Bond_009
efc4805233
Fix login
2019-08-28 14:45:46 +02:00
Bond_009
24fac4b191
Fix UserNotFoundError
2019-08-18 20:12:25 +02:00
Bond_009
8d3b5c851d
Improvements to UserManager
2019-08-16 21:06:11 +02:00
Joshua M. Boniface
a96fa7a5c7
Merge pull request #1397 from Bond-009/passfast
...
Streamline authentication proccess
2019-08-10 21:42:46 -04:00
Bond-009
6032f31aa6
Use CultureInvariant string conversion for Guids
2019-08-09 23:17:54 +02:00
Bond_009
ab7ef9c9cb
Fix style issues
2019-07-06 16:15:38 +02:00
Bond_009
0f897589ed
Streamline authentication proccess
2019-07-06 14:52:24 +02:00
dkanada
9e9952d81f
Merge pull request #1247 from bugfixin/master
...
Adjust detection of 'sample' in filenames to use regex boundaries
2019-07-04 11:38:01 -07:00
Bond_009
d961278b3d
Reduce amount of raw sql
2019-06-28 12:14:27 +02:00
Joshua M. Boniface
687255aa31
Merge pull request #1442 from jellyfin/release-10.3.z
...
Backmerge for Release 10.3.4 and 10.3.5
2019-06-12 23:30:57 -04:00
Joshua M. Boniface
2946ae1009
Revert "Don't set a default reset provider"
...
This reverts commit c230d49d7c
.
This reenables an edge case where an admin might want to reset, with
the default auth provider, the password of an externally-provided
user so they could "unlock" the account while it was failing. There
might be minor security implications to this, but the malicious
actor would need FS access to do it (as they would with any password
resets) so it's probably best to keep it as-is.
Removing this in the first place was due to a misunderstanding
anyways so no harm.
2019-06-09 15:29:43 -04:00
Joshua M. Boniface
4b8f735cb8
Remove superfluous conditional
...
This wasn't needed to prevent updating the policy on-disk from my
tests and can be removed as suggested by @Bond-009
2019-06-09 13:57:49 -04:00
Joshua M. Boniface
c230d49d7c
Don't set a default reset provider
2019-06-09 13:46:53 -04:00
Joshua M. Boniface
20e2cb2d86
Use SecurityException for auth failure
2019-06-09 13:45:51 -04:00
Joshua M. Boniface
b70083f3b3
Apply suggestions from code review
...
Co-Authored-By: Claus Vium <cvium@users.noreply.github.com>
Co-Authored-By: Bond-009 <bond.009@outlook.com>
2019-06-09 13:41:14 -04:00
Joshua M. Boniface
74ef389879
Add nicer log message and comment
2019-06-09 11:07:35 -04:00
Joshua M. Boniface
d78a55adb4
Implement InvalidAuthProvider
...
Implements the InvalidAuthProvider, which acts as a fallback if a
configured authentication provider, e.g. LDAP, is unavailable due
to a load failure or removal. Until the user or the authentication
plugin is corrected, this will cause users with the missing provider
to be locked out, while throwing errors in the logs about the issue.
Fixes #1445 part 2
2019-06-08 22:54:31 -04:00
Bond-009
a6f9ceedd8
Fix more warnings
2019-06-01 11:31:27 +02:00
DrPandemic
69ee49bee6
Format correctly the PIN when updating it
2019-05-25 13:46:55 -04:00
Bond-009
2d011b781e
Merge pull request #1383 from jellyfin/release-10.3.z
...
Backmerge for Release 10.3.3
2019-05-18 12:56:42 +02:00
DrPandemic
c22068d6b1
Fix pin bug introduced in 10.3.z.
...
The issue is that the new easyPassword format prepends the hash
function. This PR extract the hash from "$SHA1$_hash_".
2019-05-11 19:53:34 -04:00
Bond-009
35d7e97258
Ignore casing photo extensions
2019-05-11 11:55:41 +02:00
bugfixin
1df73fdeba
Fix incorrect hasPassword flag when easy pin set
2019-04-30 19:16:53 +00:00
bugfixin
da842d5a73
Fix incorrect escaping in regex pattern
2019-04-19 18:35:28 +00:00
bugfixin
0794a3edf4
Adjust detection of 'sample' in filenames to use regex boundaries
2019-04-19 17:53:51 +00:00
Joshua Boniface
1af9c047fb
Override username with AuthenticationProvider
...
Pass back the Username directive returned by an AuthenticationProvider
to the calling code, so we may override the user-provided Username
value if the authentication provider passes this back. Useful for
instance in an LDAP scenario where what the user types may not
necessarily be the "username" that is mapped in the system, e.g.
the user providing 'mail' while 'uid' is the "username" value.
Could also then be extensible to other authentication providers
as well, should they wish to do a similar thing.
2019-04-07 19:51:45 -04:00
Joshua Boniface
f0fbd0232c
Correct bad quote characters
2019-03-29 19:13:01 -04:00
LogicalPhallacy
13e94a8b1b
Remove dashes from pins
2019-03-29 12:48:07 -07:00
Phallacy
2d396cb589
adds readonly to properties
2019-03-29 07:10:49 -07:00
Phallacy
b56031b9f3
fix byte string
2019-03-28 20:49:11 -07:00
Phallacy
48b50a22a4
switched to a hexa string with crypto random backing
2019-03-28 08:15:53 -07:00
Phallacy
5e8496bc59
minor fixes and usings
2019-03-27 22:46:25 -07:00
Bond-009
b07c146fd9
Update Emby.Server.Implementations/Library/DefaultPasswordResetProvider.cs
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-27 16:17:18 -07:00
Phallacy
6be8624373
async improvements and post reset cleanups
2019-03-25 22:17:23 -07:00
LogicalPhallacy
740c95d557
Apply minor suggestions from code review
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-25 21:40:10 -07:00
Phallacy
86772bd7bd
removes needless dictionary
2019-03-24 12:17:32 -07:00
Claus Vium
4e2841f0d7
Update Emby.Server.Implementations/Library/UserManager.cs
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-24 11:41:03 -07:00
Phallacy
26fe4040bf
fixes some usings
2019-03-24 11:40:00 -07:00
Phallacy
758e35baba
greaterthen/lessthen reversal fix
2019-03-24 00:30:16 -07:00
Phallacy
09921a00aa
made password resets an interface and per user
2019-03-22 00:01:23 -07:00
Phallacy
80aedcd7e2
really fixed line endings
2019-03-16 21:36:45 -07:00
Phallacy
fc28c9237c
fixed line endings
2019-03-16 21:34:26 -07:00
Phallacy
b04200ca68
adding regex fix
2019-03-16 21:21:14 -07:00
Joshua M. Boniface
e3dbed1c1a
Update Emby.Server.Implementations/Library/UserManager.cs
...
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-16 10:16:23 -07:00
Phallacy
7f0fa74467
updated regex to string literal with escaped -
2019-03-16 00:38:31 -07:00
LogicalPhallacy
9df1506794
Merge pull request #2 from LogicalPhallacy/master
...
update lockoutfix to latest for testing
2019-03-16 00:26:12 -07:00
LogicalPhallacy
2d0844b5db
Merge pull request #1 from jellyfin/master
...
merging myself to latest
2019-03-16 00:25:16 -07:00
Phallacy
1ee016c997
configurable user lockout
2019-03-16 00:18:52 -07:00
Phallacy
221389089c
quick fix for auth bug
2019-03-15 21:25:19 -07:00
Bond-009
bf43dc00bb
More warning fixes
2019-03-13 22:32:52 +01:00