
var loginGuid = Guid.Empty;
|
||
|
8 years ago
|
var dateTimeOffset = Request.Form.DateTimeOffset;
|
||
|
|
var username = Request.Form.username.Value;
|
||
|
|
Log.Debug("Username \"{0}\" attempting to login", username);
|
||
|
|
if (string.IsNullOrWhiteSpace(username))
|
||
|
|
{
|
||
|
8 years ago
|
Session["TempMessage"] = Resources.UI.UserLogin_IncorrectUserPass;
|
||
|
8 years ago
|
var uri = Linker.BuildRelativeUri(Context, "UserLoginIndex");
|
||
|
8 years ago
|
return Response.AsRedirect(uri.ToString());
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
|
var authenticated = false;
|
||
|
8 years ago
|
var isOwner = false;
|
||
|
8 years ago
|
|
||
|
8 years ago
|
var settings = await AuthService.GetSettingsAsync();
|
||
|
|
var plexSettings = await PlexSettings.GetSettingsAsync();
|
||
|
8 years ago
|
|
||
|
|
if (IsUserInDeniedList(username, settings))
|
||
|
|
{
|
||
|
|
Log.Debug("User is in denied list, not allowing them to authenticate");
|
||
|
8 years ago
|
Session["TempMessage"] = Resources.UI.UserLogin_IncorrectUserPass;
|
||
|
8 years ago
|
var uri = Linker.BuildRelativeUri(Context, "UserLoginIndex");
|
||
|
8 years ago
|
return Response.AsRedirect(uri.ToString());
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
|
var password = string.Empty;
|
||
|
|
if (settings.UsePassword)
|
||
|
|
{
|
||
|
|
Log.Debug("Using password");
|
||
|
|
password = Request.Form.password.Value;
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
var localUsers = await CustomUserMapper.GetUsersAsync();
|
||
|
|
var plexLocalUsers = await PlexUserRepository.GetAllAsync();
|
||
|
|
|
||
|
8 years ago
|
|
||
|
|
if (settings.UserAuthentication && settings.UsePassword) // Authenticate with Plex
|
||
|
|
{
|
||
|
|
Log.Debug("Need to auth and also provide pass");
|
||
|
8 years ago
|
var signedIn = (PlexAuthentication)PlexApi.SignIn(username, password);
|
||
|
8 years ago
|
if (signedIn.user?.authentication_token != null)
|
||
|
|
{
|
||
|
|
Log.Debug("Correct credentials, checking if the user is account owner or in the friends list");
|
||
|
8 years ago
|
if (CheckIfUserIsOwner(plexSettings.PlexAuthToken, signedIn.user?.username))
|
||
|
8 years ago
|
{
|
||
|
|
Log.Debug("User is the account owner");
|
||
|
|
authenticated = true;
|
||
|
8 years ago
|
isOwner = true;
|
||
|
8 years ago
|
}
|
||
|
|
else
|
||
|
|
{
|
||
|
8 years ago
|
authenticated = CheckIfUserIsInPlexFriends(username, plexSettings.PlexAuthToken);
|
||
|
8 years ago
|
Log.Debug("Friends list result = {0}", authenticated);
|
||
|
|
}
|
||
|
8 years ago
|
userId = signedIn.user.uuid;
|
||
|
8 years ago
|
}
|
||
|
|
}
|
||
|
|
else if (settings.UserAuthentication) // Check against the users in Plex
|
||
|
|
{
|
||
|
|
Log.Debug("Need to auth");
|
||
|
8 years ago
|
authenticated = CheckIfUserIsInPlexFriends(username, plexSettings.PlexAuthToken);
|
||
|
8 years ago
|
if (authenticated)
|
||
|
|
{
|
||
|
|
userId = GetUserIdIsInPlexFriends(username, plexSettings.PlexAuthToken);
|
||
|
|
}
|
||
|
8 years ago
|
if (CheckIfUserIsOwner(plexSettings.PlexAuthToken, username))
|
||
|
8 years ago
|
{
|
||
|
|
Log.Debug("User is the account owner");
|
||
|
|
authenticated = true;
|
||
|
8 years ago
|
isOwner = true;
|
||
|
8 years ago
|
userId = GetOwnerId(plexSettings.PlexAuthToken, username);
|
||
|
8 years ago
|
}
|
||
|
|
Log.Debug("Friends list result = {0}", authenticated);
|
||
|
|
}
|
||
|
|
else if (!settings.UserAuthentication) // No auth, let them pass!
|
||
|
|
{
|
||
|
|
Log.Debug("No need to auth");
|
||
|
|
authenticated = true;
|
||
|
|
}
|
||
|
|
|
||
|
|
if (authenticated)
|
||
|
|
{
|
||
|
8 years ago
|
UserLogins.Insert(new UserLogins { UserId = userId, Type = UserType.PlexUser, LastLoggedIn = DateTime.UtcNow });
|
||
|
8 years ago
|
Log.Debug("We are authenticated! Setting session.");
|
||
|
|
// Add to the session (Used in the BaseModules)
|
||
|
|
Session[SessionKeys.UsernameKey] = (string)username;
|
||
|
8 years ago
|
Session[SessionKeys.ClientDateTimeOffsetKey] = (int)dateTimeOffset;
|
||
|
8 years ago
|
|
||
|
|
var plexLocal = plexLocalUsers.FirstOrDefault(x => x.Username == username);
|
||
|
|
if (plexLocal != null)
|
||
|
|
{
|
||
|
|
loginGuid = Guid.Parse(plexLocal.LoginId);
|
||
|
|
}
|
||
|
|
|
||
|
|
var dbUser = localUsers.FirstOrDefault(x => x.UserName == username);
|
||
|
|
if (dbUser != null)
|
||
|
|
{
|
||
|
|
loginGuid = Guid.Parse(dbUser.UserGuid);
|
||
|
|
}
|
||
|
8 years ago
|
|
||
|
8 years ago
|
if (loginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
if (!settings.UserAuthentication)// Do not need to auth make admin use login screen for now TODO remove this
|
||
|
|
{
|
||
|
8 years ago
|
if (dbUser != null)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
var perms = (Permissions)dbUser.Permissions;
|
||
|
8 years ago
|
if (perms.HasFlag(Permissions.Administrator))
|
||
|
|
{
|
||
|
|
var uri = Linker.BuildRelativeUri(Context, "UserLoginIndex");
|
||
|
|
Session["TempMessage"] = Resources.UI.UserLogin_AdminUsePassword;
|
||
|
|
return Response.AsRedirect(uri.ToString());
|
||
|
|
}
|
||
|
|
}
|
||
|
|
if (plexLocal != null)
|
||
|
|
{
|
||
|
|
var perms = (Permissions)plexLocal.Permissions;
|
||
|
|
if (perms.HasFlag(Permissions.Administrator))
|
||
|
|
{
|
||
|
|
var uri = Linker.BuildRelativeUri(Context, "UserLoginIndex");
|
||
|
|
Session["TempMessage"] = Resources.UI.UserLogin_AdminUsePassword;
|
||
|
|
return Response.AsRedirect(uri.ToString());
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
if (loginGuid == Guid.Empty && settings.UserAuthentication)
|
||
|
8 years ago
|
{
|
||
|
|
var defaultSettings = UserManagementSettings.GetSettings();
|
||
|
|
loginGuid = Guid.NewGuid();
|
||
|
8 years ago
|
|
||
|
|
var defaultPermissions = (Permissions)UserManagementHelper.GetPermissions(defaultSettings);
|
||
|
|
if (isOwner)
|
||
|
|
{
|
||
|
|
// If we are the owner, add the admin permission.
|
||
|
|
if (!defaultPermissions.HasFlag(Permissions.Administrator))
|
||
|
|
{
|
||
|
|
defaultPermissions += (int)Permissions.Administrator;
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
// Looks like we still don't have an entry, so this user does not exist
|
||
|
|
await PlexUserRepository.InsertAsync(new PlexUsers
|
||
|
|
{
|
||
|
8 years ago
|
PlexUserId = userId,
|
||
|
8 years ago
|
UserAlias = string.Empty,
|
||
|
8 years ago
|
Permissions = (int)defaultPermissions,
|
||
|
8 years ago
|
Features = UserManagementHelper.GetPermissions(defaultSettings),
|
||
|
8 years ago
|
Username = username,
|
||
|
8 years ago
|
EmailAddress = string.Empty, // We don't have it, we will get it on the next scheduled job run (in 30 mins)
|
||
|
8 years ago
|
LoginId = loginGuid.ToString()
|
||
|
|
});
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
|
if (!authenticated)
|
||
|
|
{
|
||
|
8 years ago
|
var uri = Linker.BuildRelativeUri(Context, "UserLoginIndex");
|
||
|
8 years ago
|
Session["TempMessage"] = Resources.UI.UserLogin_IncorrectUserPass;
|
||
|
8 years ago
|
return Response.AsRedirect(uri.ToString());
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
8 years ago
|
var landingSettings = await LandingPageSettings.GetSettingsAsync();
|
||
|
8 years ago
|
|
||
|
|
if (landingSettings.Enabled)
|
||
|
|
{
|
||
|
|
if (!landingSettings.BeforeLogin)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
var uri = Linker.BuildRelativeUri(Context, "LandingPageIndex");
|
||
|
8 years ago
|
if (loginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
return CustomModuleExtensions.LoginAndRedirect(this, loginGuid, null, uri.ToString());
|
||
|
|
}
|
||
|
8 years ago
|
return Response.AsRedirect(uri.ToString());
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
8 years ago
|
|
||
|
|
|
||
|
8 years ago
|
var retVal = Linker.BuildRelativeUri(Context, "SearchIndex");
|
||
|
8 years ago
|
if (loginGuid != Guid.Empty)
|
||
|
|
{
|
||
|
|
return CustomModuleExtensions.LoginAndRedirect(this, loginGuid, null, retVal.ToString());
|
||
|
|
}
|
||
|
8 years ago
|
return Response.AsRedirect(retVal.ToString());
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
8 years ago
|
private class LoginModel
|
||
|
|
{
|
||
|
|
public Guid LoginGuid { get; set; }
|
||
|
|
public string UserId { get; set; }
|
||
|
|
}
|
||
|
8 years ago
|
|
||
|
8 years ago
|
private async Task<LoginModel> AuthenticationSetup(string userId, string username, int dateTimeOffset, Guid loginGuid, bool isOwner, bool plex, bool emby)
|
||
|
8 years ago
|
{
|
||
|
|
var m = new LoginModel();
|
||
|
|
var settings = await AuthService.GetSettingsAsync();
|
||
|
|
|
||
|
|
var localUsers = await CustomUserMapper.GetUsersAsync();
|
||
|
|
var plexLocalUsers = await PlexUserRepository.GetAllAsync();
|
||
|
8 years ago
|
var embyLocalUsers = await EmbyUserRepository.GetAllAsync();
|
||
|
|
|
||
|
|
var localUser = false;
|
||
|
|
|
||
|
8 years ago
|
|
||
|
|
Log.Debug("We are authenticated! Setting session.");
|
||
|
|
// Add to the session (Used in the BaseModules)
|
||
|
8 years ago
|
Session[SessionKeys.UsernameKey] = username;
|
||
|
8 years ago
|
Session[SessionKeys.ClientDateTimeOffsetKey] = dateTimeOffset;
|
||
|
|
|
||
|
8 years ago
|
if (plex)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
var plexLocal = plexLocalUsers.FirstOrDefault(x => x.Username == username);
|
||
|
|
if (plexLocal != null)
|
||
|
|
{
|
||
|
|
loginGuid = Guid.Parse(plexLocal.LoginId);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
if (emby)
|
||
|
|
{
|
||
|
|
var embyLocal = embyLocalUsers.FirstOrDefault(x => x.Username == username);
|
||
|
|
if (embyLocal != null)
|
||
|
|
{
|
||
|
|
loginGuid = Guid.Parse(embyLocal.LoginId);
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
|
var dbUser = localUsers.FirstOrDefault(x => x.UserName == username);
|
||
|
|
if (dbUser != null)
|
||
|
|
{
|
||
|
|
loginGuid = Guid.Parse(dbUser.UserGuid);
|
||
|
8 years ago
|
localUser = true;
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
|
if (loginGuid == Guid.Empty && settings.UserAuthentication)
|
||
|
|
{
|
||
|
|
var defaultSettings = UserManagementSettings.GetSettings();
|
||
|
|
loginGuid = Guid.NewGuid();
|
||
|
|
|
||
|
|
var defaultPermissions = (Permissions)UserManagementHelper.GetPermissions(defaultSettings);
|
||
|
|
if (isOwner)
|
||
|
|
{
|
||
|
|
// If we are the owner, add the admin permission.
|
||
|
|
if (!defaultPermissions.HasFlag(Permissions.Administrator))
|
||
|
|
{
|
||
|
|
defaultPermissions += (int)Permissions.Administrator;
|
||
|
|
}
|
||
|
|
}
|
||
|
8 years ago
|
if (plex)
|
||
|
|
{
|
||
|
|
// Looks like we still don't have an entry, so this user does not exist
|
||
|
|
await PlexUserRepository.InsertAsync(new PlexUsers
|
||
|
|
{
|
||
|
|
PlexUserId = userId,
|
||
|
|
UserAlias = string.Empty,
|
||
|
|
Permissions = (int) defaultPermissions,
|
||
|
|
Features = UserManagementHelper.GetPermissions(defaultSettings),
|
||
|
|
Username = username,
|
||
|
|
EmailAddress = string.Empty,
|
||
|
|
// We don't have it, we will get it on the next scheduled job run (in 30 mins)
|
||
|
|
LoginId = loginGuid.ToString()
|
||
|
|
});
|
||
|
|
}
|
||
|
|
if (emby)
|
||
|
8 years ago
|
{
|
||
|
8 years ago
|
await EmbyUserRepository.InsertAsync(new EmbyUsers
|
||
|
|
{
|
||
|
|
EmbyUserId = userId,
|
||
|
|
UserAlias = string.Empty,
|
||
|
|
Permissions = (int)defaultPermissions,
|
||
|
|
Features = UserManagementHelper.GetPermissions(defaultSettings),
|
||
|
|
Username = username,
|
||
|
|
EmailAddress = string.Empty,
|
||
|
|
LoginId = loginGuid.ToString()
|
||
|
|
});
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
m.LoginGuid = loginGuid;
|
||
|
|
m.UserId = userId;
|
||
|
8 years ago
|
var type = UserType.LocalUser;
|
||
|
|
if (localUser)
|
||
|
|
{
|
||
|
|
type = UserType.LocalUser;
|
||
|
|
}
|
||
|
|
else if (plex)
|
||
|
|
{
|
||
|
|
type = UserType.PlexUser;
|
||
|
|
}
|
||
|
|
else if (emby)
|
||
|
|
{
|
||
|
|
type = UserType.EmbyUser;;
|
||
|
|
}
|
||
|
8 years ago
|
if (string.IsNullOrEmpty(userId))
|
||
|
|
{
|
||
|
|
// It's possible we have no auth enabled meaning the userId is empty
|
||
|
|
// Let's find that user!
|
||
|
|
|
||
|
|
var user = UserHelper.GetUser(username);
|
||
|
8 years ago
|
userId = user?.UserId ?? string.Empty;
|
||
|
8 years ago
|
}
|
||
|
8 years ago
|
UserLogins.Insert(new UserLogins { UserId = userId, Type = type, LastLoggedIn = DateTime.UtcNow });
|
||
|
|
|
||
|
8 years ago
|
return m;
|
||
|
|
}
|
||
|
8 years ago
|
|
||
|
|
private Response Logout()
|
||
|
|
{
|
||
|
|
if (Session[SessionKeys.UsernameKey] != null)
|
||
|
|
{
|
||
|
|
Session.Delete(SessionKeys.UsernameKey);
|
||
|
|
}
|
||
|
|
return Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl)
|
||
|
|
? $"~/{BaseUrl}/userlogin"
|
||
|
|
: "~/userlogin");
|
||
|
|
}
|
||
|
|
|
||
|
|
private bool CheckIfUserIsOwner(string authToken, string userName)
|
||
|
|
{
|
||
|
8 years ago
|
var userAccount = PlexApi.GetAccount(authToken);
|
||
|
8 years ago
|
if (userAccount == null)
|
||
|
|
{
|
||
|
|
return false;
|
||
|
|
}
|
||
|
|
return userAccount.Username != null && userAccount.Username.Equals(userName, StringComparison.CurrentCultureIgnoreCase);
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
private string GetOwnerId(string authToken, string userName)
|
||
|
|
{
|
||
|
8 years ago
|
var userAccount = PlexApi.GetAccount(authToken);
|
||
|
8 years ago
|
if (userAccount == null)
|
||
|
|
{
|
||
|
|
return string.Empty;
|
||
|
|
}
|
||
|
|
return userAccount.Id;
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
private bool CheckIfUserIsInPlexFriends(string username, string authToken)
|
||
|
|
{
|
||
|
8 years ago
|
var users = PlexApi.GetUsers(authToken);
|
||
|
8 years ago
|
var allUsers = users?.User?.Where(x => !string.IsNullOrEmpty(x.Title));
|
||
|
|
return allUsers != null && allUsers.Any(x => x.Title.Equals(username, StringComparison.CurrentCultureIgnoreCase));
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
private bool CheckIfEmbyUser(string username, EmbySettings s)
|
||
|
|
{
|
||
|
8 years ago
|
try
|
||
|
|
{
|
||
|
|
var users = EmbyApi.GetUsers(s.FullUri, s.ApiKey);
|
||
|
|
var allUsers = users?.Where(x => !string.IsNullOrEmpty(x.Name));
|
||
|
|
return allUsers != null && allUsers.Any(x => x.Name.Equals(username, StringComparison.CurrentCultureIgnoreCase));
|
||
|
|
}
|
||
|
|
catch (Exception e)
|
||
|
|
{
|
||
|
|
Log.Error(e);
|
||
|
|
return false;
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
private EmbyUser GetEmbyUser(string username, EmbySettings s)
|
||
|
|
{
|
||
|
8 years ago
|
try
|
||
|
|
{
|
||
|
|
|
||
|
|
var users = EmbyApi.GetUsers(s.FullUri, s.ApiKey);
|
||
|
|
var allUsers = users?.Where(x => !string.IsNullOrEmpty(x.Name));
|
||
|
|
return allUsers?.FirstOrDefault(x => x.Name.Equals(username, StringComparison.CurrentCultureIgnoreCase));
|
||
|
|
}
|
||
|
|
catch (Exception e)
|
||
|
|
{
|
||
|
|
Log.Error(e);
|
||
|
|
return null;
|
||
|
|
}
|
||
|
8 years ago
|
}
|
||
|
|
|
||
|
8 years ago
|
|
||
|
|
private string GetUserIdIsInPlexFriends(string username, string authToken)
|
||
|
|
{
|
||
|
8 years ago
|
var users = PlexApi.GetUsers(authToken);
|
||
|
8 years ago
|
var allUsers = users?.User?.Where(x => !string.IsNullOrEmpty(x.Title));
|
||
|
|
return allUsers?.Where(x => x.Title.Equals(username, StringComparison.CurrentCultureIgnoreCase)).Select(x => x.Id).FirstOrDefault();
|
||
|
|
}
|
||
|
|
|
||
|
8 years ago
|
private bool IsUserInDeniedList(string username, AuthenticationSettings settings)
|
||
|
|
{
|
||
|
8 years ago
|
return settings.DeniedUserList.Any(x => x.Equals(username, StringComparison.CurrentCultureIgnoreCase));
|
||
|
8 years ago
|
}
|
||
|
|
}
|
||
|
9 years ago
|
}
|