Radarr/src/Radarr.Http/Authentication/AuthenticationService.cs

using Microsoft.AspNetCore.Http;
using NLog;
using NzbDrone.Core.Authentication;
using NzbDrone.Core.Configuration;
using Radarr.Http.Extensions;

namespace Radarr.Http.Authentication
{
    public interface IAuthenticationService
    {
        void LogUnauthorized(HttpRequest context);
        User Login(HttpRequest request, string username, string password);
        void Logout(HttpContext context);
    }

    public class AuthenticationService : IAuthenticationService
    {
        private static readonly Logger _authLogger = LogManager.GetLogger("Auth");
        private readonly IUserService _userService;

        private static AuthenticationType AUTH_METHOD;

        public AuthenticationService(IConfigFileProvider configFileProvider, IUserService userService)
        {
            _userService = userService;
            AUTH_METHOD = configFileProvider.AuthenticationMethod;
        }

        public User Login(HttpRequest request, string username, string password)
        {
            if (AUTH_METHOD == AuthenticationType.None)
            {
                return null;
            }

            var user = _userService.FindUser(username, password);

            if (user != null)
            {
                LogSuccess(request, username);

                return user;
            }

            LogFailure(request, username);

            return null;
        }

        public void Logout(HttpContext context)
        {
            if (AUTH_METHOD == AuthenticationType.None)
            {
                return;
            }

            if (context.User != null)
            {
                LogLogout(context.Request, context.User.Identity.Name);
            }
        }

        public void LogUnauthorized(HttpRequest context)
        {
            _authLogger.Info("Auth-Unauthorized ip {0} url '{1}'", context.GetRemoteIP(), context.Path);
        }

        private void LogInvalidated(HttpRequest context)
        {
            _authLogger.Info("Auth-Invalidated ip {0}", context.GetRemoteIP());
        }

        private void LogFailure(HttpRequest context, string username)
        {
            _authLogger.Warn("Auth-Failure ip {0} username '{1}'", context.GetRemoteIP(), username);
        }

        private void LogSuccess(HttpRequest context, string username)
        {
            _authLogger.Info("Auth-Success ip {0} username '{1}'", context.GetRemoteIP(), username);
        }

        private void LogLogout(HttpRequest context, string username)
        {
            _authLogger.Info("Auth-Logout ip {0} username '{1}'", context.GetRemoteIP(), username);
        }
    }
}
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`using Microsoft.AspNetCore.Http;`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`using NLog;`
New: Forms authentication 2015-01-26 02:03:21 +00:00			`using NzbDrone.Core.Authentication;`
Added Auth, startup options to UI Added caching to ConfigFileProvider, 2013-05-23 05:12:01 +00:00			`using NzbDrone.Core.Configuration;`
New: Backend changes for new UI 2018-11-23 07:03:32 +00:00			`using Radarr.Http.Extensions;`
Basic Authentication Added 2013-05-22 00:58:57 +00:00
New: Backend changes for new UI 2018-11-23 07:03:32 +00:00			`namespace Radarr.Http.Authentication`
Basic Authentication Added 2013-05-22 00:58:57 +00:00			`{`
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`public interface IAuthenticationService`
fixed authentication. at least locally. need to test remote. 2013-05-23 02:10:02 +00:00			`{`
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`void LogUnauthorized(HttpRequest context);`
			`User Login(HttpRequest request, string username, string password);`
			`void Logout(HttpContext context);`
fixed authentication. at least locally. need to test remote. 2013-05-23 02:10:02 +00:00			`}`

			`public class AuthenticationService : IAuthenticationService`
Basic Authentication Added 2013-05-22 00:58:57 +00:00			`{`
Reformat and apply Stylecop rules 2019-12-22 22:08:53 +00:00			`private static readonly Logger _authLogger = LogManager.GetLogger("Auth");`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`private readonly IUserService _userService;`

Reloading the page before restarting won't break the UI when changing authentication method 2015-02-02 19:54:49 +00:00			`private static AuthenticationType AUTH_METHOD;`
fixed authentication. at least locally. need to test remote. 2013-05-23 02:10:02 +00:00
Removed obsolete code. 2019-09-01 09:28:07 +00:00			`public AuthenticationService(IConfigFileProvider configFileProvider, IUserService userService)`
Basic Authentication Added 2013-05-22 00:58:57 +00:00			`{`
New: Forms authentication 2015-01-26 02:03:21 +00:00			`_userService = userService;`
Reloading the page before restarting won't break the UI when changing authentication method 2015-02-02 19:54:49 +00:00			`AUTH_METHOD = configFileProvider.AuthenticationMethod;`
Basic Authentication Added 2013-05-22 00:58:57 +00:00			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`public User Login(HttpRequest request, string username, string password)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
			`if (AUTH_METHOD == AuthenticationType.None)`
			`{`
			`return null;`
			`}`

			`var user = _userService.FindUser(username, password);`

			`if (user != null)`
			`{`
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`LogSuccess(request, username);`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00
			`return user;`
			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`LogFailure(request, username);`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00
			`return null;`
			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`public void Logout(HttpContext context)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
			`if (AUTH_METHOD == AuthenticationType.None)`
			`{`
			`return;`
			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`if (context.User != null)`
Reformat and apply Stylecop rules 2019-12-22 22:08:53 +00:00			`{`
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`LogLogout(context.Request, context.User.Identity.Name);`
Reformat and apply Stylecop rules 2019-12-22 22:08:53 +00:00			`}`
Allow Basic Auth on API 2013-09-23 22:31:50 +00:00			`}`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`public void LogUnauthorized(HttpRequest context)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`_authLogger.Info("Auth-Unauthorized ip {0} url '{1}'", context.GetRemoteIP(), context.Path);`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`private void LogInvalidated(HttpRequest context)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
Added UserAgent to api request trace log 2020-05-05 18:14:07 +00:00			`_authLogger.Info("Auth-Invalidated ip {0}", context.GetRemoteIP());`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`private void LogFailure(HttpRequest context, string username)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
Added UserAgent to api request trace log 2020-05-05 18:14:07 +00:00			`_authLogger.Warn("Auth-Failure ip {0} username '{1}'", context.GetRemoteIP(), username);`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`private void LogSuccess(HttpRequest context, string username)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
Added UserAgent to api request trace log 2020-05-05 18:14:07 +00:00			`_authLogger.Info("Auth-Success ip {0} username '{1}'", context.GetRemoteIP(), username);`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`}`

New: Use ASP.NET Core instead of Nancy 2021-10-21 20:04:19 +00:00			`private void LogLogout(HttpRequest context, string username)`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`{`
Added UserAgent to api request trace log 2020-05-05 18:14:07 +00:00			`_authLogger.Info("Auth-Logout ip {0} username '{1}'", context.GetRemoteIP(), username);`
New: Added Auth-* log entries for fail2ban purposes 2019-08-27 21:29:16 +00:00			`}`
Basic Authentication Added 2013-05-22 00:58:57 +00:00			`}`
			`}`