diff --git a/data/interfaces/default/settings.html b/data/interfaces/default/settings.html
index b3f056f3..2e7620da 100644
--- a/data/interfaces/default/settings.html
+++ b/data/interfaces/default/settings.html
@@ -660,20 +660,10 @@
-
Password for web server authentication. Leave empty to disable.
-
-
-
-
Store a hashed password in the config file.
Warning: Your password cannot be recovered if forgotten!
-
-
diff --git a/plexpy/api2.py b/plexpy/api2.py
index c04ae83b..6d34aee9 100644
--- a/plexpy/api2.py
+++ b/plexpy/api2.py
@@ -647,13 +647,7 @@ General optional parameters:
data = None
apikey = hashlib.sha224(str(random.getrandbits(256)).encode('utf-8')).hexdigest()[0:32]
if plexpy.CONFIG.HTTP_USERNAME and plexpy.CONFIG.HTTP_PASSWORD:
- authenticated = False
- if plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
- username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD):
- authenticated = True
- elif not plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
- username == plexpy.CONFIG.HTTP_USERNAME and password == plexpy.CONFIG.HTTP_PASSWORD:
- authenticated = True
+ authenticated = username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD)
if authenticated:
if plexpy.CONFIG.API_KEY:
diff --git a/plexpy/config.py b/plexpy/config.py
index f17a9829..d46f777a 100644
--- a/plexpy/config.py
+++ b/plexpy/config.py
@@ -24,6 +24,7 @@ import time
import threading
from configobj import ConfigObj, ParseError
+from hashing_passwords import make_hash
import plexpy
if plexpy.PYTHON2:
@@ -124,8 +125,8 @@ _CONFIG_DEFINITIONS = {
'HTTPS_IP': (str, 'General', '127.0.0.1'),
'HTTP_BASIC_AUTH': (int, 'General', 0),
'HTTP_ENVIRONMENT': (str, 'General', 'production'),
- 'HTTP_HASH_PASSWORD': (int, 'General', 0),
- 'HTTP_HASHED_PASSWORD': (int, 'General', 0),
+ 'HTTP_HASH_PASSWORD': (int, 'General', 1),
+ 'HTTP_HASHED_PASSWORD': (int, 'General', 1),
'HTTP_HOST': (str, 'General', '0.0.0.0'),
'HTTP_PASSWORD': (str, 'General', ''),
'HTTP_PORT': (int, 'General', 8181),
@@ -569,3 +570,13 @@ class Config(object):
int(self.CHECK_GITHUB_INTERVAL // 60)
+ (self.CHECK_GITHUB_INTERVAL % 60 > 0)
)
+
+ self.CONFIG_VERSION = 19
+
+ if self.CONFIG_VERSION == 19:
+ if not self.HTTP_HASHED_PASSWORD:
+ self.HTTP_PASSWORD = make_hash(self.HTTP_PASSWORD)
+ self.HTTP_HASH_PASSWORD = 1
+ self.HTTP_HASHED_PASSWORD = 1
+
+ self.CONFIG_VERSION = 20
diff --git a/plexpy/webauth.py b/plexpy/webauth.py
index 052b8334..e081c0a7 100644
--- a/plexpy/webauth.py
+++ b/plexpy/webauth.py
@@ -132,12 +132,7 @@ def check_credentials(username=None, password=None, token=None, admin_login='0',
if username and password:
if plexpy.CONFIG.HTTP_PASSWORD:
user_details = {'user_id': None, 'username': username}
-
- if plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
- username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD):
- return True, user_details, 'admin'
- elif not plexpy.CONFIG.HTTP_HASHED_PASSWORD and \
- username == plexpy.CONFIG.HTTP_USERNAME and password == plexpy.CONFIG.HTTP_PASSWORD:
+ if username == plexpy.CONFIG.HTTP_USERNAME and check_hash(password, plexpy.CONFIG.HTTP_PASSWORD):
return True, user_details, 'admin'
if plexpy.CONFIG.HTTP_PLEX_ADMIN or (not admin_login == '1' and plexpy.CONFIG.ALLOW_GUEST_ACCESS):
diff --git a/plexpy/webserve.py b/plexpy/webserve.py
index 7cbf00cd..6d17281e 100644
--- a/plexpy/webserve.py
+++ b/plexpy/webserve.py
@@ -3133,8 +3133,6 @@ class WebInterface(object):
"allow_guest_access": checked(plexpy.CONFIG.ALLOW_GUEST_ACCESS),
"history_table_activity": checked(plexpy.CONFIG.HISTORY_TABLE_ACTIVITY),
"http_basic_auth": checked(plexpy.CONFIG.HTTP_BASIC_AUTH),
- "http_hash_password": checked(plexpy.CONFIG.HTTP_HASH_PASSWORD),
- "http_hashed_password": plexpy.CONFIG.HTTP_HASHED_PASSWORD,
"http_host": plexpy.CONFIG.HTTP_HOST,
"http_username": plexpy.CONFIG.HTTP_USERNAME,
"http_port": plexpy.CONFIG.HTTP_PORT,
@@ -3271,7 +3269,7 @@ class WebInterface(object):
"notify_group_recently_added_grandparent", "notify_group_recently_added_parent",
"notify_new_device_initial_only",
"notify_server_update_repeat", "notify_plexpy_update_repeat",
- "monitor_pms_updates", "get_file_sizes", "log_blacklist", "http_hash_password",
+ "monitor_pms_updates", "get_file_sizes", "log_blacklist",
"allow_guest_access", "cache_images", "http_proxy", "http_basic_auth", "notify_concurrent_by_ip",
"history_table_activity", "plexpy_auto_update",
"themoviedb_lookup", "tvmaze_lookup", "musicbrainz_lookup", "http_plex_admin",
@@ -3285,29 +3283,12 @@ class WebInterface(object):
kwargs[checked_config] = 1
# If http password exists in config, do not overwrite when blank value received
- if kwargs.get('http_password'):
- if kwargs['http_password'] == ' ' and plexpy.CONFIG.HTTP_PASSWORD != '':
- if kwargs.get('http_hash_password') and not plexpy.CONFIG.HTTP_HASHED_PASSWORD:
- kwargs['http_password'] = make_hash(plexpy.CONFIG.HTTP_PASSWORD)
- kwargs['http_hashed_password'] = 1
- else:
- kwargs['http_password'] = plexpy.CONFIG.HTTP_PASSWORD
-
- elif kwargs['http_password'] and kwargs.get('http_hash_password'):
- kwargs['http_password'] = make_hash(kwargs['http_password'])
- kwargs['http_hashed_password'] = 1
-
- # Flag to refresh JWT uuid to log out clients
- kwargs['jwt_update_secret'] = True and not first_run
-
- elif not kwargs.get('http_hash_password'):
- kwargs['http_hashed_password'] = 0
-
- # Flag to refresh JWT uuid to log out clients
- kwargs['jwt_update_secret'] = True and not first_run
-
+ if kwargs.get('http_password') != ' ':
+ kwargs['http_password'] = make_hash(kwargs['http_password'])
+ # Flag to refresh JWT uuid to log out clients
+ kwargs['jwt_update_secret'] = True and not first_run
else:
- kwargs['http_hashed_password'] = 0
+ kwargs['http_password'] = plexpy.CONFIG.HTTP_PASSWORD
for plain_config, use_config in [(x[4:], x) for x in kwargs if x.startswith('use_')]:
# the use prefix is fairly nice in the html, but does not match the actual config