jellyfin/Jellyfin.Server.Implementat.../Users/DefaultPasswordResetProvide...

#nullable enable

using System;
using System.Collections.Generic;
using System.IO;
using System.Security.Cryptography;
using System.Text.Json;
using System.Threading.Tasks;
using Jellyfin.Data.Entities;
using MediaBrowser.Common;
using MediaBrowser.Common.Extensions;
using MediaBrowser.Controller.Authentication;
using MediaBrowser.Controller.Configuration;
using MediaBrowser.Controller.Library;
using MediaBrowser.Model.Users;

namespace Jellyfin.Server.Implementations.Users
{
    /// <summary>
    /// The default password reset provider.
    /// </summary>
    public class DefaultPasswordResetProvider : IPasswordResetProvider
    {
        private const string BaseResetFileName = "passwordreset";

        private readonly IApplicationHost _appHost;

        private readonly string _passwordResetFileBase;
        private readonly string _passwordResetFileBaseDir;

        /// <summary>
        /// Initializes a new instance of the <see cref="DefaultPasswordResetProvider"/> class.
        /// </summary>
        /// <param name="configurationManager">The configuration manager.</param>
        /// <param name="appHost">The application host.</param>
        public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IApplicationHost appHost)
        {
            _passwordResetFileBaseDir = configurationManager.ApplicationPaths.ProgramDataPath;
            _passwordResetFileBase = Path.Combine(_passwordResetFileBaseDir, BaseResetFileName);
            _appHost = appHost;
            // TODO: Remove the circular dependency on UserManager
        }

        /// <inheritdoc />
        public string Name => "Default Password Reset Provider";

        /// <inheritdoc />
        public bool IsEnabled => true;

        /// <inheritdoc />
        public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)
        {
            var userManager = _appHost.Resolve<IUserManager>();
            var usersReset = new List<string>();
            foreach (var resetFile in Directory.EnumerateFiles(_passwordResetFileBaseDir, $"{BaseResetFileName}*"))
            {
                SerializablePasswordReset spr;
                await using (var str = File.OpenRead(resetFile))
                {
                    spr = await JsonSerializer.DeserializeAsync<SerializablePasswordReset>(str).ConfigureAwait(false);
                }

                if (spr.ExpirationDate < DateTime.UtcNow)
                {
                    File.Delete(resetFile);
                }
                else if (string.Equals(
                    spr.Pin.Replace("-", string.Empty, StringComparison.Ordinal),
                    pin.Replace("-", string.Empty, StringComparison.Ordinal),
                    StringComparison.InvariantCultureIgnoreCase))
                {
                    var resetUser = userManager.GetUserByName(spr.UserName)
                        ?? throw new ResourceNotFoundException($"User with a username of {spr.UserName} not found");

                    await userManager.ChangePassword(resetUser, pin).ConfigureAwait(false);
                    usersReset.Add(resetUser.Username);
                    File.Delete(resetFile);
                }
            }

            if (usersReset.Count < 1)
            {
                throw new ResourceNotFoundException($"No Users found with a password reset request matching pin {pin}");
            }

            return new PinRedeemResult
            {
                Success = true,
                UsersReset = usersReset.ToArray()
            };
        }

        /// <inheritdoc />
        public async Task<ForgotPasswordResult> StartForgotPasswordProcess(User user, bool isInNetwork)
        {
            string pin;
            using (var cryptoRandom = RandomNumberGenerator.Create())
            {
                byte[] bytes = new byte[4];
                cryptoRandom.GetBytes(bytes);
                pin = BitConverter.ToString(bytes);
            }

            DateTime expireTime = DateTime.UtcNow.AddMinutes(30);
            string filePath = _passwordResetFileBase + user.Id + ".json";
            SerializablePasswordReset spr = new SerializablePasswordReset
            {
                ExpirationDate = expireTime,
                Pin = pin,
                PinFile = filePath,
                UserName = user.Username
            };

            await using (FileStream fileStream = File.OpenWrite(filePath))
            {
                fileStream.Write(JsonSerializer.SerializeToUtf8Bytes(spr));
                await fileStream.FlushAsync().ConfigureAwait(false);
            }

            user.EasyPassword = pin;

            return new ForgotPasswordResult
            {
                Action = ForgotPasswordAction.PinCode,
                PinExpirationDate = expireTime,
            };
        }

#nullable disable
        private class SerializablePasswordReset : PasswordPinCreationResult
        {
            public string Pin { get; set; }

            public string UserName { get; set; }
        }
    }
}
Enable nullable annotations 2020-06-09 12:21:21 -04:00			`#nullable enable`

Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`using System;`
			`using System.Collections.Generic;`
			`using System.IO;`
Improvements to UserManager 2019-06-09 16:08:01 -04:00			`using System.Security.Cryptography;`
Use System.Text.Json in DefaultPasswordResetProvider 2020-07-23 21:50:41 -04:00			`using System.Text.Json;`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`using System.Threading.Tasks;`
Migrate User DB to EF Core 2020-05-15 17:24:01 -04:00			`using Jellyfin.Data.Entities;`
Fix circular dependency 2020-06-20 17:58:09 -04:00			`using MediaBrowser.Common;`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`using MediaBrowser.Common.Extensions;`
			`using MediaBrowser.Controller.Authentication;`
			`using MediaBrowser.Controller.Configuration;`
			`using MediaBrowser.Controller.Library;`
			`using MediaBrowser.Model.Users;`

Migrate User DB to EF Core 2020-05-15 17:24:01 -04:00			`namespace Jellyfin.Server.Implementations.Users`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Fix more warnings 2019-11-01 13:38:54 -04:00			`/// <summary>`
			`/// The default password reset provider.`
			`/// </summary>`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`public class DefaultPasswordResetProvider : IPasswordResetProvider`
			`{`
Improvements to UserManager 2019-06-09 16:08:01 -04:00			`private const string BaseResetFileName = "passwordreset";`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00
Fix circular dependency 2020-06-20 17:58:09 -04:00			`private readonly IApplicationHost _appHost;`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00
			`private readonly string _passwordResetFileBase;`
			`private readonly string _passwordResetFileBaseDir;`

Fix more warnings 2019-11-01 13:38:54 -04:00			`/// <summary>`
			`/// Initializes a new instance of the <see cref="DefaultPasswordResetProvider"/> class.`
			`/// </summary>`
			`/// <param name="configurationManager">The configuration manager.</param>`
Fix circular dependency 2020-06-20 17:58:09 -04:00			`/// <param name="appHost">The application host.</param>`
Use System.Text.Json in DefaultPasswordResetProvider 2020-07-23 21:50:41 -04:00			`public DefaultPasswordResetProvider(IServerConfigurationManager configurationManager, IApplicationHost appHost)`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
			`_passwordResetFileBaseDir = configurationManager.ApplicationPaths.ProgramDataPath;`
Improvements to UserManager 2019-06-09 16:08:01 -04:00			`_passwordResetFileBase = Path.Combine(_passwordResetFileBaseDir, BaseResetFileName);`
Fix circular dependency 2020-06-20 17:58:09 -04:00			`_appHost = appHost;`
			`// TODO: Remove the circular dependency on UserManager`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`}`

Improvements to UserManager 2019-06-09 16:08:01 -04:00			`/// <inheritdoc />`
			`public string Name => "Default Password Reset Provider";`

			`/// <inheritdoc />`
			`public bool IsEnabled => true;`

			`/// <inheritdoc />`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)`
			`{`
Fix circular dependency 2020-06-20 17:58:09 -04:00			`var userManager = _appHost.Resolve<IUserManager>();`
Reimplement password resetting 2020-05-30 00:19:36 -04:00			`var usersReset = new List<string>();`
Initial migration code 2020-05-12 22:10:35 -04:00			`foreach (var resetFile in Directory.EnumerateFiles(_passwordResetFileBaseDir, $"{BaseResetFileName}*"))`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Reimplement password resetting 2020-05-30 00:19:36 -04:00			`SerializablePasswordReset spr;`
Initial migration code 2020-05-12 22:10:35 -04:00			`await using (var str = File.OpenRead(resetFile))`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Use System.Text.Json in DefaultPasswordResetProvider 2020-07-23 21:50:41 -04:00			`spr = await JsonSerializer.DeserializeAsync<SerializablePasswordReset>(str).ConfigureAwait(false);`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`}`

Reimplement password resetting 2020-05-30 00:19:36 -04:00			`if (spr.ExpirationDate < DateTime.UtcNow)`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Initial migration code 2020-05-12 22:10:35 -04:00			`File.Delete(resetFile);`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`}`
Improvements to UserManager 2019-06-09 16:08:01 -04:00			`else if (string.Equals(`
Fix more warnings 2019-11-01 13:38:54 -04:00			`spr.Pin.Replace("-", string.Empty, StringComparison.Ordinal),`
			`pin.Replace("-", string.Empty, StringComparison.Ordinal),`
Improvements to UserManager 2019-06-09 16:08:01 -04:00			`StringComparison.InvariantCultureIgnoreCase))`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Fix circular dependency 2020-06-20 17:58:09 -04:00			`var resetUser = userManager.GetUserByName(spr.UserName)`
Reimplement password resetting 2020-05-30 00:19:36 -04:00			`?? throw new ResourceNotFoundException($"User with a username of {spr.UserName} not found");`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00
Fix circular dependency 2020-06-20 17:58:09 -04:00			`await userManager.ChangePassword(resetUser, pin).ConfigureAwait(false);`
Initial migration code 2020-05-12 22:10:35 -04:00			`usersReset.Add(resetUser.Username);`
			`File.Delete(resetFile);`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`}`
			`}`

Initial migration code 2020-05-12 22:10:35 -04:00			`if (usersReset.Count < 1)`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
			`throw new ResourceNotFoundException($"No Users found with a password reset request matching pin {pin}");`
			`}`
Initial migration code 2020-05-12 22:10:35 -04:00
			`return new PinRedeemResult`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Initial migration code 2020-05-12 22:10:35 -04:00			`Success = true,`
			`UsersReset = usersReset.ToArray()`
			`};`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`}`

Improvements to UserManager 2019-06-09 16:08:01 -04:00			`/// <inheritdoc />`
Migrate User DB to EF Core 2020-05-15 17:24:01 -04:00			`public async Task<ForgotPasswordResult> StartForgotPasswordProcess(User user, bool isInNetwork)`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
Initial migration code 2020-05-12 22:10:35 -04:00			`string pin;`
Improvements to UserManager 2019-06-09 16:08:01 -04:00			`using (var cryptoRandom = RandomNumberGenerator.Create())`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`{`
			`byte[] bytes = new byte[4];`
			`cryptoRandom.GetBytes(bytes);`
			`pin = BitConverter.ToString(bytes);`
			`}`

Reimplement password resetting 2020-05-30 00:19:36 -04:00			`DateTime expireTime = DateTime.UtcNow.AddMinutes(30);`
			`string filePath = _passwordResetFileBase + user.Id + ".json";`
			`SerializablePasswordReset spr = new SerializablePasswordReset`
			`{`
			`ExpirationDate = expireTime,`
			`Pin = pin,`
			`PinFile = filePath,`
			`UserName = user.Username`
			`};`

			`await using (FileStream fileStream = File.OpenWrite(filePath))`
			`{`
Use System.Text.Json in DefaultPasswordResetProvider 2020-07-23 21:50:41 -04:00			`fileStream.Write(JsonSerializer.SerializeToUtf8Bytes(spr));`
Reimplement password resetting 2020-05-30 00:19:36 -04:00			`await fileStream.FlushAsync().ConfigureAwait(false);`
			`}`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00
Initial migration code 2020-05-12 22:10:35 -04:00			`user.EasyPassword = pin;`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00
			`return new ForgotPasswordResult`
			`{`
			`Action = ForgotPasswordAction.PinCode,`
			`PinExpirationDate = expireTime,`
			`};`
			`}`

Enable nullable annotations 2020-06-09 12:21:21 -04:00			`#nullable disable`
Streamline authentication proccess 2019-05-21 13:28:34 -04:00			`private class SerializablePasswordReset : PasswordPinCreationResult`
			`{`
			`public string Pin { get; set; }`

			`public string UserName { get; set; }`
			`}`
			`}`
			`}`