|
|
@ -1,4 +1,5 @@
|
|
|
|
using System;
|
|
|
|
using System;
|
|
|
|
|
|
|
|
using System.Diagnostics.CodeAnalysis;
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
using Jellyfin.Data.Entities;
|
|
|
|
using Jellyfin.Data.Entities;
|
|
|
|
using MediaBrowser.Controller.Authentication;
|
|
|
|
using MediaBrowser.Controller.Authentication;
|
|
|
@ -39,14 +40,18 @@ namespace Jellyfin.Server.Implementations.Users
|
|
|
|
|
|
|
|
|
|
|
|
/// <inheritdoc />
|
|
|
|
/// <inheritdoc />
|
|
|
|
// This is the version that we need to use for local users. Because reasons.
|
|
|
|
// This is the version that we need to use for local users. Because reasons.
|
|
|
|
public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser)
|
|
|
|
public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User? resolvedUser)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
if (resolvedUser is null)
|
|
|
|
[DoesNotReturn]
|
|
|
|
|
|
|
|
static void ThrowAuthenticationException()
|
|
|
|
{
|
|
|
|
{
|
|
|
|
throw new AuthenticationException("Specified user does not exist.");
|
|
|
|
throw new AuthenticationException("Invalid username or password");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
bool success = false;
|
|
|
|
if (resolvedUser is null)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
ThrowAuthenticationException();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// As long as jellyfin supports password-less users, we need this little block here to accommodate
|
|
|
|
// As long as jellyfin supports password-less users, we need this little block here to accommodate
|
|
|
|
if (!HasPassword(resolvedUser) && string.IsNullOrEmpty(password))
|
|
|
|
if (!HasPassword(resolvedUser) && string.IsNullOrEmpty(password))
|
|
|
@ -60,15 +65,13 @@ namespace Jellyfin.Server.Implementations.Users
|
|
|
|
// Handle the case when the stored password is null, but the user tried to login with a password
|
|
|
|
// Handle the case when the stored password is null, but the user tried to login with a password
|
|
|
|
if (resolvedUser.Password is null)
|
|
|
|
if (resolvedUser.Password is null)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
throw new AuthenticationException("Invalid username or password");
|
|
|
|
ThrowAuthenticationException();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
|
|
|
|
PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
|
|
|
|
success = _cryptographyProvider.Verify(readyHash, password);
|
|
|
|
if (!_cryptographyProvider.Verify(readyHash, password))
|
|
|
|
|
|
|
|
|
|
|
|
if (!success)
|
|
|
|
|
|
|
|
{
|
|
|
|
{
|
|
|
|
throw new AuthenticationException("Invalid username or password");
|
|
|
|
ThrowAuthenticationException();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Migrate old hashes to the new default
|
|
|
|
// Migrate old hashes to the new default
|
|
|
|