aboutsummaryrefslogtreecommitdiff
path: root/MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs
diff options
context:
space:
mode:
authorLuke Pulverenti <luke.pulverenti@gmail.com>2014-07-02 00:57:18 -0400
committerLuke Pulverenti <luke.pulverenti@gmail.com>2014-07-02 00:57:18 -0400
commit389390b82ecfbb48e0486f8f132046ddf8624e00 (patch)
treec03ffa22f3a2fe668bb9be7078ad83fea3177796 /MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs
parent3bef6ead9cec4c33d43b6348ae4fc33c9b70316a (diff)
fixes #789 - Security Issue: API allows access to any folder of the PC running MediaBrowser
Diffstat (limited to 'MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs')
-rw-r--r--MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs35
1 files changed, 35 insertions, 0 deletions
diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs
new file mode 100644
index 000000000..7c3173101
--- /dev/null
+++ b/MediaBrowser.Server.Implementations/HttpServer/Security/SessionAuthProvider.cs
@@ -0,0 +1,35 @@
+using MediaBrowser.Controller.Net;
+using ServiceStack;
+using ServiceStack.Auth;
+
+namespace MediaBrowser.Server.Implementations.HttpServer.Security
+{
+ public class SessionAuthProvider : CredentialsAuthProvider
+ {
+ private readonly ISessionContext _sessionContext;
+
+ public SessionAuthProvider(ISessionContext sessionContext)
+ {
+ _sessionContext = sessionContext;
+ }
+
+ public override bool TryAuthenticate(IServiceBase authService, string userName, string password)
+ {
+ return true;
+ }
+
+ public override bool IsAuthorized(IAuthSession session, IAuthTokens tokens, Authenticate request = null)
+ {
+ return true;
+ }
+
+ protected override void SaveUserAuth(IServiceBase authService, IAuthSession session, IAuthRepository authRepo, IAuthTokens tokens)
+ {
+ }
+
+ public override object Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)
+ {
+ return base.Authenticate(authService, session, request);
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-07 01:19:22 +0000