From 479d477e01039e95f4647e5b85f2bcd5ec560e81 Mon Sep 17 00:00:00 2001 From: Niels van Velzen Date: Mon, 19 Dec 2022 21:46:12 +0100 Subject: [PATCH] Deprecate user id based authentication endpoint --- Jellyfin.Api/Controllers/UserController.cs | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/Jellyfin.Api/Controllers/UserController.cs b/Jellyfin.Api/Controllers/UserController.cs index 002327d741..568224a424 100644 --- a/Jellyfin.Api/Controllers/UserController.cs +++ b/Jellyfin.Api/Controllers/UserController.cs @@ -157,7 +157,6 @@ namespace Jellyfin.Api.Controllers /// /// The user id. /// The password as plain text. - /// The password sha1-hash. /// User authenticated. /// Sha1-hashed password only is not allowed. /// User not found. @@ -166,10 +165,10 @@ namespace Jellyfin.Api.Controllers [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status403Forbidden)] [ProducesResponseType(StatusCodes.Status404NotFound)] + [Obsolete("Authenticate with username instead")] public async Task> AuthenticateUser( [FromRoute, Required] Guid userId, - [FromQuery, Required] string pw, - [FromQuery] string? password) + [FromQuery, Required] string pw) { var user = _userManager.GetUserById(userId); @@ -178,11 +177,6 @@ namespace Jellyfin.Api.Controllers return NotFound("User not found"); } - if (!string.IsNullOrEmpty(password) && string.IsNullOrEmpty(pw)) - { - return StatusCode(StatusCodes.Status403Forbidden, "Only sha1 password is not allowed."); - } - AuthenticateUserByName request = new AuthenticateUserByName { Username = user.Username,