chore: deprecate EasyPassword as it isn't very secure

2026-05-31 12:58:28 +01:00 · 2023-05-26 19:40:40 +02:00
parent 4a9bcbd626
commit 716bcc6410
8 changed files with 18 additions and 108 deletions
--- a/Jellyfin.Server.Implementations/Users/UserManager.cs
+++ b/Jellyfin.Server.Implementations/Users/UserManager.cs
@@ -268,12 +268,6 @@ namespace Jellyfin.Server.Implementations.Users
            return ChangePassword(user, string.Empty);
        }

-        /// <inheritdoc/>
-        public Task ResetEasyPassword(User user)
-        {
-            return ChangeEasyPassword(user, string.Empty, null);
-        }
-
        /// <inheritdoc/>
        public async Task ChangePassword(User user, string newPassword)
        {
@@ -285,25 +279,6 @@ namespace Jellyfin.Server.Implementations.Users
            await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(user)).ConfigureAwait(false);
        }

-        /// <inheritdoc/>
-        public async Task ChangeEasyPassword(User user, string newPassword, string? newPasswordSha1)
-        {
-            if (newPassword is not null)
-            {
-                newPasswordSha1 = _cryptoProvider.CreatePasswordHash(newPassword).ToString();
-            }
-
-            if (string.IsNullOrWhiteSpace(newPasswordSha1))
-            {
-                throw new ArgumentNullException(nameof(newPasswordSha1));
-            }
-
-            user.EasyPassword = newPasswordSha1;
-            await UpdateUserAsync(user).ConfigureAwait(false);
-
-            await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(user)).ConfigureAwait(false);
-        }
-
        /// <inheritdoc/>
        public UserDto GetUserDto(User user, string? remoteEndPoint = null)
        {
@@ -315,7 +290,6 @@ namespace Jellyfin.Server.Implementations.Users
                ServerId = _appHost.SystemId,
                HasPassword = hasPassword,
                HasConfiguredPassword = hasPassword,
-                HasConfiguredEasyPassword = !string.IsNullOrEmpty(user.EasyPassword),
                EnableAutoLogin = user.EnableAutoLogin,
                LastLoginDate = user.LastLoginDate,
                LastActivityDate = user.LastActivityDate,
@@ -832,16 +806,6 @@ namespace Jellyfin.Server.Implementations.Users
                }
            }

-            if (!success
-                && _networkManager.IsInLocalNetwork(remoteEndPoint)
-                && user?.EnableLocalPassword == true
-                && !string.IsNullOrEmpty(user.EasyPassword))
-            {
-                // Check easy password
-                var passwordHash = PasswordHash.Parse(user.EasyPassword);
-                success = _cryptoProvider.Verify(passwordHash, password);
-            }
-
            return (authenticationProvider, username, success);
        }