aboutsummaryrefslogtreecommitdiff
path: root/Emby.Server.Implementations/Library/UserManager.cs
AgeCommit message (Collapse)Author
2020-06-05Use typed logger where possiblecrobibero
2020-06-03Merge pull request #2767 from Bond-009/nullable3Vasily
Enable nullabe reference types for MediaBrowser.Model
2020-05-27Merge branch 'master' into nullable3Bond_009
2020-05-26Revert "Fix emby/user/public API leaking sensitive data"Joshua M. Boniface
2020-05-07Merge pull request #2492 from Polpetta/fix-api-private-data-leakBond-009
Fix emby/user/public API leaking sensitive data
2020-05-06Fix variable declaration and follow sonarcloud suggestionsDavide Polonio
2020-05-02Remove extra line in UserManagerDavide Polonio
Co-authored-by: Bond-009 <bond.009@outlook.com>
2020-04-23Merge pull request #2861 from mark-monteiro/fix-auth-response-codesdkanada
Fix Auth Response Codes
2020-04-22Merge branch 'master' into fix-auth-response-codesBond-009
2020-04-20Merge remote-tracking branch 'upstream/master' into register-services-correctlyMark Monteiro
2020-04-13Return correct status codes for authentication and authorization errorsMark Monteiro
- Use AuthenticatonException to return 401 - Use SecurityException to return 403 - Update existing throws to throw the correct exception for the circumstance
2020-04-08Log message for each exception during logindafo90
2020-04-06Fix Authentication request logdafo90
2020-04-05Enable nullabe reference types for MediaBrowser.ModelBond_009
2020-04-04Register and construct IUserManager and IUserRepository correctlyMark Monteiro
2020-04-02Authentication request log with IPDidier Dafond
2020-03-24Remove unused usingsBond_009
2020-03-01Fix emby/user/public API leaking private dataDavide Polonio
This commit fixes the emby/user/public API that was returning more data than necessary. Now only the following information are returned: - the account name - the primary image tag - the field hasPassword - the field hasConfiguredPassword, useful for the first wizard only (see https://github.com/jellyfin/jellyfin/issues/880#issuecomment-465370051) - the primary image aspect ratio A new DTO class, PrivateUserDTO has been created, and the route has been modified in order to return that data object.
2020-02-23Fix some warningsBond_009
* Add analyzers to MediaBrowser.XbmcMetadata * Enable TreatWarningsAsErrors for MediaBrowser.XbmcMetadata * Add analyzers to MediaBrowser.WebDashboard * Enable TreatWarningsAsErrors for MediaBrowser.WebDashboard * Disable SA1600 in favor of CS1591
2020-02-03Merge pull request #2359 from Bond-009/usernamedkanada
Allow changing capitalization of usernames
2020-02-01update some commentsdkanada
Co-Authored-By: Bond-009 <bond.009@outlook.com>
2020-02-01improve scan progress and fix a few bugsdkanada
2020-01-31Allow changing capitalization of usernamesBond_009
2020-01-10Merge branch 'master' into warn12Bond_009
2020-01-04Merge pull request #2206 from Bond-009/userconfigdkanada
Delete user config dir on user deletion
2019-12-29Delete user config dir on user deletionBond_009
2019-12-13Enable TreatWarningsAsErrors for some projectsBond_009
Analyzers are only run in debug build, so setting TreatWarningsAsErrors for release build will catch the compiler warnings until we resolve all analyzer warnings.
2019-12-11More warnings (removed)Bond_009
2019-12-11Merge pull request #2041 from Bond-009/warn11dkanada
Fix more warnings
2019-12-10Apply suggestions from code reviewBond-009
Co-Authored-By: dkanada <dkanada@users.noreply.github.com>
2019-11-27Fix more warningsBond_009
2019-11-25* Add support for multi segment base urlsBond_009
* Make baseurl case-insensitive
2019-11-23Merge pull request #1926 from Bond-009/authdkanada
Add clearer exceptions, warnings and docs
2019-11-21Fix easy passwordBond-009
2019-11-01Rewrite hex encoder/decoderBond_009
2019-10-29Fix more warningsBond_009
2019-10-20Add clearer exceptions, warnings and docsBond_009
2019-09-23Fix multiple mistakes and warningsBond_009
2019-09-17Remove legacy auth code (#1677)Bond-009
* Remove legacy auth code * Adds tests so we don't break PasswordHash (again) * Clean up interfaces * Remove duplicate code * Use auto properties * static using * Don't use 'this' * Fix build
2019-09-13Reset invalid login counter on successfull loginBond-009
2019-08-18Fix UserNotFoundErrorBond_009
2019-08-16Improvements to UserManagerBond_009
2019-07-06Streamline authentication proccessBond_009
2019-06-28Reduce amount of raw sqlBond_009
2019-06-09Revert "Don't set a default reset provider"Joshua M. Boniface
This reverts commit c230d49d7c37d4fbe77676b835c3afd6c8cb56e7. This reenables an edge case where an admin might want to reset, with the default auth provider, the password of an externally-provided user so they could "unlock" the account while it was failing. There might be minor security implications to this, but the malicious actor would need FS access to do it (as they would with any password resets) so it's probably best to keep it as-is. Removing this in the first place was due to a misunderstanding anyways so no harm.
2019-06-09Remove superfluous conditionalJoshua M. Boniface
This wasn't needed to prevent updating the policy on-disk from my tests and can be removed as suggested by @Bond-009
2019-06-09Don't set a default reset providerJoshua M. Boniface
2019-06-09Apply suggestions from code reviewJoshua M. Boniface
Co-Authored-By: Claus Vium <cvium@users.noreply.github.com> Co-Authored-By: Bond-009 <bond.009@outlook.com>
2019-06-09Add nicer log message and commentJoshua M. Boniface
2019-06-08Implement InvalidAuthProviderJoshua M. Boniface
Implements the InvalidAuthProvider, which acts as a fallback if a configured authentication provider, e.g. LDAP, is unavailable due to a load failure or removal. Until the user or the authentication plugin is corrected, this will cause users with the missing provider to be locked out, while throwing errors in the logs about the issue. Fixes #1445 part 2
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-24 05:13:59 +0000