Merge branch 'master' into trickplay

author: Nick <20588554+nicknsy@users.noreply.github.com> 2023-10-18 19:27:05 -0700
committer: Nick <20588554+nicknsy@users.noreply.github.com> 2023-10-18 19:27:05 -0700
commit: cd662506a1f63f9b20e7f5caa9b671eb3d71ea5a (patch)
tree: b58f7158e21e7ed21d77b0f0abfce23d796b3fe3 /Jellyfin.Server.Implementations/Users
parent: c7feea27fde8af60984c8fe41444dc245dbde395 (diff)
parent: de08d38a6f2a6e773fa1000574e08322605b56d3 (diff)
2 files changed, 43 insertions, 31 deletions
diff --git a/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs b/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs
index 72f3d6e8e..cb2d09a67 100644
--- a/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs
+++ b/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Diagnostics.CodeAnalysis;
 using System.Threading.Tasks;
 using Jellyfin.Data.Entities;
 using MediaBrowser.Controller.Authentication;
@@ -39,14 +40,18 @@ namespace Jellyfin.Server.Implementations.Users
 
         /// <inheritdoc />
         // This is the version that we need to use for local users. Because reasons.
-        public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser)
+        public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User? resolvedUser)
         {
-            if (resolvedUser is null)
+            [DoesNotReturn]
+            static void ThrowAuthenticationException()
             {
-                throw new AuthenticationException("Specified user does not exist.");
+                throw new AuthenticationException("Invalid username or password");
             }
 
-            bool success = false;
+            if (resolvedUser is null)
+            {
+                ThrowAuthenticationException();
+            }
 
             // As long as jellyfin supports password-less users, we need this little block here to accommodate
             if (!HasPassword(resolvedUser) && string.IsNullOrEmpty(password))
@@ -60,15 +65,13 @@ namespace Jellyfin.Server.Implementations.Users
             // Handle the case when the stored password is null, but the user tried to login with a password
             if (resolvedUser.Password is null)
             {
-                throw new AuthenticationException("Invalid username or password");
+                ThrowAuthenticationException();
             }
 
             PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password);
-            success = _cryptographyProvider.Verify(readyHash, password);
-
-            if (!success)
+            if (!_cryptographyProvider.Verify(readyHash, password))
             {
-                throw new AuthenticationException("Invalid username or password");
+                ThrowAuthenticationException();
             }
 
             // Migrate old hashes to the new default
diff --git a/Jellyfin.Server.Implementations/Users/UserManager.cs b/Jellyfin.Server.Implementations/Users/UserManager.cs
index 1d03baa4c..b2cb589f7 100644
--- a/Jellyfin.Server.Implementations/Users/UserManager.cs
+++ b/Jellyfin.Server.Implementations/Users/UserManager.cs
@@ -15,12 +15,12 @@ using MediaBrowser.Common;
 using MediaBrowser.Common.Extensions;
 using MediaBrowser.Common.Net;
 using MediaBrowser.Controller.Authentication;
+using MediaBrowser.Controller.Configuration;
 using MediaBrowser.Controller.Drawing;
 using MediaBrowser.Controller.Events;
 using MediaBrowser.Controller.Library;
 using MediaBrowser.Controller.Net;
 using MediaBrowser.Model.Configuration;
-using MediaBrowser.Model.Cryptography;
 using MediaBrowser.Model.Dto;
 using MediaBrowser.Model.Users;
 using Microsoft.EntityFrameworkCore;
@@ -31,11 +31,10 @@ namespace Jellyfin.Server.Implementations.Users
     /// <summary>
     /// Manages the creation and retrieval of <see cref="User"/> instances.
     /// </summary>
-    public class UserManager : IUserManager
+    public partial class UserManager : IUserManager
     {
         private readonly IDbContextFactory<JellyfinDbContext> _dbProvider;
         private readonly IEventManager _eventManager;
-        private readonly ICryptoProvider _cryptoProvider;
         private readonly INetworkManager _networkManager;
         private readonly IApplicationHost _appHost;
         private readonly IImageProcessor _imageProcessor;
@@ -45,6 +44,7 @@ namespace Jellyfin.Server.Implementations.Users
         private readonly InvalidAuthProvider _invalidAuthProvider;
         private readonly DefaultAuthenticationProvider _defaultAuthenticationProvider;
         private readonly DefaultPasswordResetProvider _defaultPasswordResetProvider;
+        private readonly IServerConfigurationManager _serverConfigurationManager;
 
         private readonly IDictionary<Guid, User> _users;
 
@@ -53,27 +53,27 @@ namespace Jellyfin.Server.Implementations.Users
         /// </summary>
         /// <param name="dbProvider">The database provider.</param>
         /// <param name="eventManager">The event manager.</param>
-        /// <param name="cryptoProvider">The cryptography provider.</param>
         /// <param name="networkManager">The network manager.</param>
         /// <param name="appHost">The application host.</param>
         /// <param name="imageProcessor">The image processor.</param>
         /// <param name="logger">The logger.</param>
+        /// <param name="serverConfigurationManager">The system config manager.</param>
         public UserManager(
             IDbContextFactory<JellyfinDbContext> dbProvider,
             IEventManager eventManager,
-            ICryptoProvider cryptoProvider,
             INetworkManager networkManager,
             IApplicationHost appHost,
             IImageProcessor imageProcessor,
-            ILogger<UserManager> logger)
+            ILogger<UserManager> logger,
+            IServerConfigurationManager serverConfigurationManager)
         {
             _dbProvider = dbProvider;
             _eventManager = eventManager;
-            _cryptoProvider = cryptoProvider;
             _networkManager = networkManager;
             _appHost = appHost;
             _imageProcessor = imageProcessor;
             _logger = logger;
+            _serverConfigurationManager = serverConfigurationManager;
 
             _passwordResetProviders = appHost.GetExports<IPasswordResetProvider>();
             _authenticationProviders = appHost.GetExports<IAuthenticationProvider>();
@@ -105,6 +105,12 @@ namespace Jellyfin.Server.Implementations.Users
         /// <inheritdoc/>
         public IEnumerable<Guid> UsersIds => _users.Keys;
 
+        // This is some regex that matches only on unicode "word" characters, as well as -, _ and @
+        // In theory this will cut out most if not all 'control' characters which should help minimize any weirdness
+        // Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes (-), underscores (_), apostrophes ('), periods (.) and spaces ( )
+        [GeneratedRegex(@"^[\w\ \-'._@]+$")]
+        private static partial Regex ValidUsernameRegex();
+
         /// <inheritdoc/>
         public User? GetUserById(Guid id)
         {
@@ -287,6 +293,7 @@ namespace Jellyfin.Server.Implementations.Users
         public UserDto GetUserDto(User user, string? remoteEndPoint = null)
         {
             var hasPassword = GetAuthenticationProvider(user).HasPassword(user);
+            var castReceiverApplications = _serverConfigurationManager.Configuration.CastReceiverApplications;
             return new UserDto
             {
                 Name = user.Username,
@@ -314,7 +321,11 @@ namespace Jellyfin.Server.Implementations.Users
                     OrderedViews = user.GetPreferenceValues<Guid>(PreferenceKind.OrderedViews),
                     GroupedFolders = user.GetPreferenceValues<Guid>(PreferenceKind.GroupedFolders),
                     MyMediaExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.MyMediaExcludes),
-                    LatestItemsExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.LatestItemExcludes)
+                    LatestItemsExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.LatestItemExcludes),
+                    CastReceiverId = string.IsNullOrEmpty(user.CastReceiverId)
+                        ? castReceiverApplications.FirstOrDefault()?.Id
+                        : castReceiverApplications.FirstOrDefault(c => string.Equals(c.Id, user.CastReceiverId, StringComparison.Ordinal))?.Id
+                          ?? castReceiverApplications.FirstOrDefault()?.Id
                 },
                 Policy = new UserPolicy
                 {
@@ -378,7 +389,7 @@ namespace Jellyfin.Server.Implementations.Users
             }
 
             var user = Users.FirstOrDefault(i => string.Equals(username, i.Username, StringComparison.OrdinalIgnoreCase));
-            var authResult = await AuthenticateLocalUser(username, password, user, remoteEndPoint)
+            var authResult = await AuthenticateLocalUser(username, password, user)
                 .ConfigureAwait(false);
             var authenticationProvider = authResult.AuthenticationProvider;
             var success = authResult.Success;
@@ -527,7 +538,7 @@ namespace Jellyfin.Server.Implementations.Users
             }
 
             var defaultName = Environment.UserName;
-            if (string.IsNullOrWhiteSpace(defaultName) || !IsValidUsername(defaultName))
+            if (string.IsNullOrWhiteSpace(defaultName) || !ValidUsernameRegex().IsMatch(defaultName))
             {
                 defaultName = "MyJellyfinUser";
             }
@@ -603,6 +614,13 @@ namespace Jellyfin.Server.Implementations.Users
                 user.RememberSubtitleSelections = config.RememberSubtitleSelections;
                 user.SubtitleLanguagePreference = config.SubtitleLanguagePreference;
 
+                // Only set cast receiver id if it is passed in and it exists in the server config.
+                if (!string.IsNullOrEmpty(config.CastReceiverId)
+                    && _serverConfigurationManager.Configuration.CastReceiverApplications.Any(c => string.Equals(c.Id, config.CastReceiverId, StringComparison.Ordinal)))
+                {
+                    user.CastReceiverId = config.CastReceiverId;
+                }
+
                 user.SetPreference(PreferenceKind.OrderedViews, config.OrderedViews);
                 user.SetPreference(PreferenceKind.GroupedFolders, config.GroupedFolders);
                 user.SetPreference(PreferenceKind.MyMediaExcludes, config.MyMediaExcludes);
@@ -710,7 +728,7 @@ namespace Jellyfin.Server.Implementations.Users
 
         internal static void ThrowIfInvalidUsername(string name)
         {
-            if (!string.IsNullOrWhiteSpace(name) && IsValidUsername(name))
+            if (!string.IsNullOrWhiteSpace(name) && ValidUsernameRegex().IsMatch(name))
             {
                 return;
             }
@@ -718,14 +736,6 @@ namespace Jellyfin.Server.Implementations.Users
             throw new ArgumentException("Usernames can contain unicode symbols, numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.)", nameof(name));
         }
 
-        private static bool IsValidUsername(ReadOnlySpan<char> name)
-        {
-            // This is some regex that matches only on unicode "word" characters, as well as -, _ and @
-            // In theory this will cut out most if not all 'control' characters which should help minimize any weirdness
-            // Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes (-), underscores (_), apostrophes ('), periods (.) and spaces ( )
-            return Regex.IsMatch(name, @"^[\w\ \-'._@]+$");
-        }
-
         private IAuthenticationProvider GetAuthenticationProvider(User user)
         {
             return GetAuthenticationProviders(user)[0];
@@ -789,8 +799,7 @@ namespace Jellyfin.Server.Implementations.Users
         private async Task<(IAuthenticationProvider? AuthenticationProvider, string Username, bool Success)> AuthenticateLocalUser(
                 string username,
                 string password,
-                User? user,
-                string remoteEndPoint)
+                User? user)
         {
             bool success = false;
             IAuthenticationProvider? authenticationProvider = null;
@@ -835,7 +844,7 @@ namespace Jellyfin.Server.Implementations.Users
             }
             catch (AuthenticationException ex)
             {
-                _logger.LogError(ex, "Error authenticating with provider {Provider}", provider.Name);
+                _logger.LogDebug(ex, "Error authenticating with provider {Provider}", provider.Name);
 
                 return (username, false);
             }
author	Nick <20588554+nicknsy@users.noreply.github.com>	2023-10-18 19:27:05 -0700
committer	Nick <20588554+nicknsy@users.noreply.github.com>	2023-10-18 19:27:05 -0700
commit	cd662506a1f63f9b20e7f5caa9b671eb3d71ea5a (patch)
tree	b58f7158e21e7ed21d77b0f0abfce23d796b3fe3 /Jellyfin.Server.Implementations/Users
parent	c7feea27fde8af60984c8fe41444dc245dbde395 (diff)
parent	de08d38a6f2a6e773fa1000574e08322605b56d3 (diff)