public static Boolean Authenticate(String username, String passhash, ClientHandler handler)
{
//check that user and passhash are valid.
var database = new DBConnect();
var tuple = database.ValidateUser(username, passhash, true);
if (!tuple.Item1) // if the tuple.Item1 equals false, return false and exit this method.
return false;
//Creating the hash (AuthToken)
//1. Prepare the string for hashing (user-passhash-milliseconds_since_epoch)
var millis = DateTime.Now.ToUniversalTime().Subtract(
new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)
).TotalMilliseconds;
var aboutToHash = String.Format("{0}-{1}-{2}", username, passhash, millis);
//2. Hash the string.
var hash = Hashing.CreateSHA256(aboutToHash);
//3. Create the user :D
var user = database.getUser(username);
//if user == null, exit this method!
if (user == null) return false;
user.AuthToken = hash;
//4. Remove the user if existing in the list.
var searchQuery =
from kvPair in AuthUsers
where kvPair.Key.Username == username
select kvPair.Key;
// Above query (searchQuery) is exactly the same as:
// var search2 = AuthUsers
// .Where(kvPair => kvPair.Key.Username == username)
// .Select(kvPair => kvPair.Key);
foreach (var key in searchQuery)
{
ClientHandler tempClientHandler;
AuthUsers.TryRemove(key, out tempClientHandler);
}
//5. Add the user to the AuthUsers class.
AuthUsers.GetOrAdd(user, handler);
return true;
}
