private void procedureAddAuth(HttpResponse response)
{
String pass;
do
{
pass = Convert.ToBase64String(Encoding.ASCII.GetBytes(Path.GetRandomFileName())).Trim();
} while (HttpAuth.hasKey(pass));
HttpAuth.checkInClient(client, pass);
response.setCookie(SESSIONID_COOKIE_PASSWORD, pass + "; Path=/");
//needsUpdate = true;
}
private void procedureAuthenticate(HttpRequest request, HttpResponse response)
{
if (request.postValues.ContainsKey(HTML_USERNAME_TEXT_ID) && request.postValues.ContainsKey(HTML_PASSWORD_TEXT_ID))
{
string username = request.postValues[HTML_USERNAME_TEXT_ID];
if (Bouncer.validateCredentials(username, System.Net.WebUtility.UrlDecode(request.postValues[HTML_PASSWORD_TEXT_ID])))
{
HttpAuth.allowClient(client, username);
response.addHeader("Location", "/controllers");
return;
}
}
response = new HttpResponse(HttpResponse.ConnectionStatus.FORBIDDEN, "keep-alive", null);
response.addHeader("Content-Length", "0");
}
private void procedureUpdate(HttpRequest request)
{
client.Cookies = request.cookies;
try
{
client.parseLanguage(request.requestMetaInfo("Accept-Language"));
client.parseOS(request.requestMetaInfo("User-Agent"));
}
catch (KeyNotFoundException)
{
}
if (HttpAuth.setSession(client) == false)
{
needsUpdate = false;
}
// if (RefreshClient != null)
// RefreshClient(client);
}
public void procedureAuthenticateLocally()
{
if (client.SessionVariables.IsAuthenticated)
{
return;
}
//string endpoint = "";
string ip = client.IP;// endpoint.Substring(0, endpoint.IndexOf(':'));
if (myTcpServer.Blocked.Contains(ip))
{
return; // should soon die. This is the clientveiw list being destroyed before the clienttbale in tcpserver
}
Action acceptClient = () =>
{
HttpAuth.allowClient(client, "Default");
HttpResponse response = new HttpResponse(HttpResponse.ConnectionStatus.FOUND, "keep-alive", null);
response.addHeader("Content-Length", "0");
response.addHeader("Location", "/controllers");
App.Log.logEvent(response.ToString(), Event.EVENT_FLAGS.DEBUG);
try
{
SocketWriteLine(response.ToString());
}
catch (IOException ex)
{
App.Log.logEvent("IOException serving page to : " + client.ToString() + "\r\n Stack:" + ex.StackTrace, Event.EVENT_FLAGS.IMPORTANT | Event.EVENT_FLAGS.CRITICAL);
}
};
App.Current.Dispatcher.BeginInvoke(
new Action(() =>
{
PasswordBox pass = new System.Windows.Controls.PasswordBox()
{
FlowDirection = FlowDirection.LeftToRight, Foreground = Brushes.White, CaretBrush = Brushes.White, Margin = new Thickness(10, 0, 0, 0), Height = 20, Width = 200
};
TextBlock lblpass = new System.Windows.Controls.TextBlock()
{
FlowDirection = System.Windows.FlowDirection.LeftToRight, TextWrapping = System.Windows.TextWrapping.NoWrap, HorizontalAlignment = System.Windows.HorizontalAlignment.Left, Margin = new Thickness(10, 0, 0, 0), VerticalAlignment = VerticalAlignment.Center, Style = (Style)App.MainWin.FindResource("HeadingWhiteShadowBold"), Text = "Please enter your password then hit enter to ALLOW:", Foreground = Brushes.Gold
};
MessageBox thisMessageBox = new MessageBox("A device: " + client.EndPoint + " is trying to authenticate. Give permission to access Controllers?", "Local Authentication");
pass.KeyDown += delegate(object sender, System.Windows.Input.KeyEventArgs e)
{
if (e.Key == System.Windows.Input.Key.Enter)
{
byte[] passtry = new System.Security.Cryptography.SHA256Managed().ComputeHash(Encoding.UTF8.GetBytes(pass.Password));
if (App.Config.password.SequenceEqual(passtry))
{
acceptClient.Invoke();
thisMessageBox.Close();
}
else
{
lblpass.Foreground = Brushes.Red;
lblpass.Text = "Incorrect password. Please try again.";
}
pass.Clear();
}
};
//lblpass.KeyDown += Allow_Try;
thisMessageBox.addButton("Deny Once", Deny_Click);
thisMessageBox.addButton("Block Device", delegate()
{
myTcpServer.tempBanIP(client.IP);
});
if (App.Config.username == null || App.Config.username == "")
{
thisMessageBox.addButton("Accept", acceptClient, true);
lblpass.Text = "Log in to password protect this prompt.";
}
else
{
thisMessageBox.ButtonPannel.Children.Add(pass);
}
thisMessageBox.ButtonPannel.Children.Add(lblpass);
thisMessageBox.Width = 720;
thisMessageBox.Show();
pass.Focus();
//MessageBox thisMessageBox = new MessageBox();
//thisMessageBox.addButton("Deny", Deny_Click);
//thisMessageBox.addButton("Allow", Allow_Click);
//thisMessageBox.Show();
//thisMessageBox.Focus();
//thisMessageBox.bringForward();
}));
//!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//(old)
//if (System.Windows.MessageBox.Show("A device: " + client.IP + " is trying to authenticate. Give permission to access Controllers?","Local Authentication",System.Windows.MessageBoxButton.YesNo) == System.Windows.MessageBoxResult.Yes)
//{
// HttpAuth.authenticateClient(client);
//}
//else
//{
// client.SessionVariables.IsAuthenticated = false;
//}
}
