open-source-mirrors
/
Ombi
mirror of https://github.com/Ombi-app/Ombi
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

If there is a bad password when changing it, we now inform the user

Browse Source
pull/531/head
tidusjar 8 years ago
parent 9aa60dfc23
commit 2e22ad946d
2 changed files with 27 additions and 10 deletions
Show Stats Download Patch File Download Diff File

2
PlexRequests.Core/UserMapper.cs
Unescape View File

@ -151,7 +151,7 @@ namespace PlexRequests.Core
var passwordMatch = PasswordHasher.VerifyPassword(oldPassword, userToChange.Salt, userToChange.Hash); var passwordMatch = PasswordHasher.VerifyPassword(oldPassword, userToChange.Salt, userToChange.Hash);
if (!passwordMatch) if (!passwordMatch)
{ {
throw new SecurityException("Password does not match"); throw new SecurityException("Incorrect password.");
} }
var newSalt = PasswordHasher.GenerateSalt(); var newSalt = PasswordHasher.GenerateSalt();

35
PlexRequests.UI/Modules/LoginModule.cs
Unescape View File

@ -1,4 +1,5 @@
#region Copyright #region Copyright
// /************************************************************************ // /************************************************************************
// Copyright (c) 2016 Jamie Rees // Copyright (c) 2016 Jamie Rees
// File: LoginModule.cs // File: LoginModule.cs
@ -23,10 +24,12 @@
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
// ************************************************************************/ // ************************************************************************/
#endregion #endregion
using System; using System;
using System.Dynamic; using System.Dynamic;
using System.Security;
using Nancy; using Nancy;
using Nancy.Authentication.Forms; using Nancy.Authentication.Forms;
using Nancy.Extensions; using Nancy.Extensions;
@ -43,7 +46,8 @@ namespace PlexRequests.UI.Modules
{ {
public class LoginModule : BaseModule public class LoginModule : BaseModule
{ {
public LoginModule(ISettingsService<PlexRequestSettings> pr, ICustomUserMapper m, IResourceLinker linker) : base(pr) public LoginModule(ISettingsService<PlexRequestSettings> pr, ICustomUserMapper m, IResourceLinker linker)
: base(pr)
{ {
UserMapper = m; UserMapper = m;
Get["/login"] = _ => Get["/login"] = _ =>
@ -81,7 +85,10 @@ namespace PlexRequests.UI.Modules
if (userId == null) if (userId == null)
{ {
return Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl) ? $"~/{BaseUrl}/login?error=true&username=" + username : "~/login?error=true&username=" + username); return
Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl)
? $"~/{BaseUrl}/login?error=true&username=" + username
: "~/login?error=true&username=" + username);
} }
DateTime? expiry = null; DateTime? expiry = null;
if (Request.Form.RememberMe.HasValue) if (Request.Form.RememberMe.HasValue)
@ -113,7 +120,10 @@ namespace PlexRequests.UI.Modules
var exists = UserMapper.DoUsersExist(); var exists = UserMapper.DoUsersExist();
if (exists) if (exists)
{ {
return Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl) ? $"~/{BaseUrl}/register?error=true" : "~/register?error=true"); return
Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl)
? $"~/{BaseUrl}/register?error=true"
: "~/register?error=true");
} }
var userId = UserMapper.CreateAdmin(username, Request.Form.Password); var userId = UserMapper.CreateAdmin(username, Request.Form.Password);
Session[SessionKeys.UsernameKey] = username; Session[SessionKeys.UsernameKey] = username;
@ -123,6 +133,7 @@ namespace PlexRequests.UI.Modules
Get["/changepassword"] = _ => ChangePassword(); Get["/changepassword"] = _ => ChangePassword();
Post["/changepassword"] = _ => ChangePasswordPost(); Post["/changepassword"] = _ => ChangePasswordPost();
} }
private ICustomUserMapper UserMapper { get; } private ICustomUserMapper UserMapper { get; }
private Negotiator ChangePassword() private Negotiator ChangePassword()
@ -148,14 +159,20 @@ namespace PlexRequests.UI.Modules
{ {
return Response.AsJson(new JsonResponseModel { Message = "The passwords do not match", Result = false }); return Response.AsJson(new JsonResponseModel { Message = "The passwords do not match", Result = false });
} }
try
{
var result = UserMapper.UpdatePassword(username, oldPass, newPassword);
if (result)
{
return Response.AsJson(new JsonResponseModel { Message = "Password has been changed!", Result = true });
}
var result = UserMapper.UpdatePassword(username, oldPass, newPassword); return Response.AsJson(new JsonResponseModel { Message = "Could not update the password in the database", Result = false });
if (result) }
catch (SecurityException e)
{ {
return Response.AsJson(new JsonResponseModel { Message = "Password has been changed!", Result = true }); return Response.AsJson(new JsonResponseModel { Message = e.ToString(), Result = false });
} }
return Response.AsJson(new JsonResponseModel { Message = "Could not update the password in the database", Result = false });
} }
} }
} }
Write Preview
Loading…
Cancel
Save