Added the denied user check to the UserLoginModule. added a test case to cover it.

2025-08-14 02:26:55 -07:00 · 2016-03-09 12:28:54 +00:00 · 2016-03-09 12:28:54 +00:00 · 2ee94f78b4
commit 2ee94f78b4
parent 3eaf1971ec
6 changed files with 59 additions and 23 deletions
--- a/PlexRequests.UI/Modules/UserLoginModule.cs
+++ b/PlexRequests.UI/Modules/UserLoginModule.cs
@ -63,6 +63,12 @@ namespace PlexRequests.UI.Modules

            var settings = AuthService.GetSettings();
            var username = Request.Form.username.Value;
+
+            if (IsUserInDeniedList(username, settings))
+            {
+                return Response.AsJson(new JsonResponseModel { Result = false, Message = "Incorrect User or Password" });
+            }
+
            var password = string.Empty;
            if (settings.UsePassword)
            {
@ -87,9 +93,11 @@ namespace PlexRequests.UI.Modules
                authenticated = true;
            }

-
-            // Add to the session (Used in the BaseModules)
-            Session[SessionKeys.UsernameKey] = (string)username;
+            if (authenticated)
+            {
+                // Add to the session (Used in the BaseModules)
+                Session[SessionKeys.UsernameKey] = (string)username;
+            }

            return Response.AsJson(authenticated 
                ? new JsonResponseModel { Result = true } 
@ -101,5 +109,10 @@ namespace PlexRequests.UI.Modules
            var users = Api.GetUsers(authToken);
            return users.User.Any(x => x.Username == username);
        }
+
+        private bool IsUserInDeniedList(string username, AuthenticationSettings settings)
+        {
+            return settings.DeniedUserList.Any(x => x.Equals(username));
+        }
    }
 }
--- a/PlexRequests.UI/Views/Admin/Authentication.cshtml
+++ b/PlexRequests.UI/Views/Admin/Authentication.cshtml
@ -137,7 +137,7 @@
                            $('#users').append("<option>" + this + "</option>");
                        });
                    } else {
-                        $('#users').append("<option>No Users!</option>");
+                        $('#users').append("<option>No Users, Please refresh!</option>");
                    }
                },
                error: function (e) {
--- a/PlexRequests.UI/Views/Admin/CouchPotato.cshtml
+++ b/PlexRequests.UI/Views/Admin/CouchPotato.cshtml
@ -15,22 +15,6 @@
        <fieldset>
            <legend>CouchPotato Settings</legend>

-            <div class="form-group">
-                <label for="Enabled" class="col-lg-2 control-label">Enable CouchPotato</label>
-                <div class="col-lg-10 checkbox">
-                    <label>
-                        @if (Model.Enabled)
-                        {
-                            <input type="checkbox" id="Enabled" name="Enabled" checked="checked">
-                        }
-                        else
-                        {
-                            <input type="checkbox" id="Enabled" name="Enabled">
-                        }
-                    </label>
-                </div>
-            </div>
-
            <div class="form-group">
                <label for="Ip" class="col-lg-2 control-label">CouchPotato Hostname or IP</label>
                <div class="col-lg-10">