diff options
| author | Bond-009 <bond.009@outlook.com> | 2020-06-19 16:59:35 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-19 16:59:35 +0200 |
| commit | cae3ed8aeb31c80ff7ebeec0c81a2091dadcd0ab (patch) | |
| tree | a3fbabe9ed423d5d87f7d6139b0b3c251d6f796d | |
| parent | fbefddbb816319a77bdf96d1c2216609bef13081 (diff) | |
| parent | 991b6fb73901f0fad72a14c69dbf011a9d4fa1c7 (diff) | |
Merge pull request #3316 from aled/check-stored-password-exists
Fix server error when user enters a password, but none is set.
| -rw-r--r-- | Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs b/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs index 162dc6f5e..94b582cde 100644 --- a/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs +++ b/Jellyfin.Server.Implementations/Users/DefaultAuthenticationProvider.cs @@ -63,25 +63,29 @@ namespace Jellyfin.Server.Implementations.Users }); } - byte[] passwordBytes = Encoding.UTF8.GetBytes(password); - - PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password); - if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id) - || _cryptographyProvider.DefaultHashMethod == readyHash.Id) + // Handle the case when the stored password is null, but the user tried to login with a password + if (resolvedUser.Password != null) { - byte[] calculatedHash = _cryptographyProvider.ComputeHash( - readyHash.Id, - passwordBytes, - readyHash.Salt.ToArray()); + byte[] passwordBytes = Encoding.UTF8.GetBytes(password); - if (readyHash.Hash.SequenceEqual(calculatedHash)) + PasswordHash readyHash = PasswordHash.Parse(resolvedUser.Password); + if (_cryptographyProvider.GetSupportedHashMethods().Contains(readyHash.Id) + || _cryptographyProvider.DefaultHashMethod == readyHash.Id) { - success = true; + byte[] calculatedHash = _cryptographyProvider.ComputeHash( + readyHash.Id, + passwordBytes, + readyHash.Salt.ToArray()); + + if (readyHash.Hash.SequenceEqual(calculatedHash)) + { + success = true; + } + } + else + { + throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}"); } - } - else - { - throw new AuthenticationException($"Requested crypto method not available in provider: {readyHash.Id}"); } if (!success) |