commit
a96fa7a5c7
@ -1,132 +1,125 @@
|
|||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Globalization;
|
using System.Globalization;
|
||||||
using System.IO;
|
using System.IO;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using MediaBrowser.Common.Extensions;
|
using MediaBrowser.Common.Extensions;
|
||||||
using MediaBrowser.Controller.Authentication;
|
using MediaBrowser.Controller.Authentication;
|
||||||
using MediaBrowser.Controller.Configuration;
|
using MediaBrowser.Controller.Configuration;
|
||||||
using MediaBrowser.Controller.Library;
|
using MediaBrowser.Controller.Library;
|
||||||
using MediaBrowser.Model.Cryptography;
|
using MediaBrowser.Model.Cryptography;
|
||||||
using MediaBrowser.Model.Serialization;
|
using MediaBrowser.Model.Serialization;
|
||||||
using MediaBrowser.Model.Users;
|
using MediaBrowser.Model.Users;
|
||||||
|
|
||||||
namespace Emby.Server.Implementations.Library
|
namespace Emby.Server.Implementations.Library
|
||||||
{
|
{
|
||||||
public class DefaultPasswordResetProvider : IPasswordResetProvider
|
public class DefaultPasswordResetProvider : IPasswordResetProvider
|
||||||
{
|
{
|
||||||
public string Name => "Default Password Reset Provider";
|
public string Name => "Default Password Reset Provider";
|
||||||
|
|
||||||
public bool IsEnabled => true;
|
public bool IsEnabled => true;
|
||||||
|
|
||||||
private readonly string _passwordResetFileBase;
|
private readonly string _passwordResetFileBase;
|
||||||
private readonly string _passwordResetFileBaseDir;
|
private readonly string _passwordResetFileBaseDir;
|
||||||
private readonly string _passwordResetFileBaseName = "passwordreset";
|
private readonly string _passwordResetFileBaseName = "passwordreset";
|
||||||
|
|
||||||
private readonly IJsonSerializer _jsonSerializer;
|
private readonly IJsonSerializer _jsonSerializer;
|
||||||
private readonly IUserManager _userManager;
|
private readonly IUserManager _userManager;
|
||||||
private readonly ICryptoProvider _crypto;
|
private readonly ICryptoProvider _crypto;
|
||||||
|
|
||||||
public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IJsonSerializer jsonSerializer, IUserManager userManager, ICryptoProvider cryptoProvider)
|
public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IJsonSerializer jsonSerializer, IUserManager userManager, ICryptoProvider cryptoProvider)
|
||||||
{
|
{
|
||||||
_passwordResetFileBaseDir = configurationManager.ApplicationPaths.ProgramDataPath;
|
_passwordResetFileBaseDir = configurationManager.ApplicationPaths.ProgramDataPath;
|
||||||
_passwordResetFileBase = Path.Combine(_passwordResetFileBaseDir, _passwordResetFileBaseName);
|
_passwordResetFileBase = Path.Combine(_passwordResetFileBaseDir, _passwordResetFileBaseName);
|
||||||
_jsonSerializer = jsonSerializer;
|
_jsonSerializer = jsonSerializer;
|
||||||
_userManager = userManager;
|
_userManager = userManager;
|
||||||
_crypto = cryptoProvider;
|
_crypto = cryptoProvider;
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)
|
public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)
|
||||||
{
|
{
|
||||||
SerializablePasswordReset spr;
|
SerializablePasswordReset spr;
|
||||||
HashSet<string> usersreset = new HashSet<string>();
|
HashSet<string> usersreset = new HashSet<string>();
|
||||||
foreach (var resetfile in Directory.EnumerateFiles(_passwordResetFileBaseDir, $"{_passwordResetFileBaseName}*"))
|
foreach (var resetfile in Directory.EnumerateFiles(_passwordResetFileBaseDir, $"{_passwordResetFileBaseName}*"))
|
||||||
{
|
{
|
||||||
using (var str = File.OpenRead(resetfile))
|
using (var str = File.OpenRead(resetfile))
|
||||||
{
|
{
|
||||||
spr = await _jsonSerializer.DeserializeFromStreamAsync<SerializablePasswordReset>(str).ConfigureAwait(false);
|
spr = await _jsonSerializer.DeserializeFromStreamAsync<SerializablePasswordReset>(str).ConfigureAwait(false);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (spr.ExpirationDate < DateTime.Now)
|
if (spr.ExpirationDate < DateTime.Now)
|
||||||
{
|
{
|
||||||
File.Delete(resetfile);
|
File.Delete(resetfile);
|
||||||
}
|
}
|
||||||
else if (spr.Pin.Replace("-", "").Equals(pin.Replace("-", ""), StringComparison.InvariantCultureIgnoreCase))
|
else if (spr.Pin.Replace("-", "").Equals(pin.Replace("-", ""), StringComparison.InvariantCultureIgnoreCase))
|
||||||
{
|
{
|
||||||
var resetUser = _userManager.GetUserByName(spr.UserName);
|
var resetUser = _userManager.GetUserByName(spr.UserName);
|
||||||
if (resetUser == null)
|
if (resetUser == null)
|
||||||
{
|
{
|
||||||
throw new Exception($"User with a username of {spr.UserName} not found");
|
throw new Exception($"User with a username of {spr.UserName} not found");
|
||||||
}
|
}
|
||||||
|
|
||||||
await _userManager.ChangePassword(resetUser, pin).ConfigureAwait(false);
|
await _userManager.ChangePassword(resetUser, pin).ConfigureAwait(false);
|
||||||
usersreset.Add(resetUser.Name);
|
usersreset.Add(resetUser.Name);
|
||||||
File.Delete(resetfile);
|
File.Delete(resetfile);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (usersreset.Count < 1)
|
if (usersreset.Count < 1)
|
||||||
{
|
{
|
||||||
throw new ResourceNotFoundException($"No Users found with a password reset request matching pin {pin}");
|
throw new ResourceNotFoundException($"No Users found with a password reset request matching pin {pin}");
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
return new PinRedeemResult
|
return new PinRedeemResult
|
||||||
{
|
{
|
||||||
Success = true,
|
Success = true,
|
||||||
UsersReset = usersreset.ToArray()
|
UsersReset = usersreset.ToArray()
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<ForgotPasswordResult> StartForgotPasswordProcess(MediaBrowser.Controller.Entities.User user, bool isInNetwork)
|
public async Task<ForgotPasswordResult> StartForgotPasswordProcess(MediaBrowser.Controller.Entities.User user, bool isInNetwork)
|
||||||
{
|
{
|
||||||
string pin = string.Empty;
|
string pin = string.Empty;
|
||||||
using (var cryptoRandom = System.Security.Cryptography.RandomNumberGenerator.Create())
|
using (var cryptoRandom = System.Security.Cryptography.RandomNumberGenerator.Create())
|
||||||
{
|
{
|
||||||
byte[] bytes = new byte[4];
|
byte[] bytes = new byte[4];
|
||||||
cryptoRandom.GetBytes(bytes);
|
cryptoRandom.GetBytes(bytes);
|
||||||
pin = BitConverter.ToString(bytes);
|
pin = BitConverter.ToString(bytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
DateTime expireTime = DateTime.Now.AddMinutes(30);
|
DateTime expireTime = DateTime.Now.AddMinutes(30);
|
||||||
string filePath = _passwordResetFileBase + user.InternalId + ".json";
|
string filePath = _passwordResetFileBase + user.InternalId + ".json";
|
||||||
SerializablePasswordReset spr = new SerializablePasswordReset
|
SerializablePasswordReset spr = new SerializablePasswordReset
|
||||||
{
|
{
|
||||||
ExpirationDate = expireTime,
|
ExpirationDate = expireTime,
|
||||||
Pin = pin,
|
Pin = pin,
|
||||||
PinFile = filePath,
|
PinFile = filePath,
|
||||||
UserName = user.Name
|
UserName = user.Name
|
||||||
};
|
};
|
||||||
|
|
||||||
try
|
using (FileStream fileStream = File.OpenWrite(filePath))
|
||||||
{
|
{
|
||||||
using (FileStream fileStream = File.OpenWrite(filePath))
|
_jsonSerializer.SerializeToStream(spr, fileStream);
|
||||||
{
|
await fileStream.FlushAsync().ConfigureAwait(false);
|
||||||
_jsonSerializer.SerializeToStream(spr, fileStream);
|
}
|
||||||
await fileStream.FlushAsync().ConfigureAwait(false);
|
|
||||||
}
|
return new ForgotPasswordResult
|
||||||
}
|
{
|
||||||
catch (Exception e)
|
Action = ForgotPasswordAction.PinCode,
|
||||||
{
|
PinExpirationDate = expireTime,
|
||||||
throw new Exception($"Error serializing or writing password reset for {user.Name} to location: {filePath}", e);
|
PinFile = filePath
|
||||||
}
|
};
|
||||||
|
}
|
||||||
return new ForgotPasswordResult
|
|
||||||
{
|
private class SerializablePasswordReset : PasswordPinCreationResult
|
||||||
Action = ForgotPasswordAction.PinCode,
|
{
|
||||||
PinExpirationDate = expireTime,
|
public string Pin { get; set; }
|
||||||
PinFile = filePath
|
|
||||||
};
|
public string UserName { get; set; }
|
||||||
}
|
}
|
||||||
|
}
|
||||||
private class SerializablePasswordReset : PasswordPinCreationResult
|
}
|
||||||
{
|
|
||||||
public string Pin { get; set; }
|
|
||||||
|
|
||||||
public string UserName { get; set; }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
@ -0,0 +1,28 @@
|
|||||||
|
using System;
|
||||||
|
namespace MediaBrowser.Controller.Authentication
|
||||||
|
{
|
||||||
|
/// <summary>
|
||||||
|
/// The exception that is thrown when an attempt to authenticate fails.
|
||||||
|
/// </summary>
|
||||||
|
public class AuthenticationException : Exception
|
||||||
|
{
|
||||||
|
/// <inheritdoc />
|
||||||
|
public AuthenticationException() : base()
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/// <inheritdoc />
|
||||||
|
public AuthenticationException(string message) : base(message)
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/// <inheritdoc />
|
||||||
|
public AuthenticationException(string message, Exception innerException)
|
||||||
|
: base(message, innerException)
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in new issue