public IActionResult Index(AuthorizationTable auth)
{
HttpClient client12 = cs.AuthClient();
var contentType = new MediaTypeWithQualityHeaderValue
("application/json");
client12.DefaultRequestHeaders.Accept.Add(contentType);
string Data = JsonConvert.SerializeObject(auth);
var contentData = new StringContent(Data, System.Text.Encoding.UTF8, "application/json");
HttpResponseMessage response = client12.PostAsync("api/Auth", contentData).Result;
string jwtdata = response.Content.ReadAsStringAsync().Result;
webtoken jwt = JsonConvert.DeserializeObject <webtoken>(jwtdata);
if (jwt.Token == null)
{
return(RedirectToAction("Index"));
}
HttpContext.Session.SetString("token", jwt.Token);
return(RedirectToAction("Access"));
}
public string Cred(string usr, string tok, string ip)
{
// was there a bad attempt in last 5 minutes?
// if so, reject
stamp stmp = ps.GetI <stamp>("attemptIp", "IP", ip).Result;
if (stmp != null)
{
if (stmp.retMinutes() < 5.0)
{
el(usr + " " + tok + " " + ip + " Cred error - too many requests from IP.");
return("error - too many requests from IP. Please wait " + Math.Round(5.0 - stmp.retMinutes(), 2) + " minutes");
}
}
stamp stmpr2 = ps.GetI <stamp>("attemptUser", "USER", usr).Result;
if (stmpr2 != null)
{
if (stmpr2.retMinutes() < 5.0)
{
el(usr + " " + tok + " " + ip + " Cred error - too many requests for user.");
return("error - too many requests for user. Please wait " + Math.Round(5.0 - stmpr2.retMinutes(), 2) + " minutes");
}
}
// if not, check this attempt
// if good continue
// if bad, reject and mark new bad attempt
webtoken token = ps.GetI <webtoken>("webtoks", usr, usr).Result;
if (token == null)
{
stmpr2 = new stamp("USER", usr);
if (!ps.UpsertI <stamp>("attemptUser", stmpr2).Result)
{
el(usr + " " + tok + " " + ip + " Cred error - no token and error upsert attemptUser");
return("error - stamp upsert attemptUser");
}
var stmpr = new stamp("IP", ip);
if (!ps.UpsertI <stamp>("attemptIp", stmpr).Result)
{
el(usr + " " + tok + " " + ip + " Cred error - no token and error upsert attemptIp");
return("error - stamp upsert attemptIp");
}
el(usr + " " + tok + " " + ip + " Cred error - no token");
return("error - no token found. Please ensure you are using the correct username, or log into the Rosenlink website and generate your first token by navigating to Options -> Web Token");
}
if (token.tok != tok)
{
stmpr2 = new stamp("USER", usr);
if (!ps.UpsertI <stamp>("attemptUser", stmpr2).Result)
{
el(usr + " " + tok + " " + ip + " Cred error - token mismatch and error upsert attemptUser");
return("error - stamp upsert attemptUser");
}
var stmpr = new stamp("IP", ip);
if (!ps.UpsertI <stamp>("attemptIp", stmpr).Result)
{
el(usr + " " + tok + " " + ip + " Cred error - token mismatch and error upsert attemptIp");
return("error - stamp upsert attemptIp");
}
el(usr + " " + tok + " " + ip + " Cred error - token mismatch");
return("error - token mismatch. Please ensure you are using the correct username, or log into the Rosenlink website and copy paste the value found by navigating to Options -> Web Token");
}
sacstr sac = ps.GetI <sacstr>("sacinfo", "sacstr", usr).Result;
if (sac == null)
{
stmpr2 = new stamp("USER", usr);
if (!ps.UpsertI <stamp>("attemptUser", stmpr2).Result)
{
el(usr + " " + tok + " " + ip + " Cred error - no sacstr and error upsert attemptUser");
return("error - stamp upsert attemptUser");
}
var stmpr = new stamp("IP", ip);
if (!ps.UpsertI <stamp>("attemptIp", stmpr).Result)
{
el(usr + " " + tok + " " + ip + " Cred error - no sacstr and error upsert attemptIp");
return("error - stamp upsert attemptIp");
}
el(usr + " " + tok + " " + ip + " Cred error - no sacstr");
return("error - no cstr found. Please ensure you are using the correct username, or log into the Rosenlink website and generate your first token by navigating to Options -> Web Token");
}
g(usr + " " + tok + " " + ip + " credentials verified.");
return(rehpis.Encrypt(sac.sac, usr));
}
