< Summary - Jellyfin

Information

Class:	Jellyfin.Server.Implementations.Users.UserManager
Assembly:	Jellyfin.Server.Implementations
File(s):	/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

Line coverage

72%

Covered lines:	120
Uncovered lines:	46
Coverable lines:	166
Total lines:	895
Line coverage:	72.2%

Branch coverage

44%

Covered branches:	17
Total branches:	38
Branch coverage:	44.7%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Coverage history

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.ctor(...)	50%	2	2	95.65%
get_Users()	100%	1	1	100%
get_UsersIds()	100%	2	1	0%
GetUserById(...)	50%	2	2	75%
GetUserByName(...)	50%	2	2	66.66%
ResetPassword(...)	100%	2	1	0%
GetUserDto(...)	42.85%	14	14	100%
GetAuthenticationProviders()	100%	2	1	0%
GetPasswordResetProviders()	100%	2	1	0%
ThrowIfInvalidUsername(...)	100%	4	4	100%
GetAuthenticationProvider(...)	100%	1	1	100%
GetPasswordResetProvider(...)	100%	2	1	0%
GetAuthenticationProviders(...)	40%	29	10	42.85%
GetPasswordResetProviders(...)	0%	20	4	0%

File(s)

/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

#	Line	Line coverage
	`1`	`#pragma warning disable CA1307`
	`2`
	`3`	`using System;`
	`4`	`using System.Collections.Concurrent;`
	`5`	`using System.Collections.Generic;`
	`6`	`using System.Globalization;`
	`7`	`using System.Linq;`
	`8`	`using System.Text.RegularExpressions;`
	`9`	`using System.Threading.Tasks;`
	`10`	`using Jellyfin.Data;`
	`11`	`using Jellyfin.Data.Enums;`
	`12`	`using Jellyfin.Data.Events;`
	`13`	`using Jellyfin.Data.Events.Users;`
	`14`	`using Jellyfin.Database.Implementations;`
	`15`	`using Jellyfin.Database.Implementations.Entities;`
	`16`	`using Jellyfin.Database.Implementations.Enums;`
	`17`	`using Jellyfin.Extensions;`
	`18`	`using MediaBrowser.Common;`
	`19`	`using MediaBrowser.Common.Extensions;`
	`20`	`using MediaBrowser.Common.Net;`
	`21`	`using MediaBrowser.Controller.Authentication;`
	`22`	`using MediaBrowser.Controller.Configuration;`
	`23`	`using MediaBrowser.Controller.Drawing;`
	`24`	`using MediaBrowser.Controller.Events;`
	`25`	`using MediaBrowser.Controller.Library;`
	`26`	`using MediaBrowser.Controller.Net;`
	`27`	`using MediaBrowser.Model.Configuration;`
	`28`	`using MediaBrowser.Model.Dto;`
	`29`	`using MediaBrowser.Model.Users;`
	`30`	`using Microsoft.EntityFrameworkCore;`
	`31`	`using Microsoft.Extensions.Logging;`
	`32`
	`33`	`namespace Jellyfin.Server.Implementations.Users`
	`34`	`{`
	`35`	`/// <summary>`
	`36`	`/// Manages the creation and retrieval of <see cref="User"/> instances.`
	`37`	`/// </summary>`
	`38`	`public partial class UserManager : IUserManager`
	`39`	`{`
	`40`	`private readonly IDbContextFactory<JellyfinDbContext> _dbProvider;`
	`41`	`private readonly IEventManager _eventManager;`
	`42`	`private readonly INetworkManager _networkManager;`
	`43`	`private readonly IApplicationHost _appHost;`
	`44`	`private readonly IImageProcessor _imageProcessor;`
	`45`	`private readonly ILogger<UserManager> _logger;`
	`46`	`private readonly IReadOnlyCollection<IPasswordResetProvider> _passwordResetProviders;`
	`47`	`private readonly IReadOnlyCollection<IAuthenticationProvider> _authenticationProviders;`
	`48`	`private readonly InvalidAuthProvider _invalidAuthProvider;`
	`49`	`private readonly DefaultAuthenticationProvider _defaultAuthenticationProvider;`
	`50`	`private readonly DefaultPasswordResetProvider _defaultPasswordResetProvider;`
	`51`	`private readonly IServerConfigurationManager _serverConfigurationManager;`
	`52`
	`53`	`private readonly IDictionary<Guid, User> _users;`
	`54`
	`55`	`/// <summary>`
	`56`	`/// Initializes a new instance of the <see cref="UserManager"/> class.`
	`57`	`/// </summary>`
	`58`	`/// <param name="dbProvider">The database provider.</param>`
	`59`	`/// <param name="eventManager">The event manager.</param>`
	`60`	`/// <param name="networkManager">The network manager.</param>`
	`61`	`/// <param name="appHost">The application host.</param>`
	`62`	`/// <param name="imageProcessor">The image processor.</param>`
	`63`	`/// <param name="logger">The logger.</param>`
	`64`	`/// <param name="serverConfigurationManager">The system config manager.</param>`
	`65`	`/// <param name="passwordResetProviders">The password reset providers.</param>`
	`66`	`/// <param name="authenticationProviders">The authentication providers.</param>`
	`67`	`public UserManager(`
	`68`	`IDbContextFactory<JellyfinDbContext> dbProvider,`
	`69`	`IEventManager eventManager,`
	`70`	`INetworkManager networkManager,`
	`71`	`IApplicationHost appHost,`
	`72`	`IImageProcessor imageProcessor,`
	`73`	`ILogger<UserManager> logger,`
	`74`	`IServerConfigurationManager serverConfigurationManager,`
	`75`	`IEnumerable<IPasswordResetProvider> passwordResetProviders,`
	`76`	`IEnumerable<IAuthenticationProvider> authenticationProviders)`
	`77`	`{`
21	`78`	`_dbProvider = dbProvider;`
21	`79`	`_eventManager = eventManager;`
21	`80`	`_networkManager = networkManager;`
21	`81`	`_appHost = appHost;`
21	`82`	`_imageProcessor = imageProcessor;`
21	`83`	`_logger = logger;`
21	`84`	`_serverConfigurationManager = serverConfigurationManager;`
	`85`
21	`86`	`_passwordResetProviders = passwordResetProviders.ToList();`
21	`87`	`_authenticationProviders = authenticationProviders.ToList();`
	`88`
21	`89`	`_invalidAuthProvider = _authenticationProviders.OfType<InvalidAuthProvider>().First();`
21	`90`	`_defaultAuthenticationProvider = _authenticationProviders.OfType<DefaultAuthenticationProvider>().First();`
21	`91`	`_defaultPasswordResetProvider = _passwordResetProviders.OfType<DefaultPasswordResetProvider>().First();`
	`92`
21	`93`	`_users = new ConcurrentDictionary<Guid, User>();`
21	`94`	`using var dbContext = _dbProvider.CreateDbContext();`
42	`95`	`foreach (var user in dbContext.Users`
21	`96`	`.AsSplitQuery()`
21	`97`	`.Include(user => user.Permissions)`
21	`98`	`.Include(user => user.Preferences)`
21	`99`	`.Include(user => user.AccessSchedules)`
21	`100`	`.Include(user => user.ProfileImage)`
21	`101`	`.AsEnumerable())`
	`102`	`{`
0	`103`	`_users.Add(user.Id, user);`
	`104`	`}`
21	`105`	`}`
	`106`
	`107`	`/// <inheritdoc/>`
	`108`	`public event EventHandler<GenericEventArgs<User>>? OnUserUpdated;`
	`109`
	`110`	`/// <inheritdoc/>`
39	`111`	`public IEnumerable<User> Users => _users.Values;`
	`112`
	`113`	`/// <inheritdoc/>`
0	`114`	`public IEnumerable<Guid> UsersIds => _users.Keys;`
	`115`
	`116`	`// This is some regex that matches only on unicode "word" characters, as well as -, _ and @`
	`117`	`// In theory this will cut out most if not all 'control' characters which should help minimize any weirdness`
	`118`	`// Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes`
	`119`	`[GeneratedRegex(@"^(?!\s)[\w\ \-'._@+]+(?<!\s)$")]`
	`120`	`private static partial Regex ValidUsernameRegex();`
	`121`
	`122`	`/// <inheritdoc/>`
	`123`	`public User? GetUserById(Guid id)`
	`124`	`{`
247	`125`	`if (id.IsEmpty())`
	`126`	`{`
0	`127`	`throw new ArgumentException("Guid can't be empty", nameof(id));`
	`128`	`}`
	`129`
247	`130`	`_users.TryGetValue(id, out var user);`
247	`131`	`return user;`
	`132`	`}`
	`133`
	`134`	`/// <inheritdoc/>`
	`135`	`public User? GetUserByName(string name)`
	`136`	`{`
15	`137`	`if (string.IsNullOrWhiteSpace(name))`
	`138`	`{`
0	`139`	`throw new ArgumentException("Invalid username", nameof(name));`
	`140`	`}`
	`141`
15	`142`	`return _users.Values.FirstOrDefault(u => string.Equals(u.Username, name, StringComparison.OrdinalIgnoreCase)`
	`143`	`}`
	`144`
	`145`	`/// <inheritdoc/>`
	`146`	`public async Task RenameUser(User user, string newName)`
	`147`	`{`
	`148`	`ArgumentNullException.ThrowIfNull(user);`
	`149`
	`150`	`ThrowIfInvalidUsername(newName);`
	`151`
	`152`	`if (user.Username.Equals(newName, StringComparison.OrdinalIgnoreCase))`
	`153`	`{`
	`154`	`throw new ArgumentException("The new and old names must be different.");`
	`155`	`}`
	`156`
	`157`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`158`	`await using (dbContext.ConfigureAwait(false))`
	`159`	`{`
	`160`	`#pragma warning disable CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`161`	`#pragma warning disable CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`162`	`#pragma warning disable CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
	`163`	`if (await dbContext.Users`
	`164`	`.AnyAsync(u => u.Username.ToUpper() == newName.ToUpper() && !u.Id.Equals(user.Id))`
	`165`	`.ConfigureAwait(false))`
	`166`	`{`
	`167`	`throw new ArgumentException(string.Format(`
	`168`	`CultureInfo.InvariantCulture,`
	`169`	`"A user with the name '{0}' already exists.",`
	`170`	`newName));`
	`171`	`}`
	`172`	`#pragma warning restore CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
	`173`	`#pragma warning restore CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`174`	`#pragma warning restore CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`175`
	`176`	`user.Username = newName;`
	`177`	`await UpdateUserInternalAsync(dbContext, user).ConfigureAwait(false);`
	`178`	`}`
	`179`
	`180`	`var eventArgs = new UserUpdatedEventArgs(user);`
	`181`	`await _eventManager.PublishAsync(eventArgs).ConfigureAwait(false);`
	`182`	`OnUserUpdated?.Invoke(this, eventArgs);`
	`183`	`}`
	`184`
	`185`	`/// <inheritdoc/>`
	`186`	`public async Task UpdateUserAsync(User user)`
	`187`	`{`
	`188`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`189`	`await using (dbContext.ConfigureAwait(false))`
	`190`	`{`
	`191`	`await UpdateUserInternalAsync(dbContext, user).ConfigureAwait(false);`
	`192`	`}`
	`193`	`}`
	`194`
	`195`	`internal async Task<User> CreateUserInternalAsync(string name, JellyfinDbContext dbContext)`
	`196`	`{`
	`197`	`// TODO: Remove after user item data is migrated.`
	`198`	`var max = await dbContext.Users.AsQueryable().AnyAsync().ConfigureAwait(false)`
	`199`	`? await dbContext.Users.AsQueryable().Select(u => u.InternalId).MaxAsync().ConfigureAwait(false)`
	`200`	`: 0;`
	`201`
	`202`	`var user = new User(`
	`203`	`name,`
	`204`	`_defaultAuthenticationProvider.GetType().FullName!,`
	`205`	`_defaultPasswordResetProvider.GetType().FullName!)`
	`206`	`{`
	`207`	`InternalId = max + 1`
	`208`	`};`
	`209`
	`210`	`user.AddDefaultPermissions();`
	`211`	`user.AddDefaultPreferences();`
	`212`
	`213`	`return user;`
	`214`	`}`
	`215`
	`216`	`/// <inheritdoc/>`
	`217`	`public async Task<User> CreateUserAsync(string name)`
	`218`	`{`
	`219`	`ThrowIfInvalidUsername(name);`
	`220`
	`221`	`if (Users.Any(u => u.Username.Equals(name, StringComparison.OrdinalIgnoreCase)))`
	`222`	`{`
	`223`	`throw new ArgumentException(string.Format(`
	`224`	`CultureInfo.InvariantCulture,`
	`225`	`"A user with the name '{0}' already exists.",`
	`226`	`name));`
	`227`	`}`
	`228`
	`229`	`User newUser;`
	`230`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`231`	`await using (dbContext.ConfigureAwait(false))`
	`232`	`{`
	`233`	`newUser = await CreateUserInternalAsync(name, dbContext).ConfigureAwait(false);`
	`234`
	`235`	`dbContext.Users.Add(newUser);`
	`236`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`237`	`_users.Add(newUser.Id, newUser);`
	`238`	`}`
	`239`
	`240`	`await _eventManager.PublishAsync(new UserCreatedEventArgs(newUser)).ConfigureAwait(false);`
	`241`
	`242`	`return newUser;`
	`243`	`}`
	`244`
	`245`	`/// <inheritdoc/>`
	`246`	`public async Task DeleteUserAsync(Guid userId)`
	`247`	`{`
	`248`	`if (!_users.TryGetValue(userId, out var user))`
	`249`	`{`
	`250`	`throw new ResourceNotFoundException(nameof(userId));`
	`251`	`}`
	`252`
	`253`	`if (_users.Count == 1)`
	`254`	`{`
	`255`	`throw new InvalidOperationException(string.Format(`
	`256`	`CultureInfo.InvariantCulture,`
	`257`	`"The user '{0}' cannot be deleted because there must be at least one user in the system.",`
	`258`	`user.Username));`
	`259`	`}`
	`260`
	`261`	`if (user.HasPermission(PermissionKind.IsAdministrator)`
	`262`	`&& Users.Count(i => i.HasPermission(PermissionKind.IsAdministrator)) == 1)`
	`263`	`{`
	`264`	`throw new ArgumentException(`
	`265`	`string.Format(`
	`266`	`CultureInfo.InvariantCulture,`
	`267`	`"The user '{0}' cannot be deleted because there must be at least one admin user in the system.",`
	`268`	`user.Username),`
	`269`	`nameof(userId));`
	`270`	`}`
	`271`
	`272`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`273`	`await using (dbContext.ConfigureAwait(false))`
	`274`	`{`
	`275`	`dbContext.Users.Remove(user);`
	`276`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`277`	`}`
	`278`
	`279`	`_users.Remove(userId);`
	`280`
	`281`	`await _eventManager.PublishAsync(new UserDeletedEventArgs(user)).ConfigureAwait(false);`
	`282`	`}`
	`283`
	`284`	`/// <inheritdoc/>`
	`285`	`public Task ResetPassword(User user)`
	`286`	`{`
0	`287`	`return ChangePassword(user, string.Empty);`
	`288`	`}`
	`289`
	`290`	`/// <inheritdoc/>`
	`291`	`public async Task ChangePassword(User user, string newPassword)`
	`292`	`{`
	`293`	`ArgumentNullException.ThrowIfNull(user);`
	`294`	`if (user.HasPermission(PermissionKind.IsAdministrator) && string.IsNullOrWhiteSpace(newPassword))`
	`295`	`{`
	`296`	`throw new ArgumentException("Admin user passwords must not be empty", nameof(newPassword));`
	`297`	`}`
	`298`
	`299`	`await GetAuthenticationProvider(user).ChangePassword(user, newPassword).ConfigureAwait(false);`
	`300`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`301`
	`302`	`await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(user)).ConfigureAwait(false);`
	`303`	`}`
	`304`
	`305`	`/// <inheritdoc/>`
	`306`	`public UserDto GetUserDto(User user, string? remoteEndPoint = null)`
	`307`	`{`
38	`308`	`var hasPassword = GetAuthenticationProvider(user).HasPassword(user);`
38	`309`	`var castReceiverApplications = _serverConfigurationManager.Configuration.CastReceiverApplications;`
38	`310`	`return new UserDto`
38	`311`	`{`
38	`312`	`Name = user.Username,`
38	`313`	`Id = user.Id,`
38	`314`	`ServerId = _appHost.SystemId,`
38	`315`	`HasPassword = hasPassword,`
38	`316`	`HasConfiguredPassword = hasPassword,`
38	`317`	`EnableAutoLogin = user.EnableAutoLogin,`
38	`318`	`LastLoginDate = user.LastLoginDate,`
38	`319`	`LastActivityDate = user.LastActivityDate,`
38	`320`	`PrimaryImageTag = user.ProfileImage is not null ? _imageProcessor.GetImageCacheTag(user) : null,`
38	`321`	`Configuration = new UserConfiguration`
38	`322`	`{`
38	`323`	`SubtitleMode = user.SubtitleMode,`
38	`324`	`HidePlayedInLatest = user.HidePlayedInLatest,`
38	`325`	`EnableLocalPassword = user.EnableLocalPassword,`
38	`326`	`PlayDefaultAudioTrack = user.PlayDefaultAudioTrack,`
38	`327`	`DisplayCollectionsView = user.DisplayCollectionsView,`
38	`328`	`DisplayMissingEpisodes = user.DisplayMissingEpisodes,`
38	`329`	`AudioLanguagePreference = user.AudioLanguagePreference,`
38	`330`	`RememberAudioSelections = user.RememberAudioSelections,`
38	`331`	`EnableNextEpisodeAutoPlay = user.EnableNextEpisodeAutoPlay,`
38	`332`	`RememberSubtitleSelections = user.RememberSubtitleSelections,`
38	`333`	`SubtitleLanguagePreference = user.SubtitleLanguagePreference ?? string.Empty,`
38	`334`	`OrderedViews = user.GetPreferenceValues<Guid>(PreferenceKind.OrderedViews),`
38	`335`	`GroupedFolders = user.GetPreferenceValues<Guid>(PreferenceKind.GroupedFolders),`
38	`336`	`MyMediaExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.MyMediaExcludes),`
38	`337`	`LatestItemsExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.LatestItemExcludes),`
38	`338`	`CastReceiverId = string.IsNullOrEmpty(user.CastReceiverId)`
38	`339`	`? castReceiverApplications.FirstOrDefault()?.Id`
38	`340`	`: castReceiverApplications.FirstOrDefault(c => string.Equals(c.Id, user.CastReceiverId, StringCo`
38	`341`	`?? castReceiverApplications.FirstOrDefault()?.Id`
38	`342`	`},`
38	`343`	`Policy = new UserPolicy`
38	`344`	`{`
38	`345`	`MaxParentalRating = user.MaxParentalRatingScore,`
38	`346`	`MaxParentalSubRating = user.MaxParentalRatingSubScore,`
38	`347`	`EnableUserPreferenceAccess = user.EnableUserPreferenceAccess,`
38	`348`	`RemoteClientBitrateLimit = user.RemoteClientBitrateLimit ?? 0,`
38	`349`	`AuthenticationProviderId = user.AuthenticationProviderId,`
38	`350`	`PasswordResetProviderId = user.PasswordResetProviderId,`
38	`351`	`InvalidLoginAttemptCount = user.InvalidLoginAttemptCount,`
38	`352`	`LoginAttemptsBeforeLockout = user.LoginAttemptsBeforeLockout ?? -1,`
38	`353`	`MaxActiveSessions = user.MaxActiveSessions,`
38	`354`	`IsAdministrator = user.HasPermission(PermissionKind.IsAdministrator),`
38	`355`	`IsHidden = user.HasPermission(PermissionKind.IsHidden),`
38	`356`	`IsDisabled = user.HasPermission(PermissionKind.IsDisabled),`
38	`357`	`EnableSharedDeviceControl = user.HasPermission(PermissionKind.EnableSharedDeviceControl),`
38	`358`	`EnableRemoteAccess = user.HasPermission(PermissionKind.EnableRemoteAccess),`
38	`359`	`EnableLiveTvManagement = user.HasPermission(PermissionKind.EnableLiveTvManagement),`
38	`360`	`EnableLiveTvAccess = user.HasPermission(PermissionKind.EnableLiveTvAccess),`
38	`361`	`EnableMediaPlayback = user.HasPermission(PermissionKind.EnableMediaPlayback),`
38	`362`	`EnableAudioPlaybackTranscoding = user.HasPermission(PermissionKind.EnableAudioPlaybackTranscoding),`
38	`363`	`EnableVideoPlaybackTranscoding = user.HasPermission(PermissionKind.EnableVideoPlaybackTranscoding),`
38	`364`	`EnableContentDeletion = user.HasPermission(PermissionKind.EnableContentDeletion),`
38	`365`	`EnableContentDownloading = user.HasPermission(PermissionKind.EnableContentDownloading),`
38	`366`	`EnableSyncTranscoding = user.HasPermission(PermissionKind.EnableSyncTranscoding),`
38	`367`	`EnableMediaConversion = user.HasPermission(PermissionKind.EnableMediaConversion),`
38	`368`	`EnableAllChannels = user.HasPermission(PermissionKind.EnableAllChannels),`
38	`369`	`EnableAllDevices = user.HasPermission(PermissionKind.EnableAllDevices),`
38	`370`	`EnableAllFolders = user.HasPermission(PermissionKind.EnableAllFolders),`
38	`371`	`EnableRemoteControlOfOtherUsers = user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers)`
38	`372`	`EnablePlaybackRemuxing = user.HasPermission(PermissionKind.EnablePlaybackRemuxing),`
38	`373`	`ForceRemoteSourceTranscoding = user.HasPermission(PermissionKind.ForceRemoteSourceTranscoding),`
38	`374`	`EnablePublicSharing = user.HasPermission(PermissionKind.EnablePublicSharing),`
38	`375`	`EnableCollectionManagement = user.HasPermission(PermissionKind.EnableCollectionManagement),`
38	`376`	`EnableSubtitleManagement = user.HasPermission(PermissionKind.EnableSubtitleManagement),`
38	`377`	`AccessSchedules = user.AccessSchedules.ToArray(),`
38	`378`	`BlockedTags = user.GetPreference(PreferenceKind.BlockedTags),`
38	`379`	`AllowedTags = user.GetPreference(PreferenceKind.AllowedTags),`
38	`380`	`EnabledChannels = user.GetPreferenceValues<Guid>(PreferenceKind.EnabledChannels),`
38	`381`	`EnabledDevices = user.GetPreference(PreferenceKind.EnabledDevices),`
38	`382`	`EnabledFolders = user.GetPreferenceValues<Guid>(PreferenceKind.EnabledFolders),`
38	`383`	`EnableContentDeletionFromFolders = user.GetPreference(PreferenceKind.EnableContentDeletionFromFolder`
38	`384`	`SyncPlayAccess = user.SyncPlayAccess,`
38	`385`	`BlockedChannels = user.GetPreferenceValues<Guid>(PreferenceKind.BlockedChannels),`
38	`386`	`BlockedMediaFolders = user.GetPreferenceValues<Guid>(PreferenceKind.BlockedMediaFolders),`
38	`387`	`BlockUnratedItems = user.GetPreferenceValues<UnratedItem>(PreferenceKind.BlockUnratedItems)`
38	`388`	`}`
38	`389`	`};`
	`390`	`}`
	`391`
	`392`	`/// <inheritdoc/>`
	`393`	`public async Task<User?> AuthenticateUser(`
	`394`	`string username,`
	`395`	`string password,`
	`396`	`string remoteEndPoint,`
	`397`	`bool isUserSession)`
	`398`	`{`
	`399`	`if (string.IsNullOrWhiteSpace(username))`
	`400`	`{`
	`401`	`_logger.LogInformation("Authentication request without username has been denied (IP: {IP}).", remoteEndP`
	`402`	`throw new ArgumentNullException(nameof(username));`
	`403`	`}`
	`404`
	`405`	`var user = Users.FirstOrDefault(i => string.Equals(username, i.Username, StringComparison.OrdinalIgnoreCase)`
	`406`	`var authResult = await AuthenticateLocalUser(username, password, user)`
	`407`	`.ConfigureAwait(false);`
	`408`	`var authenticationProvider = authResult.AuthenticationProvider;`
	`409`	`var success = authResult.Success;`
	`410`
	`411`	`if (user is null)`
	`412`	`{`
	`413`	`string updatedUsername = authResult.Username;`
	`414`
	`415`	`if (success`
	`416`	`&& authenticationProvider is not null`
	`417`	`&& authenticationProvider is not DefaultAuthenticationProvider)`
	`418`	`{`
	`419`	`// Trust the username returned by the authentication provider`
	`420`	`username = updatedUsername;`
	`421`
	`422`	`// Search the database for the user again`
	`423`	`// the authentication provider might have created it`
	`424`	`user = Users.FirstOrDefault(i => string.Equals(username, i.Username, StringComparison.OrdinalIgnoreC`
	`425`
	`426`	`if (authenticationProvider is IHasNewUserPolicy hasNewUserPolicy && user is not null)`
	`427`	`{`
	`428`	`await UpdatePolicyAsync(user.Id, hasNewUserPolicy.GetNewUserPolicy()).ConfigureAwait(false);`
	`429`	`}`
	`430`	`}`
	`431`	`}`
	`432`
	`433`	`if (success && user is not null && authenticationProvider is not null)`
	`434`	`{`
	`435`	`var providerId = authenticationProvider.GetType().FullName;`
	`436`
	`437`	`if (providerId is not null && !string.Equals(providerId, user.AuthenticationProviderId, StringComparison`
	`438`	`{`
	`439`	`user.AuthenticationProviderId = providerId;`
	`440`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`441`	`}`
	`442`	`}`
	`443`
	`444`	`if (user is null)`
	`445`	`{`
	`446`	`_logger.LogInformation(`
	`447`	`"Authentication request for {UserName} has been denied (IP: {IP}).",`
	`448`	`username,`
	`449`	`remoteEndPoint);`
	`450`	`throw new AuthenticationException("Invalid username or password entered.");`
	`451`	`}`
	`452`
	`453`	`if (user.HasPermission(PermissionKind.IsDisabled))`
	`454`	`{`
	`455`	`_logger.LogInformation(`
	`456`	`"Authentication request for {UserName} has been denied because this account is currently disabled (I`
	`457`	`username,`
	`458`	`remoteEndPoint);`
	`459`	`throw new SecurityException(`
	`460`	`$"The {user.Username} account is currently disabled. Please consult with your administrator.");`
	`461`	`}`
	`462`
	`463`	`if (!user.HasPermission(PermissionKind.EnableRemoteAccess) &&`
	`464`	`!_networkManager.IsInLocalNetwork(remoteEndPoint))`
	`465`	`{`
	`466`	`_logger.LogInformation(`
	`467`	`"Authentication request for {UserName} forbidden: remote access disabled and user not in local netwo`
	`468`	`username,`
	`469`	`remoteEndPoint);`
	`470`	`throw new SecurityException("Forbidden.");`
	`471`	`}`
	`472`
	`473`	`if (!user.IsParentalScheduleAllowed())`
	`474`	`{`
	`475`	`_logger.LogInformation(`
	`476`	`"Authentication request for {UserName} is not allowed at this time due parental restrictions (IP: {I`
	`477`	`username,`
	`478`	`remoteEndPoint);`
	`479`	`throw new SecurityException("User is not allowed access at this time.");`
	`480`	`}`
	`481`
	`482`	`// Update LastActivityDate and LastLoginDate, then save`
	`483`	`if (success)`
	`484`	`{`
	`485`	`if (isUserSession)`
	`486`	`{`
	`487`	`user.LastActivityDate = user.LastLoginDate = DateTime.UtcNow;`
	`488`	`}`
	`489`
	`490`	`user.InvalidLoginAttemptCount = 0;`
	`491`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`492`	`_logger.LogInformation("Authentication request for {UserName} has succeeded.", user.Username);`
	`493`	`}`
	`494`	`else`
	`495`	`{`
	`496`	`await IncrementInvalidLoginAttemptCount(user).ConfigureAwait(false);`
	`497`	`_logger.LogInformation(`
	`498`	`"Authentication request for {UserName} has been denied (IP: {IP}).",`
	`499`	`user.Username,`
	`500`	`remoteEndPoint);`
	`501`	`}`
	`502`
	`503`	`return success ? user : null;`
	`504`	`}`
	`505`
	`506`	`/// <inheritdoc/>`
	`507`	`public async Task<ForgotPasswordResult> StartForgotPasswordProcess(string enteredUsername, bool isInNetwork)`
	`508`	`{`
	`509`	`var user = string.IsNullOrWhiteSpace(enteredUsername) ? null : GetUserByName(enteredUsername);`
	`510`
	`511`	`if (user is not null && isInNetwork)`
	`512`	`{`
	`513`	`var passwordResetProvider = GetPasswordResetProvider(user);`
	`514`	`var result = await passwordResetProvider`
	`515`	`.StartForgotPasswordProcess(user, isInNetwork)`
	`516`	`.ConfigureAwait(false);`
	`517`
	`518`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`519`	`return result;`
	`520`	`}`
	`521`
	`522`	`return new ForgotPasswordResult`
	`523`	`{`
	`524`	`Action = ForgotPasswordAction.InNetworkRequired,`
	`525`	`PinFile = string.Empty`
	`526`	`};`
	`527`	`}`
	`528`
	`529`	`/// <inheritdoc/>`
	`530`	`public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)`
	`531`	`{`
	`532`	`foreach (var provider in _passwordResetProviders)`
	`533`	`{`
	`534`	`var result = await provider.RedeemPasswordResetPin(pin).ConfigureAwait(false);`
	`535`
	`536`	`if (result.Success)`
	`537`	`{`
	`538`	`return result;`
	`539`	`}`
	`540`	`}`
	`541`
	`542`	`return new PinRedeemResult();`
	`543`	`}`
	`544`
	`545`	`/// <inheritdoc />`
	`546`	`public async Task InitializeAsync()`
	`547`	`{`
	`548`	`// TODO: Refactor the startup wizard so that it doesn't require a user to already exist.`
	`549`	`if (_users.Any())`
	`550`	`{`
	`551`	`return;`
	`552`	`}`
	`553`
	`554`	`var defaultName = Environment.UserName;`
	`555`	`if (string.IsNullOrWhiteSpace(defaultName) \|\| !ValidUsernameRegex().IsMatch(defaultName))`
	`556`	`{`
	`557`	`defaultName = "MyJellyfinUser";`
	`558`	`}`
	`559`
	`560`	`_logger.LogWarning("No users, creating one with username {UserName}", defaultName);`
	`561`
	`562`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`563`	`await using (dbContext.ConfigureAwait(false))`
	`564`	`{`
	`565`	`var newUser = await CreateUserInternalAsync(defaultName, dbContext).ConfigureAwait(false);`
	`566`	`newUser.SetPermission(PermissionKind.IsAdministrator, true);`
	`567`	`newUser.SetPermission(PermissionKind.EnableContentDeletion, true);`
	`568`	`newUser.SetPermission(PermissionKind.EnableRemoteControlOfOtherUsers, true);`
	`569`
	`570`	`dbContext.Users.Add(newUser);`
	`571`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`572`	`_users.Add(newUser.Id, newUser);`
	`573`	`}`
	`574`	`}`
	`575`
	`576`	`/// <inheritdoc/>`
	`577`	`public NameIdPair[] GetAuthenticationProviders()`
	`578`	`{`
0	`579`	`return _authenticationProviders`
0	`580`	`.Where(provider => provider.IsEnabled)`
0	`581`	`.OrderBy(i => i is DefaultAuthenticationProvider ? 0 : 1)`
0	`582`	`.ThenBy(i => i.Name)`
0	`583`	`.Select(i => new NameIdPair`
0	`584`	`{`
0	`585`	`Name = i.Name,`
0	`586`	`Id = i.GetType().FullName`
0	`587`	`})`
0	`588`	`.ToArray();`
	`589`	`}`
	`590`
	`591`	`/// <inheritdoc/>`
	`592`	`public NameIdPair[] GetPasswordResetProviders()`
	`593`	`{`
0	`594`	`return _passwordResetProviders`
0	`595`	`.Where(provider => provider.IsEnabled)`
0	`596`	`.OrderBy(i => i is DefaultPasswordResetProvider ? 0 : 1)`
0	`597`	`.ThenBy(i => i.Name)`
0	`598`	`.Select(i => new NameIdPair`
0	`599`	`{`
0	`600`	`Name = i.Name,`
0	`601`	`Id = i.GetType().FullName`
0	`602`	`})`
0	`603`	`.ToArray();`
	`604`	`}`
	`605`
	`606`	`/// <inheritdoc/>`
	`607`	`public async Task UpdateConfigurationAsync(Guid userId, UserConfiguration config)`
	`608`	`{`
	`609`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`610`	`await using (dbContext.ConfigureAwait(false))`
	`611`	`{`
	`612`	`var user = dbContext.Users`
	`613`	`.Include(u => u.Permissions)`
	`614`	`.Include(u => u.Preferences)`
	`615`	`.Include(u => u.AccessSchedules)`
	`616`	`.Include(u => u.ProfileImage)`
	`617`	`.FirstOrDefault(u => u.Id.Equals(userId))`
	`618`	`?? throw new ArgumentException("No user exists with given Id!");`
	`619`
	`620`	`user.SubtitleMode = config.SubtitleMode;`
	`621`	`user.HidePlayedInLatest = config.HidePlayedInLatest;`
	`622`	`user.EnableLocalPassword = config.EnableLocalPassword;`
	`623`	`user.PlayDefaultAudioTrack = config.PlayDefaultAudioTrack;`
	`624`	`user.DisplayCollectionsView = config.DisplayCollectionsView;`
	`625`	`user.DisplayMissingEpisodes = config.DisplayMissingEpisodes;`
	`626`	`user.AudioLanguagePreference = config.AudioLanguagePreference;`
	`627`	`user.RememberAudioSelections = config.RememberAudioSelections;`
	`628`	`user.EnableNextEpisodeAutoPlay = config.EnableNextEpisodeAutoPlay;`
	`629`	`user.RememberSubtitleSelections = config.RememberSubtitleSelections;`
	`630`	`user.SubtitleLanguagePreference = config.SubtitleLanguagePreference;`
	`631`
	`632`	`// Only set cast receiver id if it is passed in and it exists in the server config.`
	`633`	`if (!string.IsNullOrEmpty(config.CastReceiverId)`
	`634`	`&& _serverConfigurationManager.Configuration.CastReceiverApplications.Any(c => string.Equals(c.Id, c`
	`635`	`{`
	`636`	`user.CastReceiverId = config.CastReceiverId;`
	`637`	`}`
	`638`
	`639`	`user.SetPreference(PreferenceKind.OrderedViews, config.OrderedViews);`
	`640`	`user.SetPreference(PreferenceKind.GroupedFolders, config.GroupedFolders);`
	`641`	`user.SetPreference(PreferenceKind.MyMediaExcludes, config.MyMediaExcludes);`
	`642`	`user.SetPreference(PreferenceKind.LatestItemExcludes, config.LatestItemsExcludes);`
	`643`
	`644`	`dbContext.Update(user);`
	`645`	`_users[user.Id] = user;`
	`646`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`647`	`}`
	`648`	`}`
	`649`
	`650`	`/// <inheritdoc/>`
	`651`	`public async Task UpdatePolicyAsync(Guid userId, UserPolicy policy)`
	`652`	`{`
	`653`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`654`	`await using (dbContext.ConfigureAwait(false))`
	`655`	`{`
	`656`	`var user = dbContext.Users`
	`657`	`.Include(u => u.Permissions)`
	`658`	`.Include(u => u.Preferences)`
	`659`	`.Include(u => u.AccessSchedules)`
	`660`	`.Include(u => u.ProfileImage)`
	`661`	`.FirstOrDefault(u => u.Id.Equals(userId))`
	`662`	`?? throw new ArgumentException("No user exists with given Id!");`
	`663`
	`664`	`// The default number of login attempts is 3, but for some god forsaken reason it's sent to the server a`
	`665`	`int? maxLoginAttempts = policy.LoginAttemptsBeforeLockout switch`
	`666`	`{`
	`667`	`-1 => null,`
	`668`	`0 => 3,`
	`669`	`_ => policy.LoginAttemptsBeforeLockout`
	`670`	`};`
	`671`
	`672`	`user.MaxParentalRatingScore = policy.MaxParentalRating;`
	`673`	`user.MaxParentalRatingSubScore = policy.MaxParentalSubRating;`
	`674`	`user.EnableUserPreferenceAccess = policy.EnableUserPreferenceAccess;`
	`675`	`user.RemoteClientBitrateLimit = policy.RemoteClientBitrateLimit;`
	`676`	`user.AuthenticationProviderId = policy.AuthenticationProviderId;`
	`677`	`user.PasswordResetProviderId = policy.PasswordResetProviderId;`
	`678`	`user.InvalidLoginAttemptCount = policy.InvalidLoginAttemptCount;`
	`679`	`user.LoginAttemptsBeforeLockout = maxLoginAttempts;`
	`680`	`user.MaxActiveSessions = policy.MaxActiveSessions;`
	`681`	`user.SyncPlayAccess = policy.SyncPlayAccess;`
	`682`	`user.SetPermission(PermissionKind.IsAdministrator, policy.IsAdministrator);`
	`683`	`user.SetPermission(PermissionKind.IsHidden, policy.IsHidden);`
	`684`	`user.SetPermission(PermissionKind.IsDisabled, policy.IsDisabled);`
	`685`	`user.SetPermission(PermissionKind.EnableSharedDeviceControl, policy.EnableSharedDeviceControl);`
	`686`	`user.SetPermission(PermissionKind.EnableRemoteAccess, policy.EnableRemoteAccess);`
	`687`	`user.SetPermission(PermissionKind.EnableLiveTvManagement, policy.EnableLiveTvManagement);`
	`688`	`user.SetPermission(PermissionKind.EnableLiveTvAccess, policy.EnableLiveTvAccess);`
	`689`	`user.SetPermission(PermissionKind.EnableMediaPlayback, policy.EnableMediaPlayback);`
	`690`	`user.SetPermission(PermissionKind.EnableAudioPlaybackTranscoding, policy.EnableAudioPlaybackTranscoding)`
	`691`	`user.SetPermission(PermissionKind.EnableVideoPlaybackTranscoding, policy.EnableVideoPlaybackTranscoding)`
	`692`	`user.SetPermission(PermissionKind.EnableContentDeletion, policy.EnableContentDeletion);`
	`693`	`user.SetPermission(PermissionKind.EnableContentDownloading, policy.EnableContentDownloading);`
	`694`	`user.SetPermission(PermissionKind.EnableSyncTranscoding, policy.EnableSyncTranscoding);`
	`695`	`user.SetPermission(PermissionKind.EnableMediaConversion, policy.EnableMediaConversion);`
	`696`	`user.SetPermission(PermissionKind.EnableAllChannels, policy.EnableAllChannels);`
	`697`	`user.SetPermission(PermissionKind.EnableAllDevices, policy.EnableAllDevices);`
	`698`	`user.SetPermission(PermissionKind.EnableAllFolders, policy.EnableAllFolders);`
	`699`	`user.SetPermission(PermissionKind.EnableRemoteControlOfOtherUsers, policy.EnableRemoteControlOfOtherUser`
	`700`	`user.SetPermission(PermissionKind.EnablePlaybackRemuxing, policy.EnablePlaybackRemuxing);`
	`701`	`user.SetPermission(PermissionKind.EnableCollectionManagement, policy.EnableCollectionManagement);`
	`702`	`user.SetPermission(PermissionKind.EnableSubtitleManagement, policy.EnableSubtitleManagement);`
	`703`	`user.SetPermission(PermissionKind.EnableLyricManagement, policy.EnableLyricManagement);`
	`704`	`user.SetPermission(PermissionKind.ForceRemoteSourceTranscoding, policy.ForceRemoteSourceTranscoding);`
	`705`	`user.SetPermission(PermissionKind.EnablePublicSharing, policy.EnablePublicSharing);`
	`706`
	`707`	`user.AccessSchedules.Clear();`
	`708`	`foreach (var policyAccessSchedule in policy.AccessSchedules)`
	`709`	`{`
	`710`	`user.AccessSchedules.Add(policyAccessSchedule);`
	`711`	`}`
	`712`
	`713`	`// TODO: fix this at some point`
	`714`	`user.SetPreference(PreferenceKind.BlockUnratedItems, policy.BlockUnratedItems ?? Array.Empty<UnratedItem`
	`715`	`user.SetPreference(PreferenceKind.BlockedTags, policy.BlockedTags);`
	`716`	`user.SetPreference(PreferenceKind.AllowedTags, policy.AllowedTags);`
	`717`	`user.SetPreference(PreferenceKind.EnabledChannels, policy.EnabledChannels);`
	`718`	`user.SetPreference(PreferenceKind.EnabledDevices, policy.EnabledDevices);`
	`719`	`user.SetPreference(PreferenceKind.EnabledFolders, policy.EnabledFolders);`
	`720`	`user.SetPreference(PreferenceKind.EnableContentDeletionFromFolders, policy.EnableContentDeletionFromFold`
	`721`
	`722`	`dbContext.Update(user);`
	`723`	`_users[user.Id] = user;`
	`724`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`725`	`}`
	`726`	`}`
	`727`
	`728`	`/// <inheritdoc/>`
	`729`	`public async Task ClearProfileImageAsync(User user)`
	`730`	`{`
	`731`	`if (user.ProfileImage is null)`
	`732`	`{`
	`733`	`return;`
	`734`	`}`
	`735`
	`736`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
	`737`	`await using (dbContext.ConfigureAwait(false))`
	`738`	`{`
	`739`	`dbContext.Remove(user.ProfileImage);`
	`740`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`741`	`}`
	`742`
	`743`	`user.ProfileImage = null;`
	`744`	`_users[user.Id] = user;`
	`745`	`}`
	`746`
	`747`	`internal static void ThrowIfInvalidUsername(string name)`
	`748`	`{`
15	`749`	`if (!string.IsNullOrWhiteSpace(name) && ValidUsernameRegex().IsMatch(name))`
	`750`	`{`
7	`751`	`return;`
	`752`	`}`
	`753`
8	`754`	`throw new ArgumentException("Usernames can contain unicode symbols, numbers (0-9), dashes (-), underscores (`
	`755`	`}`
	`756`
	`757`	`private IAuthenticationProvider GetAuthenticationProvider(User user)`
	`758`	`{`
41	`759`	`return GetAuthenticationProviders(user)[0];`
	`760`	`}`
	`761`
	`762`	`private IPasswordResetProvider GetPasswordResetProvider(User user)`
	`763`	`{`
0	`764`	`return GetPasswordResetProviders(user)[0];`
	`765`	`}`
	`766`
	`767`	`private List<IAuthenticationProvider> GetAuthenticationProviders(User? user)`
	`768`	`{`
56	`769`	`var authenticationProviderId = user?.AuthenticationProviderId;`
	`770`
56	`771`	`var providers = _authenticationProviders.Where(i => i.IsEnabled).ToList();`
	`772`
56	`773`	`if (!string.IsNullOrEmpty(authenticationProviderId))`
	`774`	`{`
56	`775`	`providers = providers.Where(i => string.Equals(authenticationProviderId, i.GetType().FullName, StringCom`
	`776`	`}`
	`777`
56	`778`	`if (providers.Count == 0)`
	`779`	`{`
	`780`	`// Assign the user to the InvalidAuthProvider since no configured auth provider was valid/found`
0	`781`	`_logger.LogWarning(`
0	`782`	`"User {Username} was found with invalid/missing Authentication Provider {AuthenticationProviderId}.`
0	`783`	`user?.Username,`
0	`784`	`user?.AuthenticationProviderId);`
0	`785`	`providers = new List<IAuthenticationProvider>`
0	`786`	`{`
0	`787`	`_invalidAuthProvider`
0	`788`	`};`
	`789`	`}`
	`790`
56	`791`	`return providers;`
	`792`	`}`
	`793`
	`794`	`private IPasswordResetProvider[] GetPasswordResetProviders(User user)`
	`795`	`{`
0	`796`	`var passwordResetProviderId = user.PasswordResetProviderId;`
0	`797`	`var providers = _passwordResetProviders.Where(i => i.IsEnabled).ToArray();`
	`798`
0	`799`	`if (!string.IsNullOrEmpty(passwordResetProviderId))`
	`800`	`{`
0	`801`	`providers = providers.Where(i =>`
0	`802`	`string.Equals(passwordResetProviderId, i.GetType().FullName, StringComparison.OrdinalIgnoreCase)`
0	`803`	`.ToArray();`
	`804`	`}`
	`805`
0	`806`	`if (providers.Length == 0)`
	`807`	`{`
0	`808`	`providers = new IPasswordResetProvider[]`
0	`809`	`{`
0	`810`	`_defaultPasswordResetProvider`
0	`811`	`};`
	`812`	`}`
	`813`
0	`814`	`return providers;`
	`815`	`}`
	`816`
	`817`	`private async Task<(IAuthenticationProvider? AuthenticationProvider, string Username, bool Success)> Authenticat`
	`818`	`string username,`
	`819`	`string password,`
	`820`	`User? user)`
	`821`	`{`
	`822`	`bool success = false;`
	`823`	`IAuthenticationProvider? authenticationProvider = null;`
	`824`
	`825`	`foreach (var provider in GetAuthenticationProviders(user))`
	`826`	`{`
	`827`	`var providerAuthResult =`
	`828`	`await AuthenticateWithProvider(provider, username, password, user).ConfigureAwait(false);`
	`829`	`var updatedUsername = providerAuthResult.Username;`
	`830`	`success = providerAuthResult.Success;`
	`831`
	`832`	`if (success)`
	`833`	`{`
	`834`	`authenticationProvider = provider;`
	`835`	`username = updatedUsername;`
	`836`	`break;`
	`837`	`}`
	`838`	`}`
	`839`
	`840`	`return (authenticationProvider, username, success);`
	`841`	`}`
	`842`
	`843`	`private async Task<(string Username, bool Success)> AuthenticateWithProvider(`
	`844`	`IAuthenticationProvider provider,`
	`845`	`string username,`
	`846`	`string password,`
	`847`	`User? resolvedUser)`
	`848`	`{`
	`849`	`try`
	`850`	`{`
	`851`	`var authenticationResult = provider is IRequiresResolvedUser requiresResolvedUser`
	`852`	`? await requiresResolvedUser.Authenticate(username, password, resolvedUser).ConfigureAwait(false)`
	`853`	`: await provider.Authenticate(username, password).ConfigureAwait(false);`
	`854`
	`855`	`if (authenticationResult.Username != username)`
	`856`	`{`
	`857`	`_logger.LogDebug("Authentication provider provided updated username {1}", authenticationResult.Usern`
	`858`	`username = authenticationResult.Username;`
	`859`	`}`
	`860`
	`861`	`return (username, true);`
	`862`	`}`
	`863`	`catch (AuthenticationException ex)`
	`864`	`{`
	`865`	`_logger.LogDebug(ex, "Error authenticating with provider {Provider}", provider.Name);`
	`866`
	`867`	`return (username, false);`
	`868`	`}`
	`869`	`}`
	`870`
	`871`	`private async Task IncrementInvalidLoginAttemptCount(User user)`
	`872`	`{`
	`873`	`user.InvalidLoginAttemptCount++;`
	`874`	`int? maxInvalidLogins = user.LoginAttemptsBeforeLockout;`
	`875`	`if (maxInvalidLogins.HasValue && user.InvalidLoginAttemptCount >= maxInvalidLogins)`
	`876`	`{`
	`877`	`user.SetPermission(PermissionKind.IsDisabled, true);`
	`878`	`await _eventManager.PublishAsync(new UserLockedOutEventArgs(user)).ConfigureAwait(false);`
	`879`	`_logger.LogWarning(`
	`880`	`"Disabling user {Username} due to {Attempts} unsuccessful login attempts.",`
	`881`	`user.Username,`
	`882`	`user.InvalidLoginAttemptCount);`
	`883`	`}`
	`884`
	`885`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`886`	`}`
	`887`
	`888`	`private async Task UpdateUserInternalAsync(JellyfinDbContext dbContext, User user)`
	`889`	`{`
	`890`	`dbContext.Users.Update(user);`
	`891`	`_users[user.Id] = user;`
	`892`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`893`	`}`
	`894`	`}`
	`895`	`}`

< Summary - Jellyfin

Coverage history

Metrics

File(s)

/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

Methods/Properties