public IActionResult Index(AuthorizationTable auth) { HttpClient client12 = cs.AuthClient(); var contentType = new MediaTypeWithQualityHeaderValue ("application/json"); client12.DefaultRequestHeaders.Accept.Add(contentType); string Data = JsonConvert.SerializeObject(auth); var contentData = new StringContent(Data, System.Text.Encoding.UTF8, "application/json"); HttpResponseMessage response = client12.PostAsync("api/Auth", contentData).Result; string jwtdata = response.Content.ReadAsStringAsync().Result; webtoken jwt = JsonConvert.DeserializeObject <webtoken>(jwtdata); if (jwt.Token == null) { return(RedirectToAction("Index")); } HttpContext.Session.SetString("token", jwt.Token); return(RedirectToAction("Access")); }
public string Cred(string usr, string tok, string ip) { // was there a bad attempt in last 5 minutes? // if so, reject stamp stmp = ps.GetI <stamp>("attemptIp", "IP", ip).Result; if (stmp != null) { if (stmp.retMinutes() < 5.0) { el(usr + " " + tok + " " + ip + " Cred error - too many requests from IP."); return("error - too many requests from IP. Please wait " + Math.Round(5.0 - stmp.retMinutes(), 2) + " minutes"); } } stamp stmpr2 = ps.GetI <stamp>("attemptUser", "USER", usr).Result; if (stmpr2 != null) { if (stmpr2.retMinutes() < 5.0) { el(usr + " " + tok + " " + ip + " Cred error - too many requests for user."); return("error - too many requests for user. Please wait " + Math.Round(5.0 - stmpr2.retMinutes(), 2) + " minutes"); } } // if not, check this attempt // if good continue // if bad, reject and mark new bad attempt webtoken token = ps.GetI <webtoken>("webtoks", usr, usr).Result; if (token == null) { stmpr2 = new stamp("USER", usr); if (!ps.UpsertI <stamp>("attemptUser", stmpr2).Result) { el(usr + " " + tok + " " + ip + " Cred error - no token and error upsert attemptUser"); return("error - stamp upsert attemptUser"); } var stmpr = new stamp("IP", ip); if (!ps.UpsertI <stamp>("attemptIp", stmpr).Result) { el(usr + " " + tok + " " + ip + " Cred error - no token and error upsert attemptIp"); return("error - stamp upsert attemptIp"); } el(usr + " " + tok + " " + ip + " Cred error - no token"); return("error - no token found. Please ensure you are using the correct username, or log into the Rosenlink website and generate your first token by navigating to Options -> Web Token"); } if (token.tok != tok) { stmpr2 = new stamp("USER", usr); if (!ps.UpsertI <stamp>("attemptUser", stmpr2).Result) { el(usr + " " + tok + " " + ip + " Cred error - token mismatch and error upsert attemptUser"); return("error - stamp upsert attemptUser"); } var stmpr = new stamp("IP", ip); if (!ps.UpsertI <stamp>("attemptIp", stmpr).Result) { el(usr + " " + tok + " " + ip + " Cred error - token mismatch and error upsert attemptIp"); return("error - stamp upsert attemptIp"); } el(usr + " " + tok + " " + ip + " Cred error - token mismatch"); return("error - token mismatch. Please ensure you are using the correct username, or log into the Rosenlink website and copy paste the value found by navigating to Options -> Web Token"); } sacstr sac = ps.GetI <sacstr>("sacinfo", "sacstr", usr).Result; if (sac == null) { stmpr2 = new stamp("USER", usr); if (!ps.UpsertI <stamp>("attemptUser", stmpr2).Result) { el(usr + " " + tok + " " + ip + " Cred error - no sacstr and error upsert attemptUser"); return("error - stamp upsert attemptUser"); } var stmpr = new stamp("IP", ip); if (!ps.UpsertI <stamp>("attemptIp", stmpr).Result) { el(usr + " " + tok + " " + ip + " Cred error - no sacstr and error upsert attemptIp"); return("error - stamp upsert attemptIp"); } el(usr + " " + tok + " " + ip + " Cred error - no sacstr"); return("error - no cstr found. Please ensure you are using the correct username, or log into the Rosenlink website and generate your first token by navigating to Options -> Web Token"); } g(usr + " " + tok + " " + ip + " credentials verified."); return(rehpis.Encrypt(sac.sac, usr)); }