/// <inheritdoc />
public AuthenticationResult Authenticate(IUnsafePacketReader credentialsReader, out IAccountSession session, out Account account)
{
// Default value for failure scenarios:
session = null;
// TODO: user name validation, throw IllegalPacketException if not valid
var userName = credentialsReader.ReadLengthString();
// Attempt to load the account.
account = _accountProvider.LoadByUserName(userName);
if (account == null)
{
// Fail with 'NotRegistered' if no account matches.
return(AuthenticationResult.NotRegistered);
}
// TODO: password validation, throw IllegalPacketException if not valid
var password = credentialsReader.ReadLengthString();
string hash = LoginCrypto.GetMd5HashString(password, true);
if (!string.Equals(hash, account.Password, StringComparison.Ordinal))
{
// Fail with 'IncorrectPassword' if password hash is bad.
return(AuthenticationResult.IncorrectPassword);
}
// TODO: read other stuff from packet
int sessionId;
if (!_accountService.TryRegisterSession(account.AccountId, out sessionId))
{
// Fail with 'AlreadyLoggedIn' if there is another session running on this account.
return(AuthenticationResult.AlreadyLoggedIn);
}
// Create the session.
session = new AccountSession(_accountService, sessionId, account);
return(AuthenticationResult.Success);
}
/// <inheritdoc />
public AuthenticationResult Authenticate(IUnsafePacketReader credentialsReader, out IAccountSession session, out Account account)
{
// Default value for failure scenarios:
session = null;
// TODO: user name validation, throw IllegalPacketException if not valid
var userName = credentialsReader.ReadLengthString();
// Attempt to load the account.
account = this.accountProvider.LoadByUserName(userName);
if (account == null)
{
// Fail with 'NotRegistered' if no account matches.
return AuthenticationResult.NotRegistered;
}
// TODO: password validation, throw IllegalPacketException if not valid
var password = credentialsReader.ReadLengthString();
string hash = LoginCrypto.GetMd5HashString(password, true);
if (!string.Equals(hash, account.Password, StringComparison.Ordinal))
{
// Fail with 'IncorrectPassword' if password hash is bad.
return AuthenticationResult.IncorrectPassword;
}
// TODO: read other stuff from packet
int sessionId;
if (!this.accountService.TryRegisterSession(account.AccountId, out sessionId))
{
// Fail with 'AlreadyLoggedIn' if there is another session running on this account.
return AuthenticationResult.AlreadyLoggedIn;
}
// Create the session.
session = new AccountSession(this.accountService, sessionId, account);
return AuthenticationResult.Success;
}