diff --git a/Emby.Server.Implementations/Connect/ConnectManager.cs b/Emby.Server.Implementations/Connect/ConnectManager.cs index 23fafed158..7e6755f6aa 100644 --- a/Emby.Server.Implementations/Connect/ConnectManager.cs +++ b/Emby.Server.Implementations/Connect/ConnectManager.cs @@ -1122,7 +1122,7 @@ namespace Emby.Server.Implementations.Connect } } - public async Task Authenticate(string username, string passwordMd5) + public async Task Authenticate(string username, string passwordMd5) { if (string.IsNullOrWhiteSpace(username)) { @@ -1151,6 +1151,7 @@ namespace Emby.Server.Implementations.Connect // No need to examine the response using (var response = (await _httpClient.SendAsync(options, "POST").ConfigureAwait(false)).Content) { + return _json.DeserializeFromStream(response); } } diff --git a/Emby.Server.Implementations/Library/UserManager.cs b/Emby.Server.Implementations/Library/UserManager.cs index 2a5706b3bf..eb0d0cf9b0 100644 --- a/Emby.Server.Implementations/Library/UserManager.cs +++ b/Emby.Server.Implementations/Library/UserManager.cs @@ -236,29 +236,63 @@ namespace Emby.Server.Implementations.Library var user = Users .FirstOrDefault(i => string.Equals(username, i.Name, StringComparison.OrdinalIgnoreCase)); - if (user == null) - { - throw new SecurityException("Invalid username or password entered."); - } + var success = false; - if (user.Policy.IsDisabled) + if (user != null) { - throw new SecurityException(string.Format("The {0} account is currently disabled. Please consult with your administrator.", user.Name)); - } + // Authenticate using local credentials if not a guest + if (!user.ConnectLinkType.HasValue || user.ConnectLinkType.Value != UserLinkType.Guest) + { + success = string.Equals(GetPasswordHash(user), passwordSha1.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase); - var success = false; + if (!success && _networkManager.IsInLocalNetwork(remoteEndPoint) && user.Configuration.EnableLocalPassword) + { + success = string.Equals(GetLocalPasswordHash(user), passwordSha1.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase); + } + } - // Authenticate using local credentials if not a guest - if (!user.ConnectLinkType.HasValue || user.ConnectLinkType.Value != UserLinkType.Guest) + // Maybe user accidently entered connect credentials. let's be flexible + if (!success && user.ConnectLinkType.HasValue && !string.IsNullOrWhiteSpace(passwordMd5) && !string.IsNullOrWhiteSpace(user.ConnectUserName)) + { + try + { + await _connectFactory().Authenticate(user.ConnectUserName, passwordMd5).ConfigureAwait(false); + success = true; + } + catch + { + + } + } + } + + // Try originally entered username + if (!success && (user == null || !string.Equals(user.ConnectUserName, username, StringComparison.OrdinalIgnoreCase))) { - success = string.Equals(GetPasswordHash(user), passwordSha1.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase); + try + { + var connectAuthResult = await _connectFactory().Authenticate(username, passwordMd5).ConfigureAwait(false); - if (!success && _networkManager.IsInLocalNetwork(remoteEndPoint) && user.Configuration.EnableLocalPassword) + user = Users.FirstOrDefault(i => string.Equals(i.ConnectUserId, connectAuthResult.User.Id, StringComparison.OrdinalIgnoreCase)); + + success = user != null; + } + catch { - success = string.Equals(GetLocalPasswordHash(user), passwordSha1.Replace("-", string.Empty), StringComparison.OrdinalIgnoreCase); + } } + if (user == null) + { + throw new SecurityException("Invalid username or password entered."); + } + + if (user.Policy.IsDisabled) + { + throw new SecurityException(string.Format("The {0} account is currently disabled. Please consult with your administrator.", user.Name)); + } + // Update LastActivityDate and LastLoginDate, then save if (success) { diff --git a/MediaBrowser.Controller/Connect/IConnectManager.cs b/MediaBrowser.Controller/Connect/IConnectManager.cs index e004eaccfa..f899c72623 100644 --- a/MediaBrowser.Controller/Connect/IConnectManager.cs +++ b/MediaBrowser.Controller/Connect/IConnectManager.cs @@ -61,7 +61,7 @@ namespace MediaBrowser.Controller.Connect /// The username. /// The password MD5. /// Task. - Task Authenticate(string username, string passwordMd5); + Task Authenticate(string username, string passwordMd5); /// /// Gets the local user.