Beispiel #1
0
        /// <summary> Function holding client Login validation and recording</summary>
        /// <param name="user"> Username to login as </param>
        /// <param name="pass"> password provided by client </param>
        /// <param name="remoteIP"> IP of client </param>
        /// <param name="version"> Version of Client</param>
        /// <returns> <see cref="LoginOutcome"/> containing result information </returns>
        private LoginOutcome Login(string user, string pass, string remoteIP, string version = null)
        {
            Credentials   creds    = null;
            LoginResult   result   = LoginResult.Failed_Unspecified;
            string        reason   = "none";
            UserLoginInfo userInfo = userDB.Get(user);

            if (version != versionCode)
            {
                Log.Debug($"{nameof(LoginService)}: Version mismatch {version}, expected {versionCode}");
                reason = VERSION_MISMATCH;
                result = LoginResult.Failed_VersionMismatch;
            }
            else if (!usernameValidator(user))
            {
                Log.Debug($"{nameof(LoginService)}: Bad username {user}");
                reason = "Invalid Username";
                result = LoginResult.Failed_BadUsername;
            }
            else if (userInfo == null)
            {
                Log.Debug($"{nameof(LoginService)}: User {user} not found, creating them now. ");

                userInfo = CreateNewUser(user, pass, remoteIP);

                if (userInfo != null)
                {
                    result = LoginResult.Success_Created;
                    string token = EncodeJWT(new JsonObject("user", user), "Reee", 60 * 60 * 24);
                    creds = new Credentials(user, token, userInfo.guid);
                }
                else
                {
                    result = LoginResult.Failed_CreationCooldown;
                    reason = "Too many account creations";
                }
            }
            else
            {
                // Check credentials against existing credentials.
                if (loginsByUserId.ContainsKey(userInfo.guid))
                {
                    reason = "Already logged in";
                    result = LoginResult.Failed_UserAlreadyLoggedIn;
                }
                else if (!Verify(userInfo.hash, pass))
                {
                    reason = "Bad credentials";
                    result = LoginResult.Failed_BadCredentials;
                }
                else                     // normal existing user login
                {
                    string token = EncodeJWT(new JsonObject("user", user), "Reee", 60 * 60 * 24);
                    creds  = new Credentials(user, token, userInfo.guid);
                    result = LoginResult.Success;
                }
            }

            LoginAttempt attempt = new LoginAttempt();


            attempt.result      = result;
            attempt.result_desc = result.ToString();
            attempt.timestamp   = DateTime.UtcNow;
            //string hash = Hash(pass);
            //attempt.hash = hash;
            attempt.userName = user;
            attempt.ip       = remoteIP;
            if (userInfo != null)
            {
                attempt.success  = true;
                attempt.creation = result == LoginResult.Success_Created;
            }
            else
            {
                attempt.success = attempt.creation = false;
            }

            loginAttemptDB.Save($"{attempt.timestamp.UnixTimestamp()}-{attempt.userName}", attempt);

            LoginOutcome outcome;

            outcome.creds    = creds;
            outcome.result   = result;
            outcome.reason   = reason;;
            outcome.userInfo = userInfo;

            return(outcome);
        }