diff --git a/Emby.Server.Implementations/ApplicationHost.cs b/Emby.Server.Implementations/ApplicationHost.cs
index 3a607aa54c..120a5adc48 100644
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -754,7 +754,8 @@ namespace Emby.Server.Implementations
serviceCollection.AddSingleton(typeof(IStreamHelper), typeof(StreamHelper));
- serviceCollection.AddSingleton(typeof(ICryptoProvider), typeof(CryptographyProvider));
+ var cryptoProvider = new CryptographyProvider();
+ serviceCollection.AddSingleton<ICryptoProvider>(cryptoProvider);
SocketFactory = new SocketFactory();
serviceCollection.AddSingleton(SocketFactory);
@@ -793,7 +794,17 @@ namespace Emby.Server.Implementations
_userRepository = GetUserRepository();
- UserManager = new UserManager(LoggerFactory.CreateLogger<UserManager>(), _userRepository, XmlSerializer, NetworkManager, () => ImageProcessor, () => DtoService, this, JsonSerializer, FileSystemManager);
+ UserManager = new UserManager(
+ LoggerFactory.CreateLogger<UserManager>(),
+ _userRepository,
+ XmlSerializer,
+ NetworkManager,
+ () => ImageProcessor,
+ () => DtoService,
+ this,
+ JsonSerializer,
+ FileSystemManager,
+ cryptoProvider);
serviceCollection.AddSingleton(UserManager);
diff --git a/Emby.Server.Implementations/Library/UserManager.cs b/Emby.Server.Implementations/Library/UserManager.cs
index 60d16c8a05..b4e082b065 100644
--- a/Emby.Server.Implementations/Library/UserManager.cs
+++ b/Emby.Server.Implementations/Library/UserManager.cs
@@ -8,7 +8,6 @@ using System.Text;
using System.Text.RegularExpressions;
using System.Threading;
using System.Threading.Tasks;
-using MediaBrowser.Common;
using MediaBrowser.Common.Cryptography;
using MediaBrowser.Common.Events;
using MediaBrowser.Common.Net;
@@ -25,6 +24,7 @@ using MediaBrowser.Controller.Providers;
using MediaBrowser.Controller.Security;
using MediaBrowser.Controller.Session;
using MediaBrowser.Model.Configuration;
+using MediaBrowser.Model.Cryptography;
using MediaBrowser.Model.Dto;
using MediaBrowser.Model.Entities;
using MediaBrowser.Model.Events;
@@ -60,6 +60,7 @@ namespace Emby.Server.Implementations.Library
private readonly Func<IDtoService> _dtoServiceFactory;
private readonly IServerApplicationHost _appHost;
private readonly IFileSystem _fileSystem;
+ private readonly ICryptoProvider _cryptoProvider;
private ConcurrentDictionary<Guid, User> _users;
@@ -80,7 +81,8 @@ namespace Emby.Server.Implementations.Library
Func<IDtoService> dtoServiceFactory,
IServerApplicationHost appHost,
IJsonSerializer jsonSerializer,
- IFileSystem fileSystem)
+ IFileSystem fileSystem,
+ ICryptoProvider cryptoProvider)
{
_logger = logger;
_userRepository = userRepository;
@@ -91,6 +93,7 @@ namespace Emby.Server.Implementations.Library
_appHost = appHost;
_jsonSerializer = jsonSerializer;
_fileSystem = fileSystem;
+ _cryptoProvider = cryptoProvider;
_users = null;
}
@@ -475,24 +478,21 @@ namespace Emby.Server.Implementations.Library
if (!success
&& _networkManager.IsInLocalNetwork(remoteEndPoint)
- && user.Configuration.EnableLocalPassword)
+ && user.Configuration.EnableLocalPassword
+ && !string.IsNullOrEmpty(user.EasyPassword))
{
- success = string.Equals(
- GetLocalPasswordHash(user),
- _defaultAuthenticationProvider.GetHashedString(user, password),
- StringComparison.OrdinalIgnoreCase);
+ // Check easy password
+ var passwordHash = PasswordHash.Parse(user.EasyPassword);
+ var hash = _cryptoProvider.ComputeHash(
+ passwordHash.Id,
+ Encoding.UTF8.GetBytes(password),
+ passwordHash.Salt);
+ success = passwordHash.Hash.SequenceEqual(hash);
}
return (authenticationProvider, username, success);
}
- private string GetLocalPasswordHash(User user)
- {
- return string.IsNullOrEmpty(user.EasyPassword)
- ? null
- : Hex.Encode(PasswordHash.Parse(user.EasyPassword).Hash);
- }
-
private void ResetInvalidLoginAttemptCount(User user)
{
user.Policy.InvalidLoginAttemptCount = 0;