aboutsummaryrefslogtreecommitdiff
path: root/Emby.Server.Implementations/Library
AgeCommit message (Collapse)Author
2019-06-09Revert "Don't set a default reset provider"Joshua M. Boniface
This reverts commit c230d49d7c37d4fbe77676b835c3afd6c8cb56e7. This reenables an edge case where an admin might want to reset, with the default auth provider, the password of an externally-provided user so they could "unlock" the account while it was failing. There might be minor security implications to this, but the malicious actor would need FS access to do it (as they would with any password resets) so it's probably best to keep it as-is. Removing this in the first place was due to a misunderstanding anyways so no harm.
2019-06-09Remove superfluous conditionalJoshua M. Boniface
This wasn't needed to prevent updating the policy on-disk from my tests and can be removed as suggested by @Bond-009
2019-06-09Don't set a default reset providerJoshua M. Boniface
2019-06-09Use SecurityException for auth failureJoshua M. Boniface
2019-06-09Apply suggestions from code reviewJoshua M. Boniface
Co-Authored-By: Claus Vium <cvium@users.noreply.github.com> Co-Authored-By: Bond-009 <bond.009@outlook.com>
2019-06-09Add nicer log message and commentJoshua M. Boniface
2019-06-08Implement InvalidAuthProviderJoshua M. Boniface
Implements the InvalidAuthProvider, which acts as a fallback if a configured authentication provider, e.g. LDAP, is unavailable due to a load failure or removal. Until the user or the authentication plugin is corrected, this will cause users with the missing provider to be locked out, while throwing errors in the logs about the issue. Fixes #1445 part 2
2019-05-25Format correctly the PIN when updating itDrPandemic
2019-05-11Fix pin bug introduced in 10.3.z.DrPandemic
The issue is that the new easyPassword format prepends the hash function. This PR extract the hash from "$SHA1$_hash_".
2019-04-30Fix incorrect hasPassword flag when easy pin setbugfixin
2019-04-07Override username with AuthenticationProviderJoshua Boniface
Pass back the Username directive returned by an AuthenticationProvider to the calling code, so we may override the user-provided Username value if the authentication provider passes this back. Useful for instance in an LDAP scenario where what the user types may not necessarily be the "username" that is mapped in the system, e.g. the user providing 'mail' while 'uid' is the "username" value. Could also then be extensible to other authentication providers as well, should they wish to do a similar thing.
2019-03-29Correct bad quote charactersJoshua Boniface
2019-03-29Remove dashes from pinsLogicalPhallacy
2019-03-29adds readonly to propertiesPhallacy
2019-03-28fix byte stringPhallacy
2019-03-28switched to a hexa string with crypto random backingPhallacy
2019-03-27minor fixes and usingsPhallacy
2019-03-27Update Emby.Server.Implementations/Library/DefaultPasswordResetProvider.csBond-009
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-25async improvements and post reset cleanupsPhallacy
2019-03-25Apply minor suggestions from code reviewLogicalPhallacy
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-24removes needless dictionaryPhallacy
2019-03-24Update Emby.Server.Implementations/Library/UserManager.csClaus Vium
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-24fixes some usingsPhallacy
2019-03-24greaterthen/lessthen reversal fixPhallacy
2019-03-22made password resets an interface and per userPhallacy
2019-03-16really fixed line endingsPhallacy
2019-03-16fixed line endingsPhallacy
2019-03-16adding regex fixPhallacy
2019-03-16Update Emby.Server.Implementations/Library/UserManager.csJoshua M. Boniface
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-16updated regex to string literal with escaped -Phallacy
2019-03-16Merge pull request #2 from LogicalPhallacy/masterLogicalPhallacy
update lockoutfix to latest for testing
2019-03-16Merge pull request #1 from jellyfin/masterLogicalPhallacy
merging myself to latest
2019-03-16configurable user lockoutPhallacy
2019-03-15quick fix for auth bugPhallacy
2019-03-13More warning fixesBond-009
2019-03-07Reduce the amount of exceptions thrownBond_009
2019-03-07Update Emby.Server.Implementations/Library/DefaultAuthenticationProvider.csBond-009
Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-07Apply suggestions from code review Bond-009
more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-03-05Minor fixes to address style issuesPhallacy
2019-03-04minor style fixesPhallacy
2019-02-27fixed logic flip in auth empty check and fixed crypto algo choicePhallacy
2019-02-20made newlines into linux newlinesPhallacy
2019-02-20merging with master to clear merge conflictPhallacy
2019-02-20minor changes and return to netstandardPhallacy
2019-02-19Merge pull request #848 from Bond-009/perfJoshua M. Boniface
Minor changes to reduce allocations
2019-02-18added justaman notes, fixed new bug from emty has removalsPhallacy
2019-02-18Apply suggestions from code review LogicalPhallacy
Adding minor stylistic suggestions from Bond-009 Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
2019-02-16Merge branch 'master' into perfBond-009
2019-02-16Merge branch 'master' into fieldsBond-009
2019-02-15Make all class implementing dynamically loaded interfaces publicClaus Vium
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-29 04:54:35 +0000