|
|
|
#region Copyright
|
|
|
|
// /************************************************************************
|
|
|
|
// Copyright (c) 2016 Jamie Rees
|
|
|
|
// File: UserLoginModule.cs
|
|
|
|
// Created By: Jamie Rees
|
|
|
|
//
|
|
|
|
// Permission is hereby granted, free of charge, to any person obtaining
|
|
|
|
// a copy of this software and associated documentation files (the
|
|
|
|
// "Software"), to deal in the Software without restriction, including
|
|
|
|
// without limitation the rights to use, copy, modify, merge, publish,
|
|
|
|
// distribute, sublicense, and/or sell copies of the Software, and to
|
|
|
|
// permit persons to whom the Software is furnished to do so, subject to
|
|
|
|
// the following conditions:
|
|
|
|
//
|
|
|
|
// The above copyright notice and this permission notice shall be
|
|
|
|
// included in all copies or substantial portions of the Software.
|
|
|
|
//
|
|
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
|
|
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
|
|
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
|
|
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
|
|
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
|
|
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
|
|
// ************************************************************************/
|
|
|
|
#endregion
|
|
|
|
using System.Linq;
|
|
|
|
|
|
|
|
using Nancy;
|
|
|
|
using Nancy.Extensions;
|
|
|
|
using Nancy.Responses.Negotiation;
|
|
|
|
|
|
|
|
using PlexRequests.Api.Interfaces;
|
|
|
|
using PlexRequests.Api.Models;
|
|
|
|
using PlexRequests.Core;
|
|
|
|
using PlexRequests.Core.SettingModels;
|
|
|
|
using PlexRequests.UI.Models;
|
|
|
|
|
|
|
|
namespace PlexRequests.UI.Modules
|
|
|
|
{
|
|
|
|
// TODO: Add ability to logout
|
|
|
|
public class UserLoginModule : NancyModule
|
|
|
|
{
|
|
|
|
public UserLoginModule(ISettingsService<AuthenticationSettings> auth, IPlexApi api) : base("userlogin")
|
|
|
|
{
|
|
|
|
AuthService = auth;
|
|
|
|
Api = api;
|
|
|
|
Get["/"] = _ => Index();
|
|
|
|
Post["/"] = x => LoginUser();
|
|
|
|
Get["/logout"] = x => Logout();
|
|
|
|
}
|
|
|
|
|
|
|
|
private ISettingsService<AuthenticationSettings> AuthService { get; }
|
|
|
|
private IPlexApi Api { get; }
|
|
|
|
|
|
|
|
public Negotiator Index()
|
|
|
|
{
|
|
|
|
var settings = AuthService.GetSettings();
|
|
|
|
return View["Index", settings];
|
|
|
|
}
|
|
|
|
|
|
|
|
private Response LoginUser()
|
|
|
|
{
|
|
|
|
var authenticated = false;
|
|
|
|
|
|
|
|
var settings = AuthService.GetSettings();
|
|
|
|
var username = Request.Form.username.Value;
|
|
|
|
|
|
|
|
if (IsUserInDeniedList(username, settings))
|
|
|
|
{
|
|
|
|
return Response.AsJson(new JsonResponseModel { Result = false, Message = "Incorrect User or Password" });
|
|
|
|
}
|
|
|
|
|
|
|
|
var password = string.Empty;
|
|
|
|
if (settings.UsePassword)
|
|
|
|
{
|
|
|
|
password = Request.Form.password.Value;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (settings.UserAuthentication && settings.UsePassword) // Authenticate with Plex
|
|
|
|
{
|
|
|
|
var signedIn = (PlexAuthentication)Api.SignIn(username, password);
|
|
|
|
if (signedIn.user?.authentication_token != null)
|
|
|
|
{
|
|
|
|
authenticated = CheckIfUserIsInPlexFriends(username, settings.PlexAuthToken);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if(settings.UserAuthentication) // Check against the users in Plex
|
|
|
|
{
|
|
|
|
authenticated = CheckIfUserIsInPlexFriends(username, settings.PlexAuthToken);
|
|
|
|
}
|
|
|
|
else if(!settings.UserAuthentication) // No auth, let them pass!
|
|
|
|
{
|
|
|
|
authenticated = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (authenticated)
|
|
|
|
{
|
|
|
|
// Add to the session (Used in the BaseModules)
|
|
|
|
Session[SessionKeys.UsernameKey] = (string)username;
|
|
|
|
}
|
|
|
|
|
|
|
|
return Response.AsJson(authenticated
|
|
|
|
? new JsonResponseModel { Result = true }
|
|
|
|
: new JsonResponseModel { Result = false, Message = "Incorrect User or Password"});
|
|
|
|
}
|
|
|
|
|
|
|
|
private Response Logout()
|
|
|
|
{
|
|
|
|
if (Session[SessionKeys.UsernameKey] != null)
|
|
|
|
{
|
|
|
|
Session.Delete(SessionKeys.UsernameKey);
|
|
|
|
}
|
|
|
|
return Context.GetRedirect("~/userlogin");
|
|
|
|
}
|
|
|
|
|
|
|
|
private bool CheckIfUserIsInPlexFriends(string username, string authToken)
|
|
|
|
{
|
|
|
|
var users = Api.GetUsers(authToken);
|
|
|
|
return users.User.Any(x => x.Username == username);
|
|
|
|
}
|
|
|
|
|
|
|
|
private bool IsUserInDeniedList(string username, AuthenticationSettings settings)
|
|
|
|
{
|
|
|
|
return settings.DeniedUserList.Any(x => x.Equals(username));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|