Bond_009
42ffddc269
Fix more warnings
2019-11-27 16:29:56 +01:00
dkanada
51cdc6ea16
Merge pull request #1926 from Bond-009/auth
...
Add clearer exceptions, warnings and docs
2019-11-23 01:14:32 +09:00
Bond-009
413ae86dbc
Fix easy password
2019-11-21 17:32:29 +01:00
Bond_009
a245f5a0d4
Rewrite hex encoder/decoder
2019-11-01 17:52:29 +01:00
Bond_009
d9a03c9bb1
Fix more warnings
2019-10-29 17:55:16 +01:00
Bond_009
fef35d0505
Add clearer exceptions, warnings and docs
2019-10-20 21:12:03 +02:00
Bond_009
c9820d30ed
Fix multiple mistakes and warnings
2019-09-23 20:32:44 +02:00
Bond-009
6f17a0b7af
Remove legacy auth code ( #1677 )
...
* Remove legacy auth code
* Adds tests so we don't break PasswordHash (again)
* Clean up interfaces
* Remove duplicate code
* Use auto properties
* static using
* Don't use 'this'
* Fix build
2019-09-17 12:07:15 -04:00
Bond-009
221b831bb2
Reset invalid login counter on successfull login
2019-09-13 17:18:45 +02:00
Bond_009
24fac4b191
Fix UserNotFoundError
2019-08-18 20:12:25 +02:00
Bond_009
8d3b5c851d
Improvements to UserManager
2019-08-16 21:06:11 +02:00
Bond_009
0f897589ed
Streamline authentication proccess
2019-07-06 14:52:24 +02:00
Bond_009
d961278b3d
Reduce amount of raw sql
2019-06-28 12:14:27 +02:00
Joshua M. Boniface
2946ae1009
Revert "Don't set a default reset provider"
...
This reverts commit c230d49d7c
.
This reenables an edge case where an admin might want to reset, with
the default auth provider, the password of an externally-provided
user so they could "unlock" the account while it was failing. There
might be minor security implications to this, but the malicious
actor would need FS access to do it (as they would with any password
resets) so it's probably best to keep it as-is.
Removing this in the first place was due to a misunderstanding
anyways so no harm.
2019-06-09 15:29:43 -04:00
Joshua M. Boniface
4b8f735cb8
Remove superfluous conditional
...
This wasn't needed to prevent updating the policy on-disk from my
tests and can be removed as suggested by @Bond-009
2019-06-09 13:57:49 -04:00
Joshua M. Boniface
c230d49d7c
Don't set a default reset provider
2019-06-09 13:46:53 -04:00
Joshua M. Boniface
b70083f3b3
Apply suggestions from code review
...
Co-Authored-By: Claus Vium <cvium@users.noreply.github.com>
Co-Authored-By: Bond-009 <bond.009@outlook.com>
2019-06-09 13:41:14 -04:00
Joshua M. Boniface
74ef389879
Add nicer log message and comment
2019-06-09 11:07:35 -04:00
Joshua M. Boniface
d78a55adb4
Implement InvalidAuthProvider
...
Implements the InvalidAuthProvider, which acts as a fallback if a
configured authentication provider, e.g. LDAP, is unavailable due
to a load failure or removal. Until the user or the authentication
plugin is corrected, this will cause users with the missing provider
to be locked out, while throwing errors in the logs about the issue.
Fixes #1445 part 2
2019-06-08 22:54:31 -04:00
DrPandemic
69ee49bee6
Format correctly the PIN when updating it
2019-05-25 13:46:55 -04:00
DrPandemic
c22068d6b1
Fix pin bug introduced in 10.3.z.
...
The issue is that the new easyPassword format prepends the hash
function. This PR extract the hash from "$SHA1$_hash_".
2019-05-11 19:53:34 -04:00
bugfixin
1df73fdeba
Fix incorrect hasPassword flag when easy pin set
2019-04-30 19:16:53 +00:00
Joshua Boniface
1af9c047fb
Override username with AuthenticationProvider
...
Pass back the Username directive returned by an AuthenticationProvider
to the calling code, so we may override the user-provided Username
value if the authentication provider passes this back. Useful for
instance in an LDAP scenario where what the user types may not
necessarily be the "username" that is mapped in the system, e.g.
the user providing 'mail' while 'uid' is the "username" value.
Could also then be extensible to other authentication providers
as well, should they wish to do a similar thing.
2019-04-07 19:51:45 -04:00
LogicalPhallacy
740c95d557
Apply minor suggestions from code review
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-25 21:40:10 -07:00
Phallacy
86772bd7bd
removes needless dictionary
2019-03-24 12:17:32 -07:00
Claus Vium
4e2841f0d7
Update Emby.Server.Implementations/Library/UserManager.cs
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-24 11:41:03 -07:00
Phallacy
09921a00aa
made password resets an interface and per user
2019-03-22 00:01:23 -07:00
Phallacy
80aedcd7e2
really fixed line endings
2019-03-16 21:36:45 -07:00
Phallacy
b04200ca68
adding regex fix
2019-03-16 21:21:14 -07:00
Joshua M. Boniface
e3dbed1c1a
Update Emby.Server.Implementations/Library/UserManager.cs
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-16 10:16:23 -07:00
Phallacy
7f0fa74467
updated regex to string literal with escaped -
2019-03-16 00:38:31 -07:00
Phallacy
1ee016c997
configurable user lockout
2019-03-16 00:18:52 -07:00
Phallacy
bef665be36
Minor fixes to address style issues
2019-03-05 23:45:05 -08:00
Phallacy
2c26517172
minor style fixes
2019-03-04 23:58:25 -08:00
Phallacy
a0d31a49a0
merging with master to clear merge conflict
2019-02-20 00:46:13 -08:00
Phallacy
6bbb968b57
minor changes and return to netstandard
2019-02-20 00:00:26 -08:00
Joshua M. Boniface
89d4ce309d
Merge pull request #848 from Bond-009/perf
...
Minor changes to reduce allocations
2019-02-19 21:24:51 -05:00
Phallacy
48e7274d37
added justaman notes, fixed new bug from emty has removals
2019-02-18 01:26:01 -08:00
Phallacy
77602aff88
Minor fixes re:PR870, added null checks from PR876
2019-02-13 00:33:00 -08:00
Bond_009
64d5ec12e2
Use HashSets for increased perf
2019-02-12 21:06:47 +01:00
Phallacy
05bbf71b6d
sha256 with salt auth and sha1 interop
2019-02-12 02:16:03 -08:00
LogicalPhallacy
8bf88f4cb2
Merge pull request #9 from jellyfin/master
...
Yanking in latest changes
2019-02-11 22:48:50 -08:00
Bond_009
a6a4cd5667
Removed some unused fields
2019-02-09 15:57:42 +01:00
Vasily
0b3e6548db
Merge pull request #797 from Bond-009/warnings
...
Fix all warnings
2019-02-04 14:08:21 +03:00
Joshua M. Boniface
c4f51e16a5
Merge pull request #736 from Bond-009/startasync
...
Start startup tasks async
2019-02-03 22:23:54 -05:00
Bond-009
78e4e2ed92
Fix all warnings
2019-02-02 21:45:29 +01:00
Claus Vium
f7a46c7a56
Remove more Connect related stuff
2019-01-31 18:47:50 +01:00
Phallacy
4519ce26e2
Upgrade crypto provider, retarget better framework
2019-01-31 00:24:53 -08:00
Erwin de Haan
b9a111432a
Unwrapped all /(Write|Read)All(Text|Bytes)/ functions.
2019-01-28 22:10:50 +01:00
Erwin de Haan
d7c6d16250
Unwrapped CreateDirectory and DeleteDirectory
2019-01-28 22:09:56 +01:00