Home Explore Help
Sign In
mirrors
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin
2
0
Fork 0
Files Issues 0 Wiki
Tree: b5641013ce
Branches Tags
jellyfin
/
MediaBrowser.Server.Implementations
/
Security
/
AuthenticationRepository.cs

AuthenticationRepository.cs 12 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338 
  1. using MediaBrowser.Controller;
    2. 

  2. using MediaBrowser.Controller.Security;
    3. 

  3. using MediaBrowser.Model.Logging;
    4. 

  4. using MediaBrowser.Model.Querying;
    5. 

  5. using MediaBrowser.Server.Implementations.Persistence;
    6. 

  6. using System;
    7. 

  7. using System.Collections.Generic;
    8. 

  8. using System.Data;
    9. 

  9. using System.Globalization;
    10. 

  10. using System.IO;
    11. 

  11. using System.Threading;
    12. 

  12. using System.Threading.Tasks;
    13. 

  13. 

  14. namespace MediaBrowser.Server.Implementations.Security
    15. 

  15. {
    16. 

  16.     public class AuthenticationRepository : IAuthenticationRepository
    17. 

  17.     {
    18. 

  18.         private IDbConnection _connection;
    19. 

  19.         private readonly ILogger _logger;
    20. 

  20.         private readonly SemaphoreSlim _writeLock = new SemaphoreSlim(1, 1);
    21. 

  21.         private readonly IServerApplicationPaths _appPaths;
    22. 

  22.         private readonly CultureInfo _usCulture = new CultureInfo("en-US");
    23. 

  23. 

  24.         private IDbCommand _saveInfoCommand;
    25. 

  25. 

  26.         public AuthenticationRepository(ILogger logger, IServerApplicationPaths appPaths)
    27. 

  27.         {
    28. 

  28.             _logger = logger;
    29. 

  29.             _appPaths = appPaths;
    30. 

  30.         }
    31. 

  31. 

  32.         public async Task Initialize()
    33. 

  33.         {
    34. 

  34.             var dbFile = Path.Combine(_appPaths.DataPath, "authentication.db");
    35. 

  35. 

  36.             _connection = await SqliteExtensions.ConnectToDb(dbFile, _logger).ConfigureAwait(false);
    37. 

  37. 

  38.             string[] queries = {
    39. 

  39. 

  40.                                 "create table if not exists AccessTokens (Id GUID PRIMARY KEY, AccessToken TEXT NOT NULL, DeviceId TEXT, AppName TEXT, DeviceName TEXT, UserId TEXT, IsActive BIT, DateCreated DATETIME NOT NULL, DateRevoked DATETIME)",
    41. 

  41.                                 "create index if not exists idx_AccessTokens on AccessTokens(Id)",
    42. 

  42. 

  43.                                 //pragmas
    44. 

  44.                                 "pragma temp_store = memory",
    45. 

  45. 

  46.                                 "pragma shrink_memory"
    47. 

  47.                                };
    48. 

  48. 

  49.             _connection.RunQueries(queries, _logger);
    50. 

  50. 

  51.             PrepareStatements();
    52. 

  52.         }
    53. 

  53. 

  54.         private void PrepareStatements()
    55. 

  55.         {
    56. 

  56.             _saveInfoCommand = _connection.CreateCommand();
    57. 

  57.             _saveInfoCommand.CommandText = "replace into AccessTokens (Id, AccessToken, DeviceId, AppName, DeviceName, UserId, IsActive, DateCreated, DateRevoked) values (@Id, @AccessToken, @DeviceId, @AppName, @DeviceName, @UserId, @IsActive, @DateCreated, @DateRevoked)";
    58. 

  58. 

  59.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@Id");
    60. 

  60.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@AccessToken");
    61. 

  61.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@DeviceId");
    62. 

  62.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@AppName");
    63. 

  63.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@DeviceName");
    64. 

  64.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@UserId");
    65. 

  65.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@IsActive");
    66. 

  66.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@DateCreated");
    67. 

  67.             _saveInfoCommand.Parameters.Add(_saveInfoCommand, "@DateRevoked");
    68. 

  68.         }
    69. 

  69. 

  70.         public Task Create(AuthenticationInfo info, CancellationToken cancellationToken)
    71. 

  71.         {
    72. 

  72.             info.Id = Guid.NewGuid().ToString("N");
    73. 

  73. 

  74.             return Update(info, cancellationToken);
    75. 

  75.         }
    76. 

  76. 

  77.         public async Task Update(AuthenticationInfo info, CancellationToken cancellationToken)
    78. 

  78.         {
    79. 

  79.             if (info == null)
    80. 

  80.             {
    81. 

  81.                 throw new ArgumentNullException("info");
    82. 

  82.             }
    83. 

  83. 

  84.             cancellationToken.ThrowIfCancellationRequested();
    85. 

  85. 

  86.             await _writeLock.WaitAsync(cancellationToken).ConfigureAwait(false);
    87. 

  87. 

  88.             IDbTransaction transaction = null;
    89. 

  89. 

  90.             try
    91. 

  91.             {
    92. 

  92.                 transaction = _connection.BeginTransaction();
    93. 

  93. 

  94.                 var index = 0;
    95. 

  95. 

  96.                 _saveInfoCommand.GetParameter(index++).Value = new Guid(info.Id);
    97. 

  97.                 _saveInfoCommand.GetParameter(index++).Value = info.AccessToken;
    98. 

  98.                 _saveInfoCommand.GetParameter(index++).Value = info.DeviceId;
    99. 

  99.                 _saveInfoCommand.GetParameter(index++).Value = info.AppName;
    100. 

  100.                 _saveInfoCommand.GetParameter(index++).Value = info.DeviceName;
    101. 

  101.                 _saveInfoCommand.GetParameter(index++).Value = info.UserId;
    102. 

  102.                 _saveInfoCommand.GetParameter(index++).Value = info.IsActive;
    103. 

  103.                 _saveInfoCommand.GetParameter(index++).Value = info.DateCreated;
    104. 

  104.                 _saveInfoCommand.GetParameter(index++).Value = info.DateRevoked;
    105. 

  105. 

  106.                 _saveInfoCommand.Transaction = transaction;
    107. 

  107. 

  108.                 _saveInfoCommand.ExecuteNonQuery();
    109. 

  109. 

  110.                 transaction.Commit();
    111. 

  111.             }
    112. 

  112.             catch (OperationCanceledException)
    113. 

  113.             {
    114. 

  114.                 if (transaction != null)
    115. 

  115.                 {
    116. 

  116.                     transaction.Rollback();
    117. 

  117.                 }
    118. 

  118. 

  119.                 throw;
    120. 

  120.             }
    121. 

  121.             catch (Exception e)
    122. 

  122.             {
    123. 

  123.                 _logger.ErrorException("Failed to save record:", e);
    124. 

  124. 

  125.                 if (transaction != null)
    126. 

  126.                 {
    127. 

  127.                     transaction.Rollback();
    128. 

  128.                 }
    129. 

  129. 

  130.                 throw;
    131. 

  131.             }
    132. 

  132.             finally
    133. 

  133.             {
    134. 

  134.                 if (transaction != null)
    135. 

  135.                 {
    136. 

  136.                     transaction.Dispose();
    137. 

  137.                 }
    138. 

  138. 

  139.                 _writeLock.Release();
    140. 

  140.             }
    141. 

  141.         }
    142. 

  142. 

  143.         private const string BaseSelectText = "select Id, AccessToken, DeviceId, AppName, DeviceName, UserId, IsActive, DateCreated, DateRevoked from AccessTokens";
    144. 

  144. 

  145.         public QueryResult<AuthenticationInfo> Get(AuthenticationInfoQuery query)
    146. 

  146.         {
    147. 

  147.             if (query == null)
    148. 

  148.             {
    149. 

  149.                 throw new ArgumentNullException("query");
    150. 

  150.             }
    151. 

  151. 

  152.             using (var cmd = _connection.CreateCommand())
    153. 

  153.             {
    154. 

  154.                 cmd.CommandText = BaseSelectText;
    155. 

  155. 

  156.                 var whereClauses = new List<string>();
    157. 

  157. 

  158.                 var startIndex = query.StartIndex ?? 0;
    159. 

  159. 

  160.                 if (startIndex > 0)
    161. 

  161.                 {
    162. 

  162.                     whereClauses.Add(string.Format("Id NOT IN (SELECT Id FROM AccessTokens ORDER BY DateCreated LIMIT {0})",
    163. 

  163.                         startIndex.ToString(_usCulture)));
    164. 

  164.                 }
    165. 

  165. 

  166.                 if (!string.IsNullOrWhiteSpace(query.AccessToken))
    167. 

  167.                 {
    168. 

  168.                     whereClauses.Add("AccessToken=@AccessToken");
    169. 

  169.                     cmd.Parameters.Add(cmd, "@AccessToken", DbType.String).Value = query.AccessToken;
    170. 

  170.                 }
    171. 

  171. 

  172.                 if (!string.IsNullOrWhiteSpace(query.UserId))
    173. 

  173.                 {
    174. 

  174.                     whereClauses.Add("UserId=@UserId");
    175. 

  175.                     cmd.Parameters.Add(cmd, "@UserId", DbType.String).Value = query.UserId;
    176. 

  176.                 }
    177. 

  177. 

  178.                 if (!string.IsNullOrWhiteSpace(query.DeviceId))
    179. 

  179.                 {
    180. 

  180.                     whereClauses.Add("DeviceId=@DeviceId");
    181. 

  181.                     cmd.Parameters.Add(cmd, "@DeviceId", DbType.String).Value = query.DeviceId;
    182. 

  182.                 }
    183. 

  183. 

  184.                 if (query.IsActive.HasValue)
    185. 

  185.                 {
    186. 

  186.                     whereClauses.Add("IsActive=@IsActive");
    187. 

  187.                     cmd.Parameters.Add(cmd, "@IsActive", DbType.Boolean).Value = query.IsActive.Value;
    188. 

  188.                 }
    189. 

  189. 

  190.                 if (whereClauses.Count > 0)
    191. 

  191.                 {
    192. 

  192.                     cmd.CommandText += " where " + string.Join(" AND ", whereClauses.ToArray());
    193. 

  193.                 }
    194. 

  194. 

  195.                 cmd.CommandText += " ORDER BY DateCreated";
    196. 

  196. 

  197.                 if (query.Limit.HasValue)
    198. 

  198.                 {
    199. 

  199.                     cmd.CommandText += " LIMIT " + query.Limit.Value.ToString(_usCulture);
    200. 

  200.                 }
    201. 

  201. 

  202.                 cmd.CommandText += "; select count (Id) from AccessTokens";
    203. 

  203. 

  204.                 var list = new List<AuthenticationInfo>();
    205. 

  205.                 var count = 0;
    206. 

  206. 

  207.                 using (var reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess))
    208. 

  208.                 {
    209. 

  209.                     while (reader.Read())
    210. 

  210.                     {
    211. 

  211.                         list.Add(Get(reader));
    212. 

  212.                     }
    213. 

  213. 

  214.                     if (reader.NextResult() && reader.Read())
    215. 

  215.                     {
    216. 

  216.                         count = reader.GetInt32(0);
    217. 

  217.                     }
    218. 

  218.                 }
    219. 

  219. 

  220.                 return new QueryResult<AuthenticationInfo>()
    221. 

  221.                 {
    222. 

  222.                     Items = list.ToArray(),
    223. 

  223.                     TotalRecordCount = count
    224. 

  224.                 };
    225. 

  225.             }
    226. 

  226.         }
    227. 

  227. 

  228.         public AuthenticationInfo Get(string id)
    229. 

  229.         {
    230. 

  230.             if (string.IsNullOrEmpty(id))
    231. 

  231.             {
    232. 

  232.                 throw new ArgumentNullException("id");
    233. 

  233.             }
    234. 

  234. 

  235.             var guid = new Guid(id);
    236. 

  236. 

  237.             using (var cmd = _connection.CreateCommand())
    238. 

  238.             {
    239. 

  239.                 cmd.CommandText = BaseSelectText + " where Id=@Id";
    240. 

  240. 

  241.                 cmd.Parameters.Add(cmd, "@Id", DbType.Guid).Value = guid;
    242. 

  242. 

  243.                 using (var reader = cmd.ExecuteReader(CommandBehavior.SequentialAccess | CommandBehavior.SingleResult | CommandBehavior.SingleRow))
    244. 

  244.                 {
    245. 

  245.                     if (reader.Read())
    246. 

  246.                     {
    247. 

  247.                         return Get(reader);
    248. 

  248.                     }
    249. 

  249.                 }
    250. 

  250.             }
    251. 

  251. 

  252.             return null;
    253. 

  253.         }
    254. 

  254. 

  255.         private AuthenticationInfo Get(IDataReader reader)
    256. 

  256.         {
    257. 

  257.             var s = "select Id, AccessToken, DeviceId, AppName, DeviceName, UserId, IsActive, DateCreated, DateRevoked from AccessTokens";
    258. 

  258. 

  259.             var info = new AuthenticationInfo
    260. 

  260.             {
    261. 

  261.                 Id = reader.GetGuid(0).ToString("N"),
    262. 

  262.                 AccessToken = reader.GetString(1)
    263. 

  263.             };
    264. 

  264. 

  265.             if (!reader.IsDBNull(2))
    266. 

  266.             {
    267. 

  267.                 info.DeviceId = reader.GetString(2);
    268. 

  268.             }
    269. 

  269. 

  270.             if (!reader.IsDBNull(3))
    271. 

  271.             {
    272. 

  272.                 info.AppName = reader.GetString(3);
    273. 

  273.             }
    274. 

  274. 

  275.             if (!reader.IsDBNull(4))
    276. 

  276.             {
    277. 

  277.                 info.DeviceName = reader.GetString(4);
    278. 

  278.             }
    279. 

  279.             
    280. 

  280.             if (!reader.IsDBNull(5))
    281. 

  281.             {
    282. 

  282.                 info.UserId = reader.GetString(5);
    283. 

  283.             }
    284. 

  284. 

  285.             info.IsActive = reader.GetBoolean(6);
    286. 

  286.             info.DateCreated = reader.GetDateTime(7).ToUniversalTime();
    287. 

  287. 

  288.             if (!reader.IsDBNull(8))
    289. 

  289.             {
    290. 

  290.                 info.DateRevoked = reader.GetDateTime(8).ToUniversalTime();
    291. 

  291.             }
    292. 

  292.          
    293. 

  293.             return info;
    294. 

  294.         }
    295. 

  295. 

  296.         /// <summary>
    297. 

  297.         /// Performs application-defined tasks associated with freeing, releasing, or resetting unmanaged resources.
    298. 

  298.         /// </summary>
    299. 

  299.         public void Dispose()
    300. 

  300.         {
    301. 

  301.             Dispose(true);
    302. 

  302.             GC.SuppressFinalize(this);
    303. 

  303.         }
    304. 

  304. 

  305.         private readonly object _disposeLock = new object();
    306. 

  306. 

  307.         /// <summary>
    308. 

  308.         /// Releases unmanaged and - optionally - managed resources.
    309. 

  309.         /// </summary>
    310. 

  310.         /// <param name="dispose"><c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only unmanaged resources.</param>
    311. 

  311.         protected virtual void Dispose(bool dispose)
    312. 

  312.         {
    313. 

  313.             if (dispose)
    314. 

  314.             {
    315. 

  315.                 try
    316. 

  316.                 {
    317. 

  317.                     lock (_disposeLock)
    318. 

  318.                     {
    319. 

  319.                         if (_connection != null)
    320. 

  320.                         {
    321. 

  321.                             if (_connection.IsOpen())
    322. 

  322.                             {
    323. 

  323.                                 _connection.Close();
    324. 

  324.                             }
    325. 

  325. 

  326.                             _connection.Dispose();
    327. 

  327.                             _connection = null;
    328. 

  328.                         }
    329. 

  329.                     }
    330. 

  330.                 }
    331. 

  331.                 catch (Exception ex)
    332. 

  332.                 {
    333. 

  333.                     _logger.ErrorException("Error disposing database", ex);
    334. 

  334.                 }
    335. 

  335.             }
    336. 

  336.         }
    337. 

  337.     }
    338. 

  338. }
    339.