|
|
@ -63,25 +63,29 @@ namespace Jellyfin.Server.Implementations.Users
|
|
|
|
});
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
|
|
|
|
// Handle the case when the stored password is null, but the user tried to login with a password
|
|
|
|
|
|
|
|
if (resolvedUser.Password != null)
|
|
|
|
PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
|
|
|
|
|
|
|
|
if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id)
|
|
|
|
|
|
|
|
|| _cryptographyProvider.DefaultHashMethod == readyHash.Id)
|
|
|
|
|
|
|
|
{
|
|
|
|
{
|
|
|
|
byte[] calculatedHash = _cryptographyProvider.ComputeHash(
|
|
|
|
byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
|
|
|
|
readyHash.Id,
|
|
|
|
|
|
|
|
passwordBytes,
|
|
|
|
|
|
|
|
readyHash.Salt.ToArray());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (readyHash.Hash.SequenceEqual(calculatedHash))
|
|
|
|
PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
|
|
|
|
|
|
|
|
if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id)
|
|
|
|
|
|
|
|
|| _cryptographyProvider.DefaultHashMethod == readyHash.Id)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
success = true;
|
|
|
|
byte[] calculatedHash = _cryptographyProvider.ComputeHash(
|
|
|
|
|
|
|
|
readyHash.Id,
|
|
|
|
|
|
|
|
passwordBytes,
|
|
|
|
|
|
|
|
readyHash.Salt.ToArray());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (readyHash.Hash.SequenceEqual(calculatedHash))
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
success = true;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}");
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!success)
|
|
|
|
if (!success)
|
|
|
|