| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 |
- using System;
- using System.Collections.Generic;
- using System.Globalization;
- using System.IO;
- using System.Linq;
- using System.Threading.Tasks;
- using MediaBrowser.Common.Extensions;
- using MediaBrowser.Controller.Authentication;
- using MediaBrowser.Controller.Configuration;
- using MediaBrowser.Controller.Library;
- using MediaBrowser.Model.Serialization;
- using MediaBrowser.Model.Users;
- using Microsoft.Win32.SafeHandles;
- namespace Emby.Server.Implementations.Library
- {
- public class DefaultPasswordResetProvider : IPasswordResetProvider
- {
- public string Name => "Default Password Reset Provider";
- public bool IsEnabled => true;
- private readonly string _passwordResetFileBase;
- private readonly string _passwordResetFileBaseDir;
- private readonly string _passwordResetFileBaseName = "passwordreset";
- private IJsonSerializer _jsonSerializer;
- private IUserManager _userManager;
- public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IJsonSerializer jsonSerializer, IUserManager userManager)
- {
- _passwordResetFileBaseDir = configurationManager.ApplicationPaths.ProgramDataPath;
- _passwordResetFileBase = Path.Combine(_passwordResetFileBaseDir, _passwordResetFileBaseName);
- _jsonSerializer = jsonSerializer;
- _userManager = userManager;
- }
- public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)
- {
- HashSet<string> usersreset = new HashSet<string>();
- foreach (var resetfile in Directory.EnumerateFiles(_passwordResetFileBaseDir, $"{_passwordResetFileBaseName}*"))
- {
- var spr = await _jsonSerializer.DeserializeFromStreamAsync<SerializablePasswordReset>(File.OpenRead(resetfile)).ConfigureAwait(false);
- if (spr.ExpirationDate < DateTime.Now)
- {
- File.Delete(resetfile);
- }
- else if (spr.Pin == pin)
- {
- var resetUser = _userManager.GetUserByName(spr.UserName);
- if (resetUser != null)
- {
- await _userManager.ChangePassword(resetUser, pin).ConfigureAwait(false);
- usersreset.Add(resetUser.Name);
- File.Delete(resetfile);
- }
- }
- }
- if (usersreset.Count < 1)
- {
- throw new ResourceNotFoundException($"No Users found with a password reset request matching pin {pin}");
- }
- else
- {
- return new PinRedeemResult
- {
- Success = true,
- UsersReset = usersreset.ToArray()
- };
- }
- }
- public async Task<ForgotPasswordResult> StartForgotPasswordProcess(MediaBrowser.Controller.Entities.User user, bool isInNetwork)
- {
- string pin = new Random().Next(99999999).ToString("00000000",CultureInfo.InvariantCulture);
- DateTime expireTime = DateTime.Now.AddMinutes(30);
- string filePath = _passwordResetFileBase + user.InternalId + ".json";
- SerializablePasswordReset spr = new SerializablePasswordReset
- {
- ExpirationDate = expireTime,
- Pin = pin,
- PinFile = filePath,
- UserName = user.Name
- };
- try
- {
- FileStream fileStream = File.OpenWrite(filePath);
- _jsonSerializer.SerializeToStream(spr,fileStream);
- await fileStream.FlushAsync().ConfigureAwait(false);
- }
- catch (Exception e)
- {
- throw new Exception($"Error serializing or writing password reset for {user.Name} to location: {filePath}", e);
- }
- return new ForgotPasswordResult
- {
- Action = ForgotPasswordAction.PinCode,
- PinExpirationDate = expireTime,
- PinFile = filePath
- };
- }
- private class SerializablePasswordReset : PasswordPinCreationResult
- {
- public string Pin { get; set; }
- public string UserName { get; set; }
- }
- }
- }
|
