Merge pull request #3316 from aled/check-stored-password-exists

Fix server error when user enters a password, but none is set.
This commit is contained in:
Bond-009 2020-06-19 16:59:35 +02:00 committed by GitHub
commit cae3ed8aeb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -63,25 +63,29 @@ namespace Jellyfin.Server.Implementations.Users
}); });
} }
byte[] passwordBytes = Encoding.UTF8.GetBytes(password); // Handle the case when the stored password is null, but the user tried to login with a password
if (resolvedUser.Password != null)
PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id)
|| _cryptographyProvider.DefaultHashMethod == readyHash.Id)
{ {
byte[] calculatedHash = _cryptographyProvider.ComputeHash( byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
readyHash.Id,
passwordBytes,
readyHash.Salt.ToArray());
if (readyHash.Hash.SequenceEqual(calculatedHash)) PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id)
|| _cryptographyProvider.DefaultHashMethod == readyHash.Id)
{ {
success = true; byte[] calculatedHash = _cryptographyProvider.ComputeHash(
readyHash.Id,
passwordBytes,
readyHash.Salt.ToArray());
if (readyHash.Hash.SequenceEqual(calculatedHash))
{
success = true;
}
}
else
{
throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}");
} }
}
else
{
throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}");
} }
if (!success) if (!success)