Merge pull request #10137 from Bond-009/logspam

Reduce log spam on failed logins
pull/10154/head
Claus Vium 1 year ago committed by GitHub
commit b48a7c0f85
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -1,4 +1,5 @@
using System;
using System.Diagnostics.CodeAnalysis;
using System.Threading.Tasks;
using Jellyfin.Data.Entities;
using MediaBrowser.Controller.Authentication;
@ -39,14 +40,18 @@ namespace Jellyfin.Server.Implementations.Users
/// <inheritdoc />
// This is the version that we need to use for local users. Because reasons.
public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser)
public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User? resolvedUser)
{
if (resolvedUser is null)
[DoesNotReturn]
static void ThrowAuthenticationException()
{
throw new AuthenticationException("Specified user does not exist.");
throw new AuthenticationException("Invalid username or password");
}
bool success = false;
if (resolvedUser is null)
{
ThrowAuthenticationException();
}
// As long as jellyfin supports password-less users, we need this little block here to accommodate
if (!HasPassword(resolvedUser) && string.IsNullOrEmpty(password))
@ -60,15 +65,13 @@ namespace Jellyfin.Server.Implementations.Users
// Handle the case when the stored password is null, but the user tried to login with a password
if (resolvedUser.Password is null)
{
throw new AuthenticationException("Invalid username or password");
ThrowAuthenticationException();
}
PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
success = _cryptographyProvider.Verify(readyHash, password);
if (!success)
if (!_cryptographyProvider.Verify(readyHash, password))
{
throw new AuthenticationException("Invalid username or password");
ThrowAuthenticationException();
}
// Migrate old hashes to the new default

@ -833,7 +833,7 @@ namespace Jellyfin.Server.Implementations.Users
}
catch (AuthenticationException ex)
{
_logger.LogError(ex, "Error authenticating with provider {Provider}", provider.Name);
_logger.LogDebug(ex, "Error authenticating with provider {Provider}", provider.Name);
return (username, false);
}

@ -1,5 +1,3 @@
#nullable disable
#pragma warning disable CS1591
using System.Threading.Tasks;
@ -23,7 +21,7 @@ namespace MediaBrowser.Controller.Authentication
public interface IRequiresResolvedUser
{
Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser);
Task<ProviderAuthenticationResult> Authenticate(string username, string password, User? resolvedUser);
}
public interface IHasNewUserPolicy
@ -33,8 +31,8 @@ namespace MediaBrowser.Controller.Authentication
public class ProviderAuthenticationResult
{
public string Username { get; set; }
public required string Username { get; set; }
public string DisplayName { get; set; }
public string? DisplayName { get; set; }
}
}

Loading…
Cancel
Save