Hide the password field if it's not needed #1815

7 years ago · 62ee9d8cdb
parent e3685e5ea8
commit 62ee9d8cdb
6 changed files with 68 additions and 24 deletions
--- a/src/Ombi.Core/Authentication/OmbiUserManager.cs
+++ b/src/Ombi.Core/Authentication/OmbiUserManager.cs
@ -64,20 +64,12 @@ namespace Ombi.Core.Authentication

        public override async Task<bool> CheckPasswordAsync(OmbiUser user, string password)
        {
-            var authSettings = await _authSettings.GetSettingsAsync();
-            if (authSettings.AllowNoPassword)
-            {
-                // Check their roles
-                var roles = await GetRolesAsync(user);
-                if (roles.Contains(OmbiRoles.Admin) || roles.Contains(OmbiRoles.PowerUser))
-                {
-                    // Do nothing, let it continue to check the password
-                }
-                else
+            var requiresPassword = await RequiresPassword(user);
+            if (!requiresPassword)
            {
+                // Let them through!
                return true;
            }
-            }
            if (user.UserType == UserType.LocalUser)
            {
                return await base.CheckPasswordAsync(user, password);
@ -93,6 +85,22 @@ namespace Ombi.Core.Authentication
            return false;
        }

+        public async Task<bool> RequiresPassword(OmbiUser user)
+        {
+            var authSettings = await _authSettings.GetSettingsAsync();
+            if (authSettings.AllowNoPassword)
+            {
+                var roles = await GetRolesAsync(user);
+                if (roles.Contains(OmbiRoles.Admin) || roles.Contains(OmbiRoles.PowerUser))
+                {
+                    // We require a password
+                    return true;
+                }
+                return false;
+            }
+            return true;
+        }
+
        /// <summary>
        /// Sign the user into plex and make sure we can get the authentication token.
        /// <remarks>We do not check if the user is in the owners "friends" since they must have a local user account to get this far</remarks>
--- a/src/Ombi/ClientApp/app/auth/auth.service.ts
+++ b/src/Ombi/ClientApp/app/auth/auth.service.ts
@ -18,6 +18,10 @@ export class AuthService extends ServiceHelpers {
        return this.http.post(`${this.url}/`, JSON.stringify(login), {headers: this.headers});
    }

+    public requiresPassword(login: IUserLogin): Observable<boolean> {
+        return this.http.post<boolean>(`${this.url}/requirePassword`, JSON.stringify(login), {headers: this.headers});
+    }
+
    public loggedIn() {    
        const token: string = this.jwtHelperService.tokenGetter();
        
--- a/src/Ombi/ClientApp/app/login/login.component.html
+++ b/src/Ombi/ClientApp/app/login/login.component.html
@ -12,11 +12,11 @@ include the remember me checkbox
            <div *ngIf="customizationSettings.logo"><img id="profile-img" class="center" [src]="customizationSettings.logo" /></div>
            <p id="profile-name" class="profile-name-card"></p>

-            <form class="form-signin" novalidate [formGroup]="form" (ngSubmit)="onSubmit(form)">
+            <form *ngIf="authenticationSettings" class="form-signin" novalidate [formGroup]="form" (ngSubmit)="onSubmit(form)">
                
               
                <input type="email" id="inputEmail" class="form-control" formControlName="username" [attr.placeholder]="'Login.UsernamePlaceholder' | translate" autofocus>
-                <input type="password" id="inputPassword" class="form-control" formControlName="password" [attr.placeholder]="'Login.PasswordPlaceholder' | translate">
+                <input *ngIf="!authenticationSettings.allowNoPassword" type="password" id="inputPassword" class="form-control" formControlName="password" [attr.placeholder]="'Login.PasswordPlaceholder' | translate">
                <div class="form-group">
                    <div class="checkbox">
                        <input type="checkbox" id="RememberMe" formControlName="rememberMe" >
--- a/src/Ombi/ClientApp/app/login/login.component.ts
+++ b/src/Ombi/ClientApp/app/login/login.component.ts
@ -5,7 +5,7 @@ import { TranslateService } from "@ngx-translate/core";

 import { PlatformLocation } from "@angular/common";
 import { AuthService } from "../auth/auth.service";
-import { ICustomizationSettings } from "../interfaces";
+import { IAuthenticationSettings, ICustomizationSettings } from "../interfaces";
 import { NotificationService } from "../services";
 import { SettingsService } from "../services";
 import { StatusService } from "../services";
@ -21,6 +21,7 @@ export class LoginComponent implements OnInit {

    public form: FormGroup;
    public customizationSettings: ICustomizationSettings;
+    public authenticationSettings: IAuthenticationSettings;
    public background: any;
    public landingFlag: boolean;
    public baseUrl: string;
@ -61,6 +62,7 @@ export class LoginComponent implements OnInit {
    }

    public ngOnInit() {
+        this.settingsService.getAuthentication().subscribe(x => this.authenticationSettings = x);
        this.settingsService.getCustomization().subscribe(x => this.customizationSettings = x);
        this.images.getRandomBackground().subscribe(x => {
            this.background = this.sanitizer.bypassSecurityTrustStyle("linear-gradient(-10deg, transparent 20%, rgba(0,0,0,0.7) 20.0%, rgba(0,0,0,0.7) 80.0%, transparent 80%),url(" + x.url + ")");
@ -80,7 +82,14 @@ export class LoginComponent implements OnInit {
            return;
        }
        const value = form.value;
-        this.authService.login({ password: value.password, username: value.username, rememberMe:value.rememberMe })
+        const user = { password: value.password, username: value.username, rememberMe:value.rememberMe };
+        this.authService.requiresPassword(user).subscribe(x => {
+            if(x && this.authenticationSettings.allowNoPassword) {
+                // Looks like this user requires a password
+                this.authenticationSettings.allowNoPassword = false;
+                return;
+            }
+            this.authService.login(user)
                .subscribe(x => {
                    localStorage.setItem("id_token", x.access_token);

@ -91,5 +100,6 @@ export class LoginComponent implements OnInit {
                    }

                }, err => this.notify.error(this.errorBody));
+        });
    }
 }
--- a/src/Ombi/Controllers/SettingsController.cs
+++ b/src/Ombi/Controllers/SettingsController.cs
@ -317,6 +317,7 @@ namespace Ombi.Controllers
        /// </summary>
        /// <returns></returns>
        [HttpGet("authentication")]
+        [AllowAnonymous]
        public async Task<AuthenticationSettings> AuthenticationsSettings()
        {
            return await Get<AuthenticationSettings>();
--- a/src/Ombi/Controllers/TokenController.cs
+++ b/src/Ombi/Controllers/TokenController.cs
@ -15,6 +15,7 @@ using Ombi.Models;
 using Ombi.Models.Identity;
 using Ombi.Store.Entities;
 using Ombi.Store.Repository;
+using StackExchange.Profiling.Helpers;

 namespace Ombi.Controllers
 {
@ -129,6 +130,26 @@ namespace Ombi.Controllers
            throw new NotImplementedException();
        }

+        [HttpPost("requirePassword")]
+        public async Task<bool> DoesUserRequireAPassword([FromBody] UserAuthModel model)
+        {
+            var user = await _userManager.FindByNameAsync(model.Username);
+
+            if (user == null)
+            {
+                // Could this be an email login?
+                user = await _userManager.FindByEmailAsync(model.Username);
+
+                if (user == null)
+                {
+                    return true;
+                }
+            }
+
+            var requires = await _userManager.RequiresPassword(user);
+            return requires;
+        }
+
        public class TokenRefresh
        {
            public string Token { get; set; }