private void SaveApiKeys()
{
var session = ApplicationModel.Current.Server.Value.DocumentStore.OpenAsyncSession();
var apiKeysToDelete = OriginalApiKeys
.Where(apiKeyDefinition => ApiKeys.Contains(apiKeyDefinition) == false)
.ToList();
foreach (var apiKeyDefinition in apiKeysToDelete)
{
DatabaseCommands.ForDefaultDatabase().DeleteDocumentAsync(apiKeyDefinition.Id);
}
foreach (var apiKeyDefinition in ApiKeys)
{
apiKeyDefinition.Id = "Raven/ApiKeys/" + apiKeyDefinition.Name;
//apiKeyDefinition.Secret = Convert.ToBase64String(Encoding.UTF8.GetBytes(apiKeyDefinition.Secret));
session.Store(apiKeyDefinition);
}
session.SaveChangesAsync();
ApiKeys = new ObservableCollection <ApiKeyDefinition>(ApiKeys);
OnPropertyChanged(() => ApiKeys);
ApplicationModel.Current.AddInfoNotification("Api Keys Saved");
}
/// <summary>
/// This will check to see whether or not a key is valid.
/// </summary>
/// <param name="key">The key to check.</param>
/// <returns>True if the key is valid.</returns>
public bool CheckKey(string key)
{
lock (ApiKeys) if (ApiKeys.Contains(key))
{
return(true);
}
return(false);
}
/// <summary>
/// Will remove a key from the system. It will NOT be automatically removed from the config file. You must do that manually.
/// </summary>
/// <param name="key"></param>
public void RemoveKey(string key)
{
lock (ApiKeys)
{
if (ApiKeys.Contains(key))
{
ApiKeys.Remove(key);
}
}
}
/// <summary>
/// This will add a key to the system but WILL not update the config file. You must call the Save method manually.
/// </summary>
/// <param name="key">The key to add. If it is already present, this method will return.</param>
public void AddKey(string key)
{
lock (ApiKeys)
{
if (!ApiKeys.Contains(key))
{
ApiKeys.Add(key);
}
}
}
/// <summary>
/// A client has connected to the websocket server.
/// </summary>
/// <param name="conn">The client to process.</param>
private void OnOpen(IWebSocketConnection conn)
{
if (QEDector.IsAttacking(IPAddress.Parse((ReadOnlySpan <char>)conn.ConnectionInfo.ClientIpAddress)))
{
lock (AttackerAddresses)
{
if (!AttackerAddresses.Contains(conn.ConnectionInfo.ClientIpAddress))
{
Push(
$"Under denial of service attack from: {conn.ConnectionInfo.ClientIpAddress}! The address has been booted from accessing the Web API server, for 5 minutes. Please take action!",
"-HIGHEST PRIORITY/CRITICAL-", Structures.MessageFlag.ConsoleLogMessage);
AttackerAddresses.Add(conn.ConnectionInfo.ClientIpAddress);
}
}
return;
}
conn.OnMessage = message =>
{
//we will handle AUTH and commands here.
try
{
BlackTeaConnection connection;
if (!ContainsWith(conn))
{
var cryptoResult = QEData.TryDecrypt(message);
if (cryptoResult != null)
{
connection = new BlackTeaConnection(conn, cryptoResult.Password);
}
else
{
var reject = new Structures.BaseMessage
{
Name = "reject",
Date = GetTime(),
Type = Structures.MessageFlag.LoginApiRejected
};
conn.Send(JsonSerializer.Serialize(reject));
Master.LogManager.LogDashboard(IPAddress.Parse(conn.ConnectionInfo.ClientIpAddress), "[CRITICAL WARN] Failed log-in attempt.");
conn.Close();
//we log the issue.
Logger.LogWarning($"Failed log-in attempt : {conn.ConnectionInfo.ClientIpAddress}.");
return;
}
}
else
{
connection = GetWith(conn);
}
var json = QEData.Decrypt(message, connection.Key);
if (json == null)
{
return;
}
var msg = JsonSerializer.Deserialize <Structures.BaseMessage>(json);
if (msg != null)
{
if (msg.Type.Equals(Structures.MessageFlag.LoginApiRequest))
{
//the client has entered an invalid key.
lock (ApiKeys) if (!ApiKeys.Contains(msg.Text))
{
msg.Name = "reject";
msg.Date = GetTime();
msg.Type = Structures.MessageFlag.LoginApiRejected;
conn.Send(JsonSerializer.Serialize(msg));
Master.LogManager.LogDashboard(IPAddress.Parse(conn.ConnectionInfo.ClientIpAddress), "[CRITICAL WARN] Failed log-in attempt.");
conn.Close();
//we log the issue.
Logger.LogWarning($"Failed log-in attempt : {conn.ConnectionInfo.ClientIpAddress} - key : {msg.Text}");
return;
}
lock (Clients)
{
Clients.Add(connection);
Logger.LogWarning($"ImpostorHQ : New web admin client : {conn.ConnectionInfo.ClientIpAddress}");
msg.Text = "You have successfully connected to ImpostorHQ!";
msg.Type = Structures.MessageFlag.LoginApiAccepted;
msg.Name = "welcome";
msg.Date = GetTime();
conn.Send(JsonSerializer.Serialize(msg));
conn.OnClose += () =>
{
//we handle the client disconnecting.
RemoveWith(conn);
};
}
}
else if (msg.Type.Equals(Structures.MessageFlag.ConsoleCommand))
{
if (!ContainsWith(conn))
{
//we are being attacked.
//the client is sending commands without being logged in.
conn.Close();
RemoveWith(conn);
Logger.LogWarning($"Break-in attempt from : {conn.ConnectionInfo.ClientIpAddress}");
return;
}
MessageReceived(msg, conn);
}
else
{
//invalid API call.
//probably not a client.
conn.Close();
}
}
}
catch (Exception ex)
{
//not JSON.
Console.WriteLine($"Fatal error occured : {ex}");
return;
}
};
}