public async Task SeedAsync(IUnitOfWork uow)
{
#if DEBUG
var account = await uow.Accounts.FirstAsync();
var login = new Login();
login.AccountId = account.Id;
login.Username = "******";
login.Salt = _secureHashProvider.Random(64);
login.Hash = _secureHashProvider.Hash("test" + login.Salt);
login.Email = "*****@*****.**";
uow.Logins.Add(login);
#endif
}
private async Task <AuthenticationResult> Authenticate(INetworkMessage message, AuthenticationNetworkContext context)
{
await _authenticationSynchronizationContextService.Acquire();
try
{
AuthenticationResult result = AuthenticationResult.Unknown;
if (message is AuthenticationRequest request)
{
_logger.LogInformation($"User login attempt: {request.Username} with password: {request.Password} with client version: {request.ClientLongVersion}");
try
{
await using (var uow = _unitOfWorkFactory.Create())
{
if (request.ClientLongVersion != ClientLongVersion)
{
result = AuthenticationResult.InvalidClientVersion;
}
else
{
var login = await uow.Logins.Where(p => p.Username == request.Username).FirstOrDefaultAsync();
if (login == null)
{
result = AuthenticationResult.InvalidUsername;
}
else
{
if (login.DisabledUntil != null && login.DisabledUntil > DateTime.Now)
{
result = AuthenticationResult.CellphoneLocked;
}
else
{
var hash = _secureHashProvider.Hash(request.Password + login.Salt);
if (hash != login.Hash)
{
result = AuthenticationResult.InvalidPassword;
}
else
{
var account = await uow.Accounts.Where(p => p.Id == login.AccountId).FirstOrDefaultAsync();
if (account.Online)
{
result = AuthenticationResult.AlreadyLoggedIn;
}
else
{
if (!account.Enabled)
{
result = AuthenticationResult.BlockedAccount;
}
else
{
account.Online = true;
account.Key1 = _secureHashProvider.RandomInt();
account.Key2 = _secureHashProvider.RandomInt();
result = AuthenticationResult.Success;
context.Account = account;
}
}
}
}
uow.LoginAttempts.Add(new LoginAttempt(context.Options.RemoteIPAddress, login.Id, result == AuthenticationResult.Success));
await uow.CommitAsync();
}
}
}
}
catch (Exception ex)
{
result = AuthenticationResult.Unknown;
_logger.LogError(ex, "Process");
}
}
return(result);
}
finally
{
_authenticationSynchronizationContextService.Release();
}
}