public bool TryAuthenticate(AuthHeaders headers, out string error)
{
error = null;
if (string.IsNullOrEmpty(headers?.User))
{
error = $"The X-TZKT-USER header is required";
return(false);
}
if (string.IsNullOrEmpty(headers.Password))
{
error = $"The X-TZKT-PASSWORD header is required";
return(false);
}
if (!Config.Credentials.TryGetValue(headers.User, out var password))
{
error = $"User {headers.User} doesn't exist";
return(false);
}
if (headers.Password != password)
{
error = $"Invalid password";
return(false);
}
return(true);
}
public bool TryAuthenticate(AuthHeaders headers, out string error)
{
error = null;
if (string.IsNullOrEmpty(headers?.User))
{
error = $"The X-TZKT-USER header is required";
return(false);
}
if (headers.Nonce == null)
{
error = $"The X-TZKT-NONCE header is required";
return(false);
}
if (string.IsNullOrEmpty(headers.Signature))
{
error = $"The X-TZKT-SIGNATURE header is required";
return(false);
}
if (!Config.Credentials.TryGetValue(headers.User, out var pubKey))
{
error = $"User {headers.User} doesn't exist";
return(false);
}
var nonce = (long)headers.Nonce;
var nonceTime = DateTime.UnixEpoch.AddMilliseconds(nonce);
if (nonceTime < DateTime.UtcNow.AddSeconds(-Config.NonceLifetime))
{
error = $"Nonce too old. Server time: {DateTime.UtcNow}, nonce: {nonceTime}";
return(false);
}
if (nonce <= Nonces[headers.User])
{
error = $"Nonce {nonce} has already used";
return(false);
}
var key = PubKey.FromBase58(pubKey);
if (!key.Verify($"{headers.Nonce}", headers.Signature))
{
error = $"Invalid signature";
return(false);
}
Nonces[headers.User] = nonce;
return(true);
}
public bool TryAuthenticate(AuthHeaders headers, string json, out string error)
{
return(TryAuthenticate(headers, out error));
}