Format correctly the PIN when updating it

5 years ago · 69ee49bee6
parent 1bf3a26a61
commit 69ee49bee6
3 changed files with 36 additions and 22 deletions
--- a/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
+++ b/Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
@ -165,6 +165,34 @@ namespace Emby.Server.Implementations.Library
            return user.Password;
        }

+        public void ChangeEasyPassword(User user, string newPassword, string newPasswordHash)
+        {
+            ConvertPasswordFormat(user);
+
+            if (newPassword != null)
+            {
+                newPasswordHash = string.Format("$SHA1${0}", GetHashedString(user, newPassword));
+            }
+
+            if (string.IsNullOrWhiteSpace(newPasswordHash))
+            {
+                throw new ArgumentNullException(nameof(newPasswordHash));
+            }
+
+            user.EasyPassword = newPasswordHash;
+        }
+
+        public string GetEasyPasswordHash(User user)
+        {
+            // This should be removed in the future. This was added to let user login after
+            // Jellyfin 10.3.3 failed to save a well formatted PIN.
+            ConvertPasswordFormat(user);
+
+            return string.IsNullOrEmpty(user.EasyPassword)
+                ? null
+                : (new PasswordHash(user.EasyPassword)).Hash;
+        }
+
        public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash)
        {
            passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword);
--- a/Emby.Server.Implementations/Library/UserManager.cs
+++ b/Emby.Server.Implementations/Library/UserManager.cs
@ -471,7 +471,7 @@ namespace Emby.Server.Implementations.Library
            if (password == null)
            {
                // legacy
-                success = string.Equals(_defaultAuthenticationProvider.GetPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
+                success = string.Equals(GetAuthenticationProvider(user).GetPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
            }
            else
            {
@ -497,11 +497,11 @@ namespace Emby.Server.Implementations.Library
                    if (password == null)
                    {
                        // legacy
-                        success = string.Equals(GetLocalPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
+                        success = string.Equals(GetAuthenticationProvider(user).GetEasyPasswordHash(user), hashedPassword.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase);
                    }
                    else
                    {
-                        success = string.Equals(GetLocalPasswordHash(user), _defaultAuthenticationProvider.GetHashedString(user, password), StringComparison.OrdinalIgnoreCase);
+                        success = string.Equals(GetAuthenticationProvider(user).GetEasyPasswordHash(user), _defaultAuthenticationProvider.GetHashedString(user, password), StringComparison.OrdinalIgnoreCase);
                    }
                }
            }
@ -546,13 +546,6 @@ namespace Emby.Server.Implementations.Library
            }
        }

-        private string GetLocalPasswordHash(User user)
-        {
-            return string.IsNullOrEmpty(user.EasyPassword)
-                ? null
-                : (new PasswordHash(user.EasyPassword)).Hash;
-        }
-
        /// <summary>
        /// Loads the users from the repository
        /// </summary>
@ -596,7 +589,7 @@ namespace Emby.Server.Implementations.Library
            }

            bool hasConfiguredPassword = GetAuthenticationProvider(user).HasPassword(user).Result;
-            bool hasConfiguredEasyPassword = !string.IsNullOrEmpty(GetLocalPasswordHash(user));
+            bool hasConfiguredEasyPassword = !string.IsNullOrEmpty(GetAuthenticationProvider(user).GetEasyPasswordHash(user));

            bool hasPassword = user.Configuration.EnableLocalPassword && !string.IsNullOrEmpty(remoteEndPoint) && _networkManager.IsInLocalNetwork(remoteEndPoint) ?
                hasConfiguredEasyPassword :
@ -884,17 +877,7 @@ namespace Emby.Server.Implementations.Library
                throw new ArgumentNullException(nameof(user));
            }

-            if (newPassword != null)
-            {
-                newPasswordHash = _defaultAuthenticationProvider.GetHashedString(user, newPassword);
-            }
-
-            if (string.IsNullOrWhiteSpace(newPasswordHash))
-            {
-                throw new ArgumentNullException(nameof(newPasswordHash));
-            }
-
-            user.EasyPassword = newPasswordHash;
+            GetAuthenticationProvider(user).ChangeEasyPassword(user, newPassword, newPasswordHash);

            UpdateUser(user);

--- a/MediaBrowser.Controller/Authentication/IAuthenticationProvider.cs
+++ b/MediaBrowser.Controller/Authentication/IAuthenticationProvider.cs
@ -11,6 +11,9 @@ namespace MediaBrowser.Controller.Authentication
        Task<ProviderAuthenticationResult> Authenticate(string username, string password);
        Task<bool> HasPassword(User user);
        Task ChangePassword(User user, string newPassword);
+        void ChangeEasyPassword(User user, string newPassword, string newPasswordHash);
+        string GetPasswordHash(User user);
+        string GetEasyPasswordHash(User user);
    }

    public interface IRequiresResolvedUser