chore: deprecate EasyPassword as it isn't very secure

Jellyfin.Api/Controllers/UserController.cs

@@ -323,36 +323,16 @@ public class UserController : BaseJellyfinApiController
     /// <response code="404">User not found.</response>
     /// <returns>A <see cref="NoContentResult"/> indicating success or a <see cref="ForbidResult"/> or a <see cref="NotFoundResult"/> on failure.</returns>
     [HttpPost("{userId}/EasyPassword")]
+    [Obsolete("Use Quick Connect instead")]
     [Authorize]
     [ProducesResponseType(StatusCodes.Status204NoContent)]
     [ProducesResponseType(StatusCodes.Status403Forbidden)]
     [ProducesResponseType(StatusCodes.Status404NotFound)]
-    public async Task<ActionResult> UpdateUserEasyPassword(
+    public ActionResult UpdateUserEasyPassword(
         [FromRoute, Required] Guid userId,
         [FromBody, Required] UpdateUserEasyPassword request)
     {
-        if (!RequestHelpers.AssertCanUpdateUser(_userManager, User, userId, true))
-        {
-            return StatusCode(StatusCodes.Status403Forbidden, "User is not allowed to update the easy password.");
-        }
-
-        var user = _userManager.GetUserById(userId);
-
-        if (user is null)
-        {
-            return NotFound("User not found");
-        }
-
-        if (request.ResetPassword)
-        {
-            await _userManager.ResetEasyPassword(user).ConfigureAwait(false);
-        }
-        else
-        {
-            await _userManager.ChangeEasyPassword(user, request.NewPw ?? string.Empty, request.NewPassword ?? string.Empty).ConfigureAwait(false);
-        }
-
-        return NoContent();
+        return BadRequest("Deprecated");
     }
 
     /// <summary>

Jellyfin.Data/Entities/User.cs

@@ -91,16 +91,6 @@ namespace Jellyfin.Data.Entities
         [StringLength(65535)]
         public string? Password { get; set; }
 
-        /// <summary>
-        /// Gets or sets the user's easy password, or <c>null</c> if none is set.
-        /// </summary>
-        /// <remarks>
-        /// Max length = 65535.
-        /// </remarks>
-        [MaxLength(65535)]
-        [StringLength(65535)]
-        public string? EasyPassword { get; set; }
-
         /// <summary>
         /// Gets or sets a value indicating whether the user must update their password.
         /// </summary>

Jellyfin.Server.Implementations/Migrations/JellyfinDbModelSnapshot.cs

@@ -15,9 +15,7 @@ namespace Jellyfin.Server.Implementations.Migrations
         protected override void BuildModel(ModelBuilder modelBuilder)
         {
 #pragma warning disable 612, 618
-            modelBuilder
-                .HasDefaultSchema("jellyfin")
-                .HasAnnotation("ProductVersion", "6.0.9");
+            modelBuilder.HasAnnotation("ProductVersion", "7.0.5");
 
             modelBuilder.Entity("Jellyfin.Data.Entities.AccessSchedule", b =>
                 {
@@ -41,7 +39,7 @@ namespace Jellyfin.Server.Implementations.Migrations
 
                     b.HasIndex("UserId");
 
-                    b.ToTable("AccessSchedules", "jellyfin");
+                    b.ToTable("AccessSchedules");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.ActivityLog", b =>
@@ -89,7 +87,7 @@ namespace Jellyfin.Server.Implementations.Migrations
 
                     b.HasIndex("DateCreated");
 
-                    b.ToTable("ActivityLogs", "jellyfin");
+                    b.ToTable("ActivityLogs");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.CustomItemDisplayPreferences", b =>
@@ -121,7 +119,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.HasIndex("UserId", "ItemId", "Client", "Key")
                         .IsUnique();
 
-                    b.ToTable("CustomItemDisplayPreferences", "jellyfin");
+                    b.ToTable("CustomItemDisplayPreferences");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.DisplayPreferences", b =>
@@ -178,7 +176,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.HasIndex("UserId", "ItemId", "Client")
                         .IsUnique();
 
-                    b.ToTable("DisplayPreferences", "jellyfin");
+                    b.ToTable("DisplayPreferences");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.HomeSection", b =>
@@ -200,7 +198,7 @@ namespace Jellyfin.Server.Implementations.Migrations
 
                     b.HasIndex("DisplayPreferencesId");
 
-                    b.ToTable("HomeSection", "jellyfin");
+                    b.ToTable("HomeSection");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.ImageInfo", b =>
@@ -225,7 +223,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.HasIndex("UserId")
                         .IsUnique();
 
-                    b.ToTable("ImageInfos", "jellyfin");
+                    b.ToTable("ImageInfos");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.ItemDisplayPreferences", b =>
@@ -269,7 +267,7 @@ namespace Jellyfin.Server.Implementations.Migrations
 
                     b.HasIndex("UserId");
 
-                    b.ToTable("ItemDisplayPreferences", "jellyfin");
+                    b.ToTable("ItemDisplayPreferences");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.Permission", b =>
@@ -300,7 +298,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                         .IsUnique()
                         .HasFilter("[UserId] IS NOT NULL");
 
-                    b.ToTable("Permissions", "jellyfin");
+                    b.ToTable("Permissions");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.Preference", b =>
@@ -333,7 +331,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                         .IsUnique()
                         .HasFilter("[UserId] IS NOT NULL");
 
-                    b.ToTable("Preferences", "jellyfin");
+                    b.ToTable("Preferences");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.Security.ApiKey", b =>
@@ -362,7 +360,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.HasIndex("AccessToken")
                         .IsUnique();
 
-                    b.ToTable("ApiKeys", "jellyfin");
+                    b.ToTable("ApiKeys");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.Security.Device", b =>
@@ -420,7 +418,7 @@ namespace Jellyfin.Server.Implementations.Migrations
 
                     b.HasIndex("UserId", "DeviceId");
 
-                    b.ToTable("Devices", "jellyfin");
+                    b.ToTable("Devices");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.Security.DeviceOptions", b =>
@@ -441,7 +439,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.HasIndex("DeviceId")
                         .IsUnique();
 
-                    b.ToTable("DeviceOptions", "jellyfin");
+                    b.ToTable("DeviceOptions");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.User", b =>
@@ -465,10 +463,6 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.Property<bool>("DisplayMissingEpisodes")
                         .HasColumnType("INTEGER");
 
-                    b.Property<string>("EasyPassword")
-                        .HasMaxLength(65535)
-                        .HasColumnType("TEXT");
-
                     b.Property<bool>("EnableAutoLogin")
                         .HasColumnType("INTEGER");
 
@@ -554,7 +548,7 @@ namespace Jellyfin.Server.Implementations.Migrations
                     b.HasIndex("Username")
                         .IsUnique();
 
-                    b.ToTable("Users", "jellyfin");
+                    b.ToTable("Users");
                 });
 
             modelBuilder.Entity("Jellyfin.Data.Entities.AccessSchedule", b =>

Jellyfin.Server.Implementations/Users/DefaultPasswordResetProvider.cs

@@ -114,8 +114,6 @@ namespace Jellyfin.Server.Implementations.Users
                 await JsonSerializer.SerializeAsync(fileStream, spr).ConfigureAwait(false);
             }
 
-            user.EasyPassword = pin;
-
             return new ForgotPasswordResult
             {
                 Action = ForgotPasswordAction.PinCode,

Jellyfin.Server.Implementations/Users/UserManager.cs

@@ -268,12 +268,6 @@ namespace Jellyfin.Server.Implementations.Users
             return ChangePassword(user, string.Empty);
         }
 
-        /// <inheritdoc/>
-        public Task ResetEasyPassword(User user)
-        {
-            return ChangeEasyPassword(user, string.Empty, null);
-        }
-
         /// <inheritdoc/>
         public async Task ChangePassword(User user, string newPassword)
         {
@@ -285,25 +279,6 @@ namespace Jellyfin.Server.Implementations.Users
             await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(user)).ConfigureAwait(false);
         }
 
-        /// <inheritdoc/>
-        public async Task ChangeEasyPassword(User user, string newPassword, string? newPasswordSha1)
-        {
-            if (newPassword is not null)
-            {
-                newPasswordSha1 = _cryptoProvider.CreatePasswordHash(newPassword).ToString();
-            }
-
-            if (string.IsNullOrWhiteSpace(newPasswordSha1))
-            {
-                throw new ArgumentNullException(nameof(newPasswordSha1));
-            }
-
-            user.EasyPassword = newPasswordSha1;
-            await UpdateUserAsync(user).ConfigureAwait(false);
-
-            await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(user)).ConfigureAwait(false);
-        }
-
         /// <inheritdoc/>
         public UserDto GetUserDto(User user, string? remoteEndPoint = null)
         {
@@ -315,7 +290,6 @@ namespace Jellyfin.Server.Implementations.Users
                 ServerId = _appHost.SystemId,
                 HasPassword = hasPassword,
                 HasConfiguredPassword = hasPassword,
-                HasConfiguredEasyPassword = !string.IsNullOrEmpty(user.EasyPassword),
                 EnableAutoLogin = user.EnableAutoLogin,
                 LastLoginDate = user.LastLoginDate,
                 LastActivityDate = user.LastActivityDate,
@@ -832,16 +806,6 @@ namespace Jellyfin.Server.Implementations.Users
                 }
             }
 
-            if (!success
-                && _networkManager.IsInLocalNetwork(remoteEndPoint)
-                && user?.EnableLocalPassword == true
-                && !string.IsNullOrEmpty(user.EasyPassword))
-            {
-                // Check easy password
-                var passwordHash = PasswordHash.Parse(user.EasyPassword);
-                success = _cryptoProvider.Verify(passwordHash, password);
-            }
-
             return (authenticationProvider, username, success);
         }
 

Jellyfin.Server/Migrations/Routines/MigrateUserDb.cs

@@ -127,7 +127,6 @@ namespace Jellyfin.Server.Migrations.Routines
                         RememberSubtitleSelections = config.RememberSubtitleSelections,
                         SubtitleLanguagePreference = config.SubtitleLanguagePreference,
                         Password = mockup.Password,
-                        EasyPassword = mockup.EasyPassword,
                         LastLoginDate = mockup.LastLoginDate,
                         LastActivityDate = mockup.LastActivityDate
                     };

MediaBrowser.Controller/Library/IUserManager.cs

@@ -96,13 +96,6 @@ namespace MediaBrowser.Controller.Library
         /// <returns>Task.</returns>
         Task ResetPassword(User user);
 
-        /// <summary>
-        /// Resets the easy password.
-        /// </summary>
-        /// <param name="user">The user.</param>
-        /// <returns>Task.</returns>
-        Task ResetEasyPassword(User user);
-
         /// <summary>
         /// Changes the password.
         /// </summary>
@@ -111,15 +104,6 @@ namespace MediaBrowser.Controller.Library
         /// <returns>Awaitable task.</returns>
         Task ChangePassword(User user, string newPassword);
 
-        /// <summary>
-        /// Changes the easy password.
-        /// </summary>
-        /// <param name="user">The user.</param>
-        /// <param name="newPassword">New password to use.</param>
-        /// <param name="newPasswordSha1">Hash of new password.</param>
-        /// <returns>Task.</returns>
-        Task ChangeEasyPassword(User user, string newPassword, string newPasswordSha1);
-
         /// <summary>
         /// Gets the user dto.
         /// </summary>

MediaBrowser.Model/Dto/UserDto.cs

@@ -66,6 +66,7 @@ namespace MediaBrowser.Model.Dto
         /// Gets or sets a value indicating whether this instance has configured easy password.
         /// </summary>
         /// <value><c>true</c> if this instance has configured easy password; otherwise, <c>false</c>.</value>
+        [Obsolete("Easy Password has been replaced with Quick Connect")]
         public bool HasConfiguredEasyPassword { get; set; }
 
         /// <summary>