diff options
| author | Joshua M. Boniface <joshua@boniface.me> | 2019-04-18 17:58:54 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-04-18 17:58:54 -0400 |
| commit | 06a1e1f1664e6a4d7b552c8d230189e8f4a6f752 (patch) | |
| tree | 7dac80a080350bef7c12ae9971a81a2cad298e76 | |
| parent | cde737504905795da056babb573442fff77cceff (diff) | |
| parent | 31ad366aa93e8bc07f6e120320f3abd27d9dfd49 (diff) | |
Merge pull request #1244 from joshuaboniface/hotfix-authapi
Hotfix authapi
| -rw-r--r-- | Emby.Server.Implementations/HttpServer/HttpListenerHost.cs | 1 | ||||
| -rw-r--r-- | MediaBrowser.Api/UserService.cs | 7 | ||||
| -rw-r--r-- | MediaBrowser.Common/Extensions/ResourceNotFoundException.cs | 24 |
3 files changed, 31 insertions, 1 deletions
diff --git a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs index e8d47cad5..831391cee 100644 --- a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs +++ b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs @@ -203,6 +203,7 @@ namespace Emby.Server.Implementations.HttpServer case DirectoryNotFoundException _: case FileNotFoundException _: case ResourceNotFoundException _: return 404; + case MethodNotAllowedException _: return 405; case RemoteServiceUnavailableException _: return 502; default: return 500; } diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs index a6849f75f..497800d26 100644 --- a/MediaBrowser.Api/UserService.cs +++ b/MediaBrowser.Api/UserService.cs @@ -379,10 +379,15 @@ namespace MediaBrowser.Api throw new ResourceNotFoundException("User not found"); } + if (!string.IsNullOrEmpty(request.Password) && string.IsNullOrEmpty(request.Pw)) + { + throw new MethodNotAllowedException("Hashed-only passwords are not valid for this API."); + } + return Post(new AuthenticateUserByName { Username = user.Name, - Password = request.Password, + Password = null, // This should always be null Pw = request.Pw }); } diff --git a/MediaBrowser.Common/Extensions/ResourceNotFoundException.cs b/MediaBrowser.Common/Extensions/ResourceNotFoundException.cs index f62c65fd7..9f70ae7d8 100644 --- a/MediaBrowser.Common/Extensions/ResourceNotFoundException.cs +++ b/MediaBrowser.Common/Extensions/ResourceNotFoundException.cs @@ -26,6 +26,30 @@ namespace MediaBrowser.Common.Extensions } } + /// <summary> + /// Class MethodNotAllowedException + /// </summary> + public class MethodNotAllowedException : Exception + { + /// <summary> + /// Initializes a new instance of the <see cref="MethodNotAllowedException" /> class. + /// </summary> + public MethodNotAllowedException() + { + + } + + /// <summary> + /// Initializes a new instance of the <see cref="MethodNotAllowedException" /> class. + /// </summary> + /// <param name="message">The message.</param> + public MethodNotAllowedException(string message) + : base(message) + { + + } + } + public class RemoteServiceUnavailableException : Exception { public RemoteServiceUnavailableException() |