< Summary - Jellyfin

Information

Class:	Jellyfin.Server.Implementations.Users.UserManager
Assembly:	Jellyfin.Server.Implementations
File(s):	/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

Line coverage

44%

Covered lines:	215
Uncovered lines:	271
Coverable lines:	486
Total lines:	896
Line coverage:	44.2%

Branch coverage

39%

Covered branches:	57
Total branches:	146
Branch coverage:	39%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Coverage history

Coverage delta

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.ctor(...)	50%	2	2	95.65%
get_Users()	100%	1	1	100%
get_UsersIds()	100%	2	1	0%
GetUserById(...)	50%	2	2	75%
GetUserByName(...)	50%	2	2	66.66%
RenameUser()	0%	42	6	0%
UpdateUserAsync()	100%	1	1	100%
CreateUserInternalAsync()	100%	2	2	100%
CreateUserAsync()	50%	2	2	73.33%
DeleteUserAsync()	0%	72	8	0%
ResetPassword(...)	100%	2	1	0%
ChangePassword()	75%	4	4	85.71%
GetUserDto(...)	42.85%	14	14	100%
AuthenticateUser()	62.5%	427	40	37.7%
StartForgotPasswordProcess()	0%	20	4	0%
RedeemPasswordResetPin()	0%	20	4	0%
InitializeAsync()	66.66%	6	6	94.11%
GetAuthenticationProviders()	100%	2	1	0%
GetPasswordResetProviders()	100%	2	1	0%
UpdateConfigurationAsync()	0%	42	6	0%
UpdatePolicyAsync()	0%	110	10	0%
ClearProfileImageAsync()	0%	6	2	0%
ThrowIfInvalidUsername(...)	100%	4	4	100%
GetAuthenticationProvider(...)	100%	1	1	100%
GetPasswordResetProvider(...)	0%	6	2	0%
GetAuthenticationProviders(...)	40%	29	10	42.85%
GetPasswordResetProviders(...)	0%	20	4	0%
AuthenticateLocalUser()	75%	4	4	92.85%
AuthenticateWithProvider()	50%	6	4	54.54%
IncrementInvalidLoginAttemptCount()	0%	20	4	0%
UpdateUserInternalAsync()	100%	1	1	100%

File(s)

/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

#	Line	Line coverage
	`1`	`#pragma warning disable CA1307`
	`2`
	`3`	`using System;`
	`4`	`using System.Collections.Concurrent;`
	`5`	`using System.Collections.Generic;`
	`6`	`using System.Globalization;`
	`7`	`using System.Linq;`
	`8`	`using System.Text.RegularExpressions;`
	`9`	`using System.Threading.Tasks;`
	`10`	`using Jellyfin.Data;`
	`11`	`using Jellyfin.Data.Enums;`
	`12`	`using Jellyfin.Data.Events;`
	`13`	`using Jellyfin.Data.Events.Users;`
	`14`	`using Jellyfin.Database.Implementations;`
	`15`	`using Jellyfin.Database.Implementations.Entities;`
	`16`	`using Jellyfin.Database.Implementations.Enums;`
	`17`	`using Jellyfin.Extensions;`
	`18`	`using MediaBrowser.Common;`
	`19`	`using MediaBrowser.Common.Extensions;`
	`20`	`using MediaBrowser.Common.Net;`
	`21`	`using MediaBrowser.Controller.Authentication;`
	`22`	`using MediaBrowser.Controller.Configuration;`
	`23`	`using MediaBrowser.Controller.Drawing;`
	`24`	`using MediaBrowser.Controller.Events;`
	`25`	`using MediaBrowser.Controller.Library;`
	`26`	`using MediaBrowser.Controller.Net;`
	`27`	`using MediaBrowser.Model.Configuration;`
	`28`	`using MediaBrowser.Model.Dto;`
	`29`	`using MediaBrowser.Model.Users;`
	`30`	`using Microsoft.EntityFrameworkCore;`
	`31`	`using Microsoft.Extensions.Logging;`
	`32`
	`33`	`namespace Jellyfin.Server.Implementations.Users`
	`34`	`{`
	`35`	`/// <summary>`
	`36`	`/// Manages the creation and retrieval of <see cref="User"/> instances.`
	`37`	`/// </summary>`
	`38`	`public partial class UserManager : IUserManager`
	`39`	`{`
	`40`	`private readonly IDbContextFactory<JellyfinDbContext> _dbProvider;`
	`41`	`private readonly IEventManager _eventManager;`
	`42`	`private readonly INetworkManager _networkManager;`
	`43`	`private readonly IApplicationHost _appHost;`
	`44`	`private readonly IImageProcessor _imageProcessor;`
	`45`	`private readonly ILogger<UserManager> _logger;`
	`46`	`private readonly IReadOnlyCollection<IPasswordResetProvider> _passwordResetProviders;`
	`47`	`private readonly IReadOnlyCollection<IAuthenticationProvider> _authenticationProviders;`
	`48`	`private readonly InvalidAuthProvider _invalidAuthProvider;`
	`49`	`private readonly DefaultAuthenticationProvider _defaultAuthenticationProvider;`
	`50`	`private readonly DefaultPasswordResetProvider _defaultPasswordResetProvider;`
	`51`	`private readonly IServerConfigurationManager _serverConfigurationManager;`
	`52`
	`53`	`private readonly IDictionary<Guid, User> _users;`
	`54`
	`55`	`/// <summary>`
	`56`	`/// Initializes a new instance of the <see cref="UserManager"/> class.`
	`57`	`/// </summary>`
	`58`	`/// <param name="dbProvider">The database provider.</param>`
	`59`	`/// <param name="eventManager">The event manager.</param>`
	`60`	`/// <param name="networkManager">The network manager.</param>`
	`61`	`/// <param name="appHost">The application host.</param>`
	`62`	`/// <param name="imageProcessor">The image processor.</param>`
	`63`	`/// <param name="logger">The logger.</param>`
	`64`	`/// <param name="serverConfigurationManager">The system config manager.</param>`
	`65`	`/// <param name="passwordResetProviders">The password reset providers.</param>`
	`66`	`/// <param name="authenticationProviders">The authentication providers.</param>`
	`67`	`public UserManager(`
	`68`	`IDbContextFactory<JellyfinDbContext> dbProvider,`
	`69`	`IEventManager eventManager,`
	`70`	`INetworkManager networkManager,`
	`71`	`IApplicationHost appHost,`
	`72`	`IImageProcessor imageProcessor,`
	`73`	`ILogger<UserManager> logger,`
	`74`	`IServerConfigurationManager serverConfigurationManager,`
	`75`	`IEnumerable<IPasswordResetProvider> passwordResetProviders,`
	`76`	`IEnumerable<IAuthenticationProvider> authenticationProviders)`
	`77`	`{`
21	`78`	`_dbProvider = dbProvider;`
21	`79`	`_eventManager = eventManager;`
21	`80`	`_networkManager = networkManager;`
21	`81`	`_appHost = appHost;`
21	`82`	`_imageProcessor = imageProcessor;`
21	`83`	`_logger = logger;`
21	`84`	`_serverConfigurationManager = serverConfigurationManager;`
	`85`
21	`86`	`_passwordResetProviders = passwordResetProviders.ToList();`
21	`87`	`_authenticationProviders = authenticationProviders.ToList();`
	`88`
21	`89`	`_invalidAuthProvider = _authenticationProviders.OfType<InvalidAuthProvider>().First();`
21	`90`	`_defaultAuthenticationProvider = _authenticationProviders.OfType<DefaultAuthenticationProvider>().First();`
21	`91`	`_defaultPasswordResetProvider = _passwordResetProviders.OfType<DefaultPasswordResetProvider>().First();`
	`92`
21	`93`	`_users = new ConcurrentDictionary<Guid, User>();`
21	`94`	`using var dbContext = _dbProvider.CreateDbContext();`
42	`95`	`foreach (var user in dbContext.Users`
21	`96`	`.AsSingleQuery()`
21	`97`	`.Include(user => user.Permissions)`
21	`98`	`.Include(user => user.Preferences)`
21	`99`	`.Include(user => user.AccessSchedules)`
21	`100`	`.Include(user => user.ProfileImage)`
21	`101`	`.AsEnumerable())`
	`102`	`{`
0	`103`	`_users.Add(user.Id, user);`
	`104`	`}`
21	`105`	`}`
	`106`
	`107`	`/// <inheritdoc/>`
	`108`	`public event EventHandler<GenericEventArgs<User>>? OnUserUpdated;`
	`109`
	`110`	`/// <inheritdoc/>`
37	`111`	`public IEnumerable<User> Users => _users.Values;`
	`112`
	`113`	`/// <inheritdoc/>`
0	`114`	`public IEnumerable<Guid> UsersIds => _users.Keys;`
	`115`
	`116`	`// This is some regex that matches only on unicode "word" characters, as well as -, _ and @`
	`117`	`// In theory this will cut out most if not all 'control' characters which should help minimize any weirdness`
	`118`	`// Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes`
	`119`	`[GeneratedRegex(@"^(?!\s)[\w\ \-'._@+]+(?<!\s)$")]`
	`120`	`private static partial Regex ValidUsernameRegex();`
	`121`
	`122`	`/// <inheritdoc/>`
	`123`	`public User? GetUserById(Guid id)`
	`124`	`{`
237	`125`	`if (id.IsEmpty())`
	`126`	`{`
0	`127`	`throw new ArgumentException("Guid can't be empty", nameof(id));`
	`128`	`}`
	`129`
237	`130`	`_users.TryGetValue(id, out var user);`
237	`131`	`return user;`
	`132`	`}`
	`133`
	`134`	`/// <inheritdoc/>`
	`135`	`public User? GetUserByName(string name)`
	`136`	`{`
15	`137`	`if (string.IsNullOrWhiteSpace(name))`
	`138`	`{`
0	`139`	`throw new ArgumentException("Invalid username", nameof(name));`
	`140`	`}`
	`141`
15	`142`	`return _users.Values.FirstOrDefault(u => string.Equals(u.Username, name, StringComparison.OrdinalIgnoreCase)`
	`143`	`}`
	`144`
	`145`	`/// <inheritdoc/>`
	`146`	`public async Task RenameUser(User user, string newName)`
	`147`	`{`
0	`148`	`ArgumentNullException.ThrowIfNull(user);`
	`149`
0	`150`	`ThrowIfInvalidUsername(newName);`
	`151`
0	`152`	`if (user.Username.Equals(newName, StringComparison.Ordinal))`
	`153`	`{`
0	`154`	`throw new ArgumentException("The new and old names must be different.");`
	`155`	`}`
	`156`
0	`157`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`158`	`await using (dbContext.ConfigureAwait(false))`
	`159`	`{`
	`160`	`#pragma warning disable CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`161`	`#pragma warning disable CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`162`	`#pragma warning disable CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
0	`163`	`if (await dbContext.Users`
0	`164`	`.AnyAsync(u => u.Username.ToUpper() == newName.ToUpper() && !u.Id.Equals(user.Id))`
0	`165`	`.ConfigureAwait(false))`
	`166`	`{`
0	`167`	`throw new ArgumentException(string.Format(`
0	`168`	`CultureInfo.InvariantCulture,`
0	`169`	`"A user with the name '{0}' already exists.",`
0	`170`	`newName));`
	`171`	`}`
	`172`	`#pragma warning restore CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
	`173`	`#pragma warning restore CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`174`	`#pragma warning restore CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`175`
0	`176`	`user.Username = newName;`
0	`177`	`await UpdateUserInternalAsync(dbContext, user).ConfigureAwait(false);`
	`178`	`}`
	`179`
0	`180`	`var eventArgs = new UserUpdatedEventArgs(user);`
0	`181`	`await _eventManager.PublishAsync(eventArgs).ConfigureAwait(false);`
0	`182`	`OnUserUpdated?.Invoke(this, eventArgs);`
0	`183`	`}`
	`184`
	`185`	`/// <inheritdoc/>`
	`186`	`public async Task UpdateUserAsync(User user)`
	`187`	`{`
19	`188`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
19	`189`	`await using (dbContext.ConfigureAwait(false))`
	`190`	`{`
19	`191`	`await UpdateUserInternalAsync(dbContext, user).ConfigureAwait(false);`
	`192`	`}`
19	`193`	`}`
	`194`
	`195`	`internal async Task<User> CreateUserInternalAsync(string name, JellyfinDbContext dbContext)`
	`196`	`{`
	`197`	`// TODO: Remove after user item data is migrated.`
17	`198`	`var max = await dbContext.Users.AsQueryable().AnyAsync().ConfigureAwait(false)`
17	`199`	`? await dbContext.Users.AsQueryable().Select(u => u.InternalId).MaxAsync().ConfigureAwait(false)`
17	`200`	`: 0;`
	`201`
17	`202`	`var user = new User(`
17	`203`	`name,`
17	`204`	`_defaultAuthenticationProvider.GetType().FullName!,`
17	`205`	`_defaultPasswordResetProvider.GetType().FullName!)`
17	`206`	`{`
17	`207`	`InternalId = max + 1`
17	`208`	`};`
	`209`
17	`210`	`user.AddDefaultPermissions();`
17	`211`	`user.AddDefaultPreferences();`
	`212`
17	`213`	`return user;`
17	`214`	`}`
	`215`
	`216`	`/// <inheritdoc/>`
	`217`	`public async Task<User> CreateUserAsync(string name)`
	`218`	`{`
2	`219`	`ThrowIfInvalidUsername(name);`
	`220`
1	`221`	`if (Users.Any(u => u.Username.Equals(name, StringComparison.OrdinalIgnoreCase)))`
	`222`	`{`
0	`223`	`throw new ArgumentException(string.Format(`
0	`224`	`CultureInfo.InvariantCulture,`
0	`225`	`"A user with the name '{0}' already exists.",`
0	`226`	`name));`
	`227`	`}`
	`228`
	`229`	`User newUser;`
1	`230`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
1	`231`	`await using (dbContext.ConfigureAwait(false))`
	`232`	`{`
1	`233`	`newUser = await CreateUserInternalAsync(name, dbContext).ConfigureAwait(false);`
	`234`
1	`235`	`dbContext.Users.Add(newUser);`
1	`236`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
1	`237`	`_users.Add(newUser.Id, newUser);`
	`238`	`}`
	`239`
1	`240`	`await _eventManager.PublishAsync(new UserCreatedEventArgs(newUser)).ConfigureAwait(false);`
	`241`
1	`242`	`return newUser;`
1	`243`	`}`
	`244`
	`245`	`/// <inheritdoc/>`
	`246`	`public async Task DeleteUserAsync(Guid userId)`
	`247`	`{`
0	`248`	`if (!_users.TryGetValue(userId, out var user))`
	`249`	`{`
0	`250`	`throw new ResourceNotFoundException(nameof(userId));`
	`251`	`}`
	`252`
0	`253`	`if (_users.Count == 1)`
	`254`	`{`
0	`255`	`throw new InvalidOperationException(string.Format(`
0	`256`	`CultureInfo.InvariantCulture,`
0	`257`	`"The user '{0}' cannot be deleted because there must be at least one user in the system.",`
0	`258`	`user.Username));`
	`259`	`}`
	`260`
0	`261`	`if (user.HasPermission(PermissionKind.IsAdministrator)`
0	`262`	`&& Users.Count(i => i.HasPermission(PermissionKind.IsAdministrator)) == 1)`
	`263`	`{`
0	`264`	`throw new ArgumentException(`
0	`265`	`string.Format(`
0	`266`	`CultureInfo.InvariantCulture,`
0	`267`	`"The user '{0}' cannot be deleted because there must be at least one admin user in the system.",`
0	`268`	`user.Username),`
0	`269`	`nameof(userId));`
	`270`	`}`
	`271`
0	`272`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`273`	`await using (dbContext.ConfigureAwait(false))`
	`274`	`{`
0	`275`	`dbContext.Users.Attach(user);`
0	`276`	`dbContext.Users.Remove(user);`
0	`277`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`278`	`}`
	`279`
0	`280`	`_users.Remove(userId);`
	`281`
0	`282`	`await _eventManager.PublishAsync(new UserDeletedEventArgs(user)).ConfigureAwait(false);`
0	`283`	`}`
	`284`
	`285`	`/// <inheritdoc/>`
	`286`	`public Task ResetPassword(User user)`
	`287`	`{`
0	`288`	`return ChangePassword(user, string.Empty);`
	`289`	`}`
	`290`
	`291`	`/// <inheritdoc/>`
	`292`	`public async Task ChangePassword(User user, string newPassword)`
	`293`	`{`
3	`294`	`ArgumentNullException.ThrowIfNull(user);`
3	`295`	`if (user.HasPermission(PermissionKind.IsAdministrator) && string.IsNullOrWhiteSpace(newPassword))`
	`296`	`{`
0	`297`	`throw new ArgumentException("Admin user passwords must not be empty", nameof(newPassword));`
	`298`	`}`
	`299`
3	`300`	`await GetAuthenticationProvider(user).ChangePassword(user, newPassword).ConfigureAwait(false);`
3	`301`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`302`
3	`303`	`await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(user)).ConfigureAwait(false);`
3	`304`	`}`
	`305`
	`306`	`/// <inheritdoc/>`
	`307`	`public UserDto GetUserDto(User user, string? remoteEndPoint = null)`
	`308`	`{`
34	`309`	`var castReceiverApplications = _serverConfigurationManager.Configuration.CastReceiverApplications;`
34	`310`	`return new UserDto`
34	`311`	`{`
34	`312`	`Name = user.Username,`
34	`313`	`Id = user.Id,`
34	`314`	`ServerId = _appHost.SystemId,`
34	`315`	`EnableAutoLogin = user.EnableAutoLogin,`
34	`316`	`LastLoginDate = user.LastLoginDate,`
34	`317`	`LastActivityDate = user.LastActivityDate,`
34	`318`	`PrimaryImageTag = user.ProfileImage is not null ? _imageProcessor.GetImageCacheTag(user) : null,`
34	`319`	`Configuration = new UserConfiguration`
34	`320`	`{`
34	`321`	`SubtitleMode = user.SubtitleMode,`
34	`322`	`HidePlayedInLatest = user.HidePlayedInLatest,`
34	`323`	`EnableLocalPassword = user.EnableLocalPassword,`
34	`324`	`PlayDefaultAudioTrack = user.PlayDefaultAudioTrack,`
34	`325`	`DisplayCollectionsView = user.DisplayCollectionsView,`
34	`326`	`DisplayMissingEpisodes = user.DisplayMissingEpisodes,`
34	`327`	`AudioLanguagePreference = user.AudioLanguagePreference,`
34	`328`	`RememberAudioSelections = user.RememberAudioSelections,`
34	`329`	`EnableNextEpisodeAutoPlay = user.EnableNextEpisodeAutoPlay,`
34	`330`	`RememberSubtitleSelections = user.RememberSubtitleSelections,`
34	`331`	`SubtitleLanguagePreference = user.SubtitleLanguagePreference ?? string.Empty,`
34	`332`	`OrderedViews = user.GetPreferenceValues<Guid>(PreferenceKind.OrderedViews),`
34	`333`	`GroupedFolders = user.GetPreferenceValues<Guid>(PreferenceKind.GroupedFolders),`
34	`334`	`MyMediaExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.MyMediaExcludes),`
34	`335`	`LatestItemsExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.LatestItemExcludes),`
34	`336`	`CastReceiverId = string.IsNullOrEmpty(user.CastReceiverId)`
34	`337`	`? castReceiverApplications.FirstOrDefault()?.Id`
34	`338`	`: castReceiverApplications.FirstOrDefault(c => string.Equals(c.Id, user.CastReceiverId, StringCo`
34	`339`	`?? castReceiverApplications.FirstOrDefault()?.Id`
34	`340`	`},`
34	`341`	`Policy = new UserPolicy`
34	`342`	`{`
34	`343`	`MaxParentalRating = user.MaxParentalRatingScore,`
34	`344`	`MaxParentalSubRating = user.MaxParentalRatingSubScore,`
34	`345`	`EnableUserPreferenceAccess = user.EnableUserPreferenceAccess,`
34	`346`	`RemoteClientBitrateLimit = user.RemoteClientBitrateLimit ?? 0,`
34	`347`	`AuthenticationProviderId = user.AuthenticationProviderId,`
34	`348`	`PasswordResetProviderId = user.PasswordResetProviderId,`
34	`349`	`InvalidLoginAttemptCount = user.InvalidLoginAttemptCount,`
34	`350`	`LoginAttemptsBeforeLockout = user.LoginAttemptsBeforeLockout ?? -1,`
34	`351`	`MaxActiveSessions = user.MaxActiveSessions,`
34	`352`	`IsAdministrator = user.HasPermission(PermissionKind.IsAdministrator),`
34	`353`	`IsHidden = user.HasPermission(PermissionKind.IsHidden),`
34	`354`	`IsDisabled = user.HasPermission(PermissionKind.IsDisabled),`
34	`355`	`EnableSharedDeviceControl = user.HasPermission(PermissionKind.EnableSharedDeviceControl),`
34	`356`	`EnableRemoteAccess = user.HasPermission(PermissionKind.EnableRemoteAccess),`
34	`357`	`EnableLiveTvManagement = user.HasPermission(PermissionKind.EnableLiveTvManagement),`
34	`358`	`EnableLiveTvAccess = user.HasPermission(PermissionKind.EnableLiveTvAccess),`
34	`359`	`EnableMediaPlayback = user.HasPermission(PermissionKind.EnableMediaPlayback),`
34	`360`	`EnableAudioPlaybackTranscoding = user.HasPermission(PermissionKind.EnableAudioPlaybackTranscoding),`
34	`361`	`EnableVideoPlaybackTranscoding = user.HasPermission(PermissionKind.EnableVideoPlaybackTranscoding),`
34	`362`	`EnableContentDeletion = user.HasPermission(PermissionKind.EnableContentDeletion),`
34	`363`	`EnableContentDownloading = user.HasPermission(PermissionKind.EnableContentDownloading),`
34	`364`	`EnableSyncTranscoding = user.HasPermission(PermissionKind.EnableSyncTranscoding),`
34	`365`	`EnableMediaConversion = user.HasPermission(PermissionKind.EnableMediaConversion),`
34	`366`	`EnableAllChannels = user.HasPermission(PermissionKind.EnableAllChannels),`
34	`367`	`EnableAllDevices = user.HasPermission(PermissionKind.EnableAllDevices),`
34	`368`	`EnableAllFolders = user.HasPermission(PermissionKind.EnableAllFolders),`
34	`369`	`EnableRemoteControlOfOtherUsers = user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers)`
34	`370`	`EnablePlaybackRemuxing = user.HasPermission(PermissionKind.EnablePlaybackRemuxing),`
34	`371`	`ForceRemoteSourceTranscoding = user.HasPermission(PermissionKind.ForceRemoteSourceTranscoding),`
34	`372`	`EnablePublicSharing = user.HasPermission(PermissionKind.EnablePublicSharing),`
34	`373`	`EnableCollectionManagement = user.HasPermission(PermissionKind.EnableCollectionManagement),`
34	`374`	`EnableSubtitleManagement = user.HasPermission(PermissionKind.EnableSubtitleManagement),`
34	`375`	`AccessSchedules = user.AccessSchedules.ToArray(),`
34	`376`	`BlockedTags = user.GetPreference(PreferenceKind.BlockedTags),`
34	`377`	`AllowedTags = user.GetPreference(PreferenceKind.AllowedTags),`
34	`378`	`EnabledChannels = user.GetPreferenceValues<Guid>(PreferenceKind.EnabledChannels),`
34	`379`	`EnabledDevices = user.GetPreference(PreferenceKind.EnabledDevices),`
34	`380`	`EnabledFolders = user.GetPreferenceValues<Guid>(PreferenceKind.EnabledFolders),`
34	`381`	`EnableContentDeletionFromFolders = user.GetPreference(PreferenceKind.EnableContentDeletionFromFolder`
34	`382`	`SyncPlayAccess = user.SyncPlayAccess,`
34	`383`	`BlockedChannels = user.GetPreferenceValues<Guid>(PreferenceKind.BlockedChannels),`
34	`384`	`BlockedMediaFolders = user.GetPreferenceValues<Guid>(PreferenceKind.BlockedMediaFolders),`
34	`385`	`BlockUnratedItems = user.GetPreferenceValues<UnratedItem>(PreferenceKind.BlockUnratedItems)`
34	`386`	`}`
34	`387`	`};`
	`388`	`}`
	`389`
	`390`	`/// <inheritdoc/>`
	`391`	`public async Task<User?> AuthenticateUser(`
	`392`	`string username,`
	`393`	`string password,`
	`394`	`string remoteEndPoint,`
	`395`	`bool isUserSession)`
	`396`	`{`
15	`397`	`if (string.IsNullOrWhiteSpace(username))`
	`398`	`{`
0	`399`	`_logger.LogInformation("Authentication request without username has been denied (IP: {IP}).", remoteEndP`
0	`400`	`throw new ArgumentNullException(nameof(username));`
	`401`	`}`
	`402`
15	`403`	`var user = Users.FirstOrDefault(i => string.Equals(username, i.Username, StringComparison.OrdinalIgnoreCase)`
15	`404`	`var authResult = await AuthenticateLocalUser(username, password, user)`
15	`405`	`.ConfigureAwait(false);`
15	`406`	`var authenticationProvider = authResult.AuthenticationProvider;`
15	`407`	`var success = authResult.Success;`
	`408`
15	`409`	`if (user is null)`
	`410`	`{`
0	`411`	`string updatedUsername = authResult.Username;`
	`412`
0	`413`	`if (success`
0	`414`	`&& authenticationProvider is not null`
0	`415`	`&& authenticationProvider is not DefaultAuthenticationProvider)`
	`416`	`{`
	`417`	`// Trust the username returned by the authentication provider`
0	`418`	`username = updatedUsername;`
	`419`
	`420`	`// Search the database for the user again`
	`421`	`// the authentication provider might have created it`
0	`422`	`user = Users.FirstOrDefault(i => string.Equals(username, i.Username, StringComparison.OrdinalIgnoreC`
	`423`
0	`424`	`if (authenticationProvider is IHasNewUserPolicy hasNewUserPolicy && user is not null)`
	`425`	`{`
0	`426`	`await UpdatePolicyAsync(user.Id, hasNewUserPolicy.GetNewUserPolicy()).ConfigureAwait(false);`
	`427`	`}`
	`428`	`}`
	`429`	`}`
	`430`
15	`431`	`if (success && user is not null && authenticationProvider is not null)`
	`432`	`{`
15	`433`	`var providerId = authenticationProvider.GetType().FullName;`
	`434`
15	`435`	`if (providerId is not null && !string.Equals(providerId, user.AuthenticationProviderId, StringComparison`
	`436`	`{`
0	`437`	`user.AuthenticationProviderId = providerId;`
0	`438`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`439`	`}`
	`440`	`}`
	`441`
15	`442`	`if (user is null)`
	`443`	`{`
0	`444`	`_logger.LogInformation(`
0	`445`	`"Authentication request for {UserName} has been denied (IP: {IP}).",`
0	`446`	`username,`
0	`447`	`remoteEndPoint);`
0	`448`	`throw new AuthenticationException("Invalid username or password entered.");`
	`449`	`}`
	`450`
15	`451`	`if (user.HasPermission(PermissionKind.IsDisabled))`
	`452`	`{`
0	`453`	`_logger.LogInformation(`
0	`454`	`"Authentication request for {UserName} has been denied because this account is currently disabled (I`
0	`455`	`username,`
0	`456`	`remoteEndPoint);`
0	`457`	`throw new SecurityException(`
0	`458`	`$"The {user.Username} account is currently disabled. Please consult with your administrator.");`
	`459`	`}`
	`460`
15	`461`	`if (!user.HasPermission(PermissionKind.EnableRemoteAccess) &&`
15	`462`	`!_networkManager.IsInLocalNetwork(remoteEndPoint))`
	`463`	`{`
0	`464`	`_logger.LogInformation(`
0	`465`	`"Authentication request for {UserName} forbidden: remote access disabled and user not in local netwo`
0	`466`	`username,`
0	`467`	`remoteEndPoint);`
0	`468`	`throw new SecurityException("Forbidden.");`
	`469`	`}`
	`470`
15	`471`	`if (!user.IsParentalScheduleAllowed())`
	`472`	`{`
0	`473`	`_logger.LogInformation(`
0	`474`	`"Authentication request for {UserName} is not allowed at this time due parental restrictions (IP: {I`
0	`475`	`username,`
0	`476`	`remoteEndPoint);`
0	`477`	`throw new SecurityException("User is not allowed access at this time.");`
	`478`	`}`
	`479`
	`480`	`// Update LastActivityDate and LastLoginDate, then save`
15	`481`	`if (success)`
	`482`	`{`
15	`483`	`if (isUserSession)`
	`484`	`{`
15	`485`	`user.LastActivityDate = user.LastLoginDate = DateTime.UtcNow;`
	`486`	`}`
	`487`
15	`488`	`user.InvalidLoginAttemptCount = 0;`
15	`489`	`await UpdateUserAsync(user).ConfigureAwait(false);`
15	`490`	`_logger.LogInformation("Authentication request for {UserName} has succeeded.", user.Username);`
	`491`	`}`
	`492`	`else`
	`493`	`{`
0	`494`	`await IncrementInvalidLoginAttemptCount(user).ConfigureAwait(false);`
0	`495`	`_logger.LogInformation(`
0	`496`	`"Authentication request for {UserName} has been denied (IP: {IP}).",`
0	`497`	`user.Username,`
0	`498`	`remoteEndPoint);`
	`499`	`}`
	`500`
15	`501`	`return success ? user : null;`
15	`502`	`}`
	`503`
	`504`	`/// <inheritdoc/>`
	`505`	`public async Task<ForgotPasswordResult> StartForgotPasswordProcess(string enteredUsername, bool isInNetwork)`
	`506`	`{`
0	`507`	`var user = string.IsNullOrWhiteSpace(enteredUsername) ? null : GetUserByName(enteredUsername);`
0	`508`	`var passwordResetProvider = GetPasswordResetProvider(user);`
	`509`
0	`510`	`var result = await passwordResetProvider`
0	`511`	`.StartForgotPasswordProcess(user, enteredUsername, isInNetwork)`
0	`512`	`.ConfigureAwait(false);`
	`513`
0	`514`	`if (user is not null && isInNetwork)`
	`515`	`{`
0	`516`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`517`	`}`
	`518`
0	`519`	`return result;`
0	`520`	`}`
	`521`
	`522`	`/// <inheritdoc/>`
	`523`	`public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)`
	`524`	`{`
0	`525`	`foreach (var provider in _passwordResetProviders)`
	`526`	`{`
0	`527`	`var result = await provider.RedeemPasswordResetPin(pin).ConfigureAwait(false);`
	`528`
0	`529`	`if (result.Success)`
	`530`	`{`
0	`531`	`return result;`
	`532`	`}`
	`533`	`}`
	`534`
0	`535`	`return new PinRedeemResult();`
0	`536`	`}`
	`537`
	`538`	`/// <inheritdoc />`
	`539`	`public async Task InitializeAsync()`
	`540`	`{`
	`541`	`// TODO: Refactor the startup wizard so that it doesn't require a user to already exist.`
17	`542`	`if (_users.Any())`
	`543`	`{`
1	`544`	`return;`
	`545`	`}`
	`546`
16	`547`	`var defaultName = Environment.UserName;`
16	`548`	`if (string.IsNullOrWhiteSpace(defaultName) \|\| !ValidUsernameRegex().IsMatch(defaultName))`
	`549`	`{`
0	`550`	`defaultName = "MyJellyfinUser";`
	`551`	`}`
	`552`
16	`553`	`_logger.LogWarning("No users, creating one with username {UserName}", defaultName);`
	`554`
16	`555`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
16	`556`	`await using (dbContext.ConfigureAwait(false))`
	`557`	`{`
16	`558`	`var newUser = await CreateUserInternalAsync(defaultName, dbContext).ConfigureAwait(false);`
16	`559`	`newUser.SetPermission(PermissionKind.IsAdministrator, true);`
16	`560`	`newUser.SetPermission(PermissionKind.EnableContentDeletion, true);`
16	`561`	`newUser.SetPermission(PermissionKind.EnableRemoteControlOfOtherUsers, true);`
	`562`
16	`563`	`dbContext.Users.Add(newUser);`
16	`564`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
16	`565`	`_users.Add(newUser.Id, newUser);`
16	`566`	`}`
17	`567`	`}`
	`568`
	`569`	`/// <inheritdoc/>`
	`570`	`public NameIdPair[] GetAuthenticationProviders()`
	`571`	`{`
0	`572`	`return _authenticationProviders`
0	`573`	`.Where(provider => provider.IsEnabled)`
0	`574`	`.OrderBy(i => i is DefaultAuthenticationProvider ? 0 : 1)`
0	`575`	`.ThenBy(i => i.Name)`
0	`576`	`.Select(i => new NameIdPair`
0	`577`	`{`
0	`578`	`Name = i.Name,`
0	`579`	`Id = i.GetType().FullName`
0	`580`	`})`
0	`581`	`.ToArray();`
	`582`	`}`
	`583`
	`584`	`/// <inheritdoc/>`
	`585`	`public NameIdPair[] GetPasswordResetProviders()`
	`586`	`{`
0	`587`	`return _passwordResetProviders`
0	`588`	`.Where(provider => provider.IsEnabled)`
0	`589`	`.OrderBy(i => i is DefaultPasswordResetProvider ? 0 : 1)`
0	`590`	`.ThenBy(i => i.Name)`
0	`591`	`.Select(i => new NameIdPair`
0	`592`	`{`
0	`593`	`Name = i.Name,`
0	`594`	`Id = i.GetType().FullName`
0	`595`	`})`
0	`596`	`.ToArray();`
	`597`	`}`
	`598`
	`599`	`/// <inheritdoc/>`
	`600`	`public async Task UpdateConfigurationAsync(Guid userId, UserConfiguration config)`
	`601`	`{`
0	`602`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`603`	`await using (dbContext.ConfigureAwait(false))`
	`604`	`{`
0	`605`	`var user = dbContext.Users`
0	`606`	`.Include(u => u.Permissions)`
0	`607`	`.Include(u => u.Preferences)`
0	`608`	`.Include(u => u.AccessSchedules)`
0	`609`	`.Include(u => u.ProfileImage)`
0	`610`	`.AsSingleQuery()`
0	`611`	`.FirstOrDefault(u => u.Id.Equals(userId))`
0	`612`	`?? throw new ArgumentException("No user exists with given Id!");`
	`613`
0	`614`	`user.SubtitleMode = config.SubtitleMode;`
0	`615`	`user.HidePlayedInLatest = config.HidePlayedInLatest;`
0	`616`	`user.EnableLocalPassword = config.EnableLocalPassword;`
0	`617`	`user.PlayDefaultAudioTrack = config.PlayDefaultAudioTrack;`
0	`618`	`user.DisplayCollectionsView = config.DisplayCollectionsView;`
0	`619`	`user.DisplayMissingEpisodes = config.DisplayMissingEpisodes;`
0	`620`	`user.AudioLanguagePreference = config.AudioLanguagePreference;`
0	`621`	`user.RememberAudioSelections = config.RememberAudioSelections;`
0	`622`	`user.EnableNextEpisodeAutoPlay = config.EnableNextEpisodeAutoPlay;`
0	`623`	`user.RememberSubtitleSelections = config.RememberSubtitleSelections;`
0	`624`	`user.SubtitleLanguagePreference = config.SubtitleLanguagePreference;`
	`625`
	`626`	`// Only set cast receiver id if it is passed in and it exists in the server config.`
0	`627`	`if (!string.IsNullOrEmpty(config.CastReceiverId)`
0	`628`	`&& _serverConfigurationManager.Configuration.CastReceiverApplications.Any(c => string.Equals(c.Id, c`
	`629`	`{`
0	`630`	`user.CastReceiverId = config.CastReceiverId;`
	`631`	`}`
	`632`
0	`633`	`user.SetPreference(PreferenceKind.OrderedViews, config.OrderedViews);`
0	`634`	`user.SetPreference(PreferenceKind.GroupedFolders, config.GroupedFolders);`
0	`635`	`user.SetPreference(PreferenceKind.MyMediaExcludes, config.MyMediaExcludes);`
0	`636`	`user.SetPreference(PreferenceKind.LatestItemExcludes, config.LatestItemsExcludes);`
	`637`
0	`638`	`dbContext.Update(user);`
0	`639`	`_users[user.Id] = user;`
0	`640`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`641`	`}`
0	`642`	`}`
	`643`
	`644`	`/// <inheritdoc/>`
	`645`	`public async Task UpdatePolicyAsync(Guid userId, UserPolicy policy)`
	`646`	`{`
0	`647`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`648`	`await using (dbContext.ConfigureAwait(false))`
	`649`	`{`
0	`650`	`var user = dbContext.Users`
0	`651`	`.Include(u => u.Permissions)`
0	`652`	`.Include(u => u.Preferences)`
0	`653`	`.Include(u => u.AccessSchedules)`
0	`654`	`.Include(u => u.ProfileImage)`
0	`655`	`.AsSingleQuery()`
0	`656`	`.FirstOrDefault(u => u.Id.Equals(userId))`
0	`657`	`?? throw new ArgumentException("No user exists with given Id!");`
	`658`
	`659`	`// The default number of login attempts is 3, but for some god forsaken reason it's sent to the server a`
0	`660`	`int? maxLoginAttempts = policy.LoginAttemptsBeforeLockout switch`
0	`661`	`{`
0	`662`	`-1 => null,`
0	`663`	`0 => 3,`
0	`664`	`_ => policy.LoginAttemptsBeforeLockout`
0	`665`	`};`
	`666`
0	`667`	`user.MaxParentalRatingScore = policy.MaxParentalRating;`
0	`668`	`user.MaxParentalRatingSubScore = policy.MaxParentalSubRating;`
0	`669`	`user.EnableUserPreferenceAccess = policy.EnableUserPreferenceAccess;`
0	`670`	`user.RemoteClientBitrateLimit = policy.RemoteClientBitrateLimit;`
0	`671`	`user.AuthenticationProviderId = policy.AuthenticationProviderId;`
0	`672`	`user.PasswordResetProviderId = policy.PasswordResetProviderId;`
0	`673`	`user.InvalidLoginAttemptCount = policy.InvalidLoginAttemptCount;`
0	`674`	`user.LoginAttemptsBeforeLockout = maxLoginAttempts;`
0	`675`	`user.MaxActiveSessions = policy.MaxActiveSessions;`
0	`676`	`user.SyncPlayAccess = policy.SyncPlayAccess;`
0	`677`	`user.SetPermission(PermissionKind.IsAdministrator, policy.IsAdministrator);`
0	`678`	`user.SetPermission(PermissionKind.IsHidden, policy.IsHidden);`
0	`679`	`user.SetPermission(PermissionKind.IsDisabled, policy.IsDisabled);`
0	`680`	`user.SetPermission(PermissionKind.EnableSharedDeviceControl, policy.EnableSharedDeviceControl);`
0	`681`	`user.SetPermission(PermissionKind.EnableRemoteAccess, policy.EnableRemoteAccess);`
0	`682`	`user.SetPermission(PermissionKind.EnableLiveTvManagement, policy.EnableLiveTvManagement);`
0	`683`	`user.SetPermission(PermissionKind.EnableLiveTvAccess, policy.EnableLiveTvAccess);`
0	`684`	`user.SetPermission(PermissionKind.EnableMediaPlayback, policy.EnableMediaPlayback);`
0	`685`	`user.SetPermission(PermissionKind.EnableAudioPlaybackTranscoding, policy.EnableAudioPlaybackTranscoding)`
0	`686`	`user.SetPermission(PermissionKind.EnableVideoPlaybackTranscoding, policy.EnableVideoPlaybackTranscoding)`
0	`687`	`user.SetPermission(PermissionKind.EnableContentDeletion, policy.EnableContentDeletion);`
0	`688`	`user.SetPermission(PermissionKind.EnableContentDownloading, policy.EnableContentDownloading);`
0	`689`	`user.SetPermission(PermissionKind.EnableSyncTranscoding, policy.EnableSyncTranscoding);`
0	`690`	`user.SetPermission(PermissionKind.EnableMediaConversion, policy.EnableMediaConversion);`
0	`691`	`user.SetPermission(PermissionKind.EnableAllChannels, policy.EnableAllChannels);`
0	`692`	`user.SetPermission(PermissionKind.EnableAllDevices, policy.EnableAllDevices);`
0	`693`	`user.SetPermission(PermissionKind.EnableAllFolders, policy.EnableAllFolders);`
0	`694`	`user.SetPermission(PermissionKind.EnableRemoteControlOfOtherUsers, policy.EnableRemoteControlOfOtherUser`
0	`695`	`user.SetPermission(PermissionKind.EnablePlaybackRemuxing, policy.EnablePlaybackRemuxing);`
0	`696`	`user.SetPermission(PermissionKind.EnableCollectionManagement, policy.EnableCollectionManagement);`
0	`697`	`user.SetPermission(PermissionKind.EnableSubtitleManagement, policy.EnableSubtitleManagement);`
0	`698`	`user.SetPermission(PermissionKind.EnableLyricManagement, policy.EnableLyricManagement);`
0	`699`	`user.SetPermission(PermissionKind.ForceRemoteSourceTranscoding, policy.ForceRemoteSourceTranscoding);`
0	`700`	`user.SetPermission(PermissionKind.EnablePublicSharing, policy.EnablePublicSharing);`
	`701`
0	`702`	`user.AccessSchedules.Clear();`
0	`703`	`foreach (var policyAccessSchedule in policy.AccessSchedules)`
	`704`	`{`
0	`705`	`user.AccessSchedules.Add(policyAccessSchedule);`
	`706`	`}`
	`707`
	`708`	`// TODO: fix this at some point`
0	`709`	`user.SetPreference(PreferenceKind.BlockUnratedItems, policy.BlockUnratedItems ?? Array.Empty<UnratedItem`
0	`710`	`user.SetPreference(PreferenceKind.BlockedTags, policy.BlockedTags);`
0	`711`	`user.SetPreference(PreferenceKind.AllowedTags, policy.AllowedTags);`
0	`712`	`user.SetPreference(PreferenceKind.EnabledChannels, policy.EnabledChannels);`
0	`713`	`user.SetPreference(PreferenceKind.EnabledDevices, policy.EnabledDevices);`
0	`714`	`user.SetPreference(PreferenceKind.EnabledFolders, policy.EnabledFolders);`
0	`715`	`user.SetPreference(PreferenceKind.EnableContentDeletionFromFolders, policy.EnableContentDeletionFromFold`
	`716`
0	`717`	`dbContext.Update(user);`
0	`718`	`_users[user.Id] = user;`
0	`719`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`720`	`}`
0	`721`	`}`
	`722`
	`723`	`/// <inheritdoc/>`
	`724`	`public async Task ClearProfileImageAsync(User user)`
	`725`	`{`
0	`726`	`if (user.ProfileImage is null)`
	`727`	`{`
0	`728`	`return;`
	`729`	`}`
	`730`
0	`731`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`732`	`await using (dbContext.ConfigureAwait(false))`
	`733`	`{`
0	`734`	`dbContext.Remove(user.ProfileImage);`
0	`735`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`736`	`}`
	`737`
0	`738`	`user.ProfileImage = null;`
0	`739`	`_users[user.Id] = user;`
0	`740`	`}`
	`741`
	`742`	`internal static void ThrowIfInvalidUsername(string name)`
	`743`	`{`
15	`744`	`if (!string.IsNullOrWhiteSpace(name) && ValidUsernameRegex().IsMatch(name))`
	`745`	`{`
7	`746`	`return;`
	`747`	`}`
	`748`
8	`749`	`throw new ArgumentException("Usernames can contain unicode symbols, numbers (0-9), dashes (-), underscores (`
	`750`	`}`
	`751`
	`752`	`private IAuthenticationProvider GetAuthenticationProvider(User user)`
	`753`	`{`
3	`754`	`return GetAuthenticationProviders(user)[0];`
	`755`	`}`
	`756`
	`757`	`private IPasswordResetProvider GetPasswordResetProvider(User? user)`
	`758`	`{`
0	`759`	`if (user is null)`
	`760`	`{`
0	`761`	`return _defaultPasswordResetProvider;`
	`762`	`}`
	`763`
0	`764`	`return GetPasswordResetProviders(user)[0];`
	`765`	`}`
	`766`
	`767`	`private List<IAuthenticationProvider> GetAuthenticationProviders(User? user)`
	`768`	`{`
18	`769`	`var authenticationProviderId = user?.AuthenticationProviderId;`
	`770`
18	`771`	`var providers = _authenticationProviders.Where(i => i.IsEnabled).ToList();`
	`772`
18	`773`	`if (!string.IsNullOrEmpty(authenticationProviderId))`
	`774`	`{`
18	`775`	`providers = providers.Where(i => string.Equals(authenticationProviderId, i.GetType().FullName, StringCom`
	`776`	`}`
	`777`
18	`778`	`if (providers.Count == 0)`
	`779`	`{`
	`780`	`// Assign the user to the InvalidAuthProvider since no configured auth provider was valid/found`
0	`781`	`_logger.LogWarning(`
0	`782`	`"User {Username} was found with invalid/missing Authentication Provider {AuthenticationProviderId}.`
0	`783`	`user?.Username,`
0	`784`	`user?.AuthenticationProviderId);`
0	`785`	`providers = new List<IAuthenticationProvider>`
0	`786`	`{`
0	`787`	`_invalidAuthProvider`
0	`788`	`};`
	`789`	`}`
	`790`
18	`791`	`return providers;`
	`792`	`}`
	`793`
	`794`	`private IPasswordResetProvider[] GetPasswordResetProviders(User user)`
	`795`	`{`
0	`796`	`var passwordResetProviderId = user.PasswordResetProviderId;`
0	`797`	`var providers = _passwordResetProviders.Where(i => i.IsEnabled).ToArray();`
	`798`
0	`799`	`if (!string.IsNullOrEmpty(passwordResetProviderId))`
	`800`	`{`
0	`801`	`providers = providers.Where(i =>`
0	`802`	`string.Equals(passwordResetProviderId, i.GetType().FullName, StringComparison.OrdinalIgnoreCase)`
0	`803`	`.ToArray();`
	`804`	`}`
	`805`
0	`806`	`if (providers.Length == 0)`
	`807`	`{`
0	`808`	`providers = new IPasswordResetProvider[]`
0	`809`	`{`
0	`810`	`_defaultPasswordResetProvider`
0	`811`	`};`
	`812`	`}`
	`813`
0	`814`	`return providers;`
	`815`	`}`
	`816`
	`817`	`private async Task<(IAuthenticationProvider? AuthenticationProvider, string Username, bool Success)> Authenticat`
	`818`	`string username,`
	`819`	`string password,`
	`820`	`User? user)`
	`821`	`{`
15	`822`	`bool success = false;`
15	`823`	`IAuthenticationProvider? authenticationProvider = null;`
	`824`
45	`825`	`foreach (var provider in GetAuthenticationProviders(user))`
	`826`	`{`
15	`827`	`var providerAuthResult =`
15	`828`	`await AuthenticateWithProvider(provider, username, password, user).ConfigureAwait(false);`
15	`829`	`var updatedUsername = providerAuthResult.Username;`
15	`830`	`success = providerAuthResult.Success;`
	`831`
15	`832`	`if (success)`
	`833`	`{`
15	`834`	`authenticationProvider = provider;`
15	`835`	`username = updatedUsername;`
15	`836`	`break;`
	`837`	`}`
0	`838`	`}`
	`839`
15	`840`	`return (authenticationProvider, username, success);`
15	`841`	`}`
	`842`
	`843`	`private async Task<(string Username, bool Success)> AuthenticateWithProvider(`
	`844`	`IAuthenticationProvider provider,`
	`845`	`string username,`
	`846`	`string password,`
	`847`	`User? resolvedUser)`
	`848`	`{`
	`849`	`try`
	`850`	`{`
15	`851`	`var authenticationResult = provider is IRequiresResolvedUser requiresResolvedUser`
15	`852`	`? await requiresResolvedUser.Authenticate(username, password, resolvedUser).ConfigureAwait(false)`
15	`853`	`: await provider.Authenticate(username, password).ConfigureAwait(false);`
	`854`
15	`855`	`if (authenticationResult.Username != username)`
	`856`	`{`
0	`857`	`_logger.LogDebug("Authentication provider provided updated username {1}", authenticationResult.Usern`
0	`858`	`username = authenticationResult.Username;`
	`859`	`}`
	`860`
15	`861`	`return (username, true);`
	`862`	`}`
0	`863`	`catch (AuthenticationException ex)`
	`864`	`{`
0	`865`	`_logger.LogDebug(ex, "Error authenticating with provider {Provider}", provider.Name);`
	`866`
0	`867`	`return (username, false);`
	`868`	`}`
15	`869`	`}`
	`870`
	`871`	`private async Task IncrementInvalidLoginAttemptCount(User user)`
	`872`	`{`
0	`873`	`user.InvalidLoginAttemptCount++;`
0	`874`	`int? maxInvalidLogins = user.LoginAttemptsBeforeLockout;`
0	`875`	`if (maxInvalidLogins.HasValue && user.InvalidLoginAttemptCount >= maxInvalidLogins)`
	`876`	`{`
0	`877`	`user.SetPermission(PermissionKind.IsDisabled, true);`
0	`878`	`await _eventManager.PublishAsync(new UserLockedOutEventArgs(user)).ConfigureAwait(false);`
0	`879`	`_logger.LogWarning(`
0	`880`	`"Disabling user {Username} due to {Attempts} unsuccessful login attempts.",`
0	`881`	`user.Username,`
0	`882`	`user.InvalidLoginAttemptCount);`
	`883`	`}`
	`884`
0	`885`	`await UpdateUserAsync(user).ConfigureAwait(false);`
0	`886`	`}`
	`887`
	`888`	`private async Task UpdateUserInternalAsync(JellyfinDbContext dbContext, User user)`
	`889`	`{`
19	`890`	`dbContext.Users.Attach(user);`
19	`891`	`dbContext.Entry(user).State = EntityState.Modified;`
19	`892`	`_users[user.Id] = user;`
19	`893`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
19	`894`	`}`
	`895`	`}`
	`896`	`}`

< Summary - Jellyfin

Coverage history

Coverage delta

Metrics

File(s)

/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

Methods/Properties