internal async Task <SessionInfoWithError> VerifyTokenAsync(string token, bool force = false)
{
WebCache_Session s = await _db.Sessions.FirstOrDefaultAsync(a => a.Token == token);
if (s == null)
{
return new SessionInfoWithError {
Error = StatusCode(403, "Invalid Token")
}
}
;
if (s.Expiration < DateTime.UtcNow)
{
//Lets reuse this call to kill em all, and do some database cleaning.
_db.RemoveRange(_db.Sessions.Where(a => a.Expiration < DateTime.UtcNow));
await _db.SaveChangesAsync();
return(new SessionInfoWithError {
Error = StatusCode(403, "Invalid Token")
});
}
if (s.Expiration.AddHours(-8) < DateTime.UtcNow || force) //Refresh Expiration if we have less than 8 hours left
{
s.Expiration = DateTime.UtcNow.AddHours(GetTokenExpirationInHours());
await _db.SaveChangesAsync();
}
WebCache_Ban b = GetBan(s.AniDBUserId);
if (b != null)
{
return new SessionInfoWithError {
Error = StatusCode(403, "Banned: " + b.Reason + " Expiration:" + b.ExpirationUTC.ToLongDateString())
}
}
;
SessionInfoWithError si = new SessionInfoWithError {
AniDBUserId = s.AniDBUserId, AniDBUserName = s.AniDBUserName, Expiration = s.Expiration, Token = s.Token
};
si.Role = GetRole(s.AniDBUserId);
si.Error = null;
return(si);
}
public async Task <IActionResult> Verify(WebCache_AniDBLoggedInfo data)
{
try
{
CookieContainer cookieContainer = new CookieContainer();
using (var handler = new HttpClientHandler {
CookieContainer = cookieContainer
})
using (var client = new HttpClient(handler))
{
string curi = GetAniDBUserVerificationUri();
string regex = GetAniDBUserVerificationRegEx();
client.DefaultRequestHeaders.TryAddWithoutValidation("User-Agent", User_Agent);
Uri uri = new Uri(curi);
Regex rn = new Regex(regex, RegexOptions.Singleline);
foreach (string k in data.Cookies.Keys)
{
cookieContainer.Add(new Cookie(k, data.Cookies[k], "/", uri.Host));
}
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, uri);
HttpResponseMessage response = await client.SendAsync(request, HttpCompletionOption.ResponseContentRead);
if (response.IsSuccessStatusCode)
{
string str = await response.Content.ReadAsStringAsync();
response.Dispose();
Match m = rn.Match(str);
if (m.Success)
{
if (m.Groups.Count > 1)
{
string val = m.Groups["username"]?.Value;
string id = m.Groups["id"]?.Value;
int aniid;
if (val != null && id != null && int.TryParse(id, out aniid))
{
if (string.Compare(val, data.UserName, StringComparison.InvariantCultureIgnoreCase) == 0)
{
uri = new Uri(GetAniDBLogoutUri());
try
{
request = new HttpRequestMessage(HttpMethod.Get, uri);
response = await client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
response.Dispose();
}
catch (Exception)
{
//ignore
}
WebCache_User u = await _db.Users.FirstOrDefaultAsync(a => a.AniDBUserId == aniid);
if (u == null)
{
u = new WebCache_User();
u.AniDBUserId = aniid;
u.AniDBUserName = val;
_db.Add(u);
}
else if (u.AniDBUserName != val)
{
u.AniDBUserName = val;
}
WebCache_Session s = new WebCache_Session();
s.Token = Guid.NewGuid().ToString().Replace("-", string.Empty);
s.Expiration = DateTime.UtcNow.AddHours(GetTokenExpirationInHours());
s.AniDBUserName = val;
s.AniDBUserId = aniid;
_db.Add(s);
await _db.SaveChangesAsync();
SessionInfoWithError si = new SessionInfoWithError {
AniDBUserId = s.AniDBUserId, AniDBUserName = s.AniDBUserName, Expiration = s.Expiration, Token = s.Token
};
si.Role = GetRole(s.AniDBUserId);
si.Error = null;
return(new JsonResult(s));
}
}
}
}
}
}
return(StatusCode(403, "Invalid credentials"));
}
catch (Exception e)
{
_logger.LogError(e, $"VERIFY with UserName={data.UserName}");
return(StatusCode(500));
}
}
