/// <summary>
/// Returns null if login failed.
/// </summary>
/// <param name="db"></param>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
public static DBLogin LoginUser (DB db, string login, string password, string ip4, bool @readonly)
{
DBLogin result;
int id;
using (IDbCommand cmd = db.CreateCommand ()) {
// TODO: Encrypt passwords somehow, not store as plaintext.
cmd.CommandText = "SELECT id FROM Person WHERE login = @login AND password = @password;";
DB.CreateParameter (cmd, "login", login);
DB.CreateParameter (cmd, "password", password);
using (IDataReader reader = cmd.ExecuteReader ()) {
if (!reader.Read ())
return null;
id = reader.GetInt32 (0);
//if (reader.Read ())
// return null;
}
}
result = new DBLogin ();
result.person_id = id;
result.ip4 = ip4;
if (!@readonly) {
result.expires = DateTime.Now.AddDays (1);
result.cookie = CreateCookie ();
result.Save (db);
}
return result;
}
/// <summary>
/// Returns null if login failed.
/// </summary>
/// <param name="db"></param>
/// <param name="user"></param>
/// <param name="password"></param>
/// <returns></returns>
public static DBLogin Login (DB db, string login, string password, string ip4, bool @readonly)
{
DBLogin result;
int id;
Console.WriteLine ("DBLogin.Login ('{0}', '{1}', '{2}'. {3})", login, password, ip4, @readonly);
using (IDbCommand cmd = db.CreateCommand ()) {
// TODO: Encrypt passwords somehow, not store as plaintext.
cmd.CommandText = "SELECT id FROM Person WHERE login = @login AND password = @password;";
DB.CreateParameter (cmd, "login", login);
DB.CreateParameter (cmd, "password", password);
using (IDataReader reader = cmd.ExecuteReader ()) {
if (!reader.Read ())
return null;
id = reader.GetInt32 (0);
//if (reader.Read ())
// return null;
}
}
result = new DBLogin ();
result.person_id = id;
result.ip4 = ip4;
if (!@readonly) {
byte [] data = new byte [32];
StringBuilder builder = new StringBuilder (data.Length);
random.GetBytes (data);
for (int i = 0; i < data.Length; i++)
builder.Append (string.Format ("{0:x}", data [i]));
builder.Append (DateTime.Now.Ticks);
result.expires = DateTime.Now.AddDays (1);
result.cookie = builder.ToString ();
result.Save (db);
}
return result;
}
public static void LoginDB (DB db, LoginResponse response, string username, string roles, string ip4) {
// We now create an account with an empty password and the specified roles.
// Note that it is not possible to log into an account with an empty password
// using the normal login procedure.
DBPerson open_person = null;
using (IDbCommand cmd = db.CreateCommand ()) {
cmd.CommandText = @"SELECT * FROM Person WHERE login = @login;";
DB.CreateParameter (cmd, "login", username);
using (var reader = cmd.ExecuteReader ()) {
if (reader.Read ())
open_person = new DBPerson (reader);
}
}
if (open_person == null) {
open_person = new DBPerson ();
open_person.login = username;
open_person.roles = roles;
open_person.Save (db);
} else {
// only save if something has changed
if (open_person.roles != roles) {
open_person.roles = roles;
open_person.Save (db);
}
}
WebServiceLogin login = new WebServiceLogin ();
login.Ip4 = ip4;
login.User = open_person.login;
db.Audit (login, "DBLogin_Extensions.Login (username: {0}, ip4: {1})", username, ip4);
var result = new DBLogin ();
result.person_id = open_person.id;
result.ip4 = ip4;
result.cookie = CreateCookie ();
result.expires = DateTime.Now.AddDays (1);
result.Save (db);
response.User = username;
response.UserName = username;
response.UserRoles = open_person.Roles;
response.Cookie = result.cookie;
}
public static void LoginOpenId (DB db, LoginResponse response, string email, string ip4)
{
if (string.IsNullOrEmpty (Configuration.OpenIdProvider) && string.IsNullOrEmpty (Configuration.OauthClientId))
throw new Exception ("No OpenId provider available");
if (string.IsNullOrEmpty (Configuration.OpenIdRoles))
throw new Exception ("No OpenId roles specified");
if (string.IsNullOrEmpty (email))
throw new Exception ("OpenId authentication requires an email");
string [] specs = Configuration.OpenIdRoles.Split (';');
foreach (var spec in specs) {
// email:role1,role2
string [] split = spec.Split (':');
if (split.Length != 2) {
log.ErrorFormat ("AuthenticateOpenId: Invalid role spec: {0}", spec);
continue;
}
if (string.IsNullOrEmpty (split [1])) {
log.ErrorFormat ("AuthenticateOpenId: No roles specified for {0}", split [0]);
continue;
}
if (!Regex.IsMatch (email, split [0]))
continue;
// We now create an account with an empty password and the specified roles.
// Note that it is not possible to log into an account with an empty password
// using the normal login procedure.
DBPerson open_person = null;
using (IDbCommand cmd = db.CreateCommand ()) {
cmd.CommandText = @"SELECT * FROM Person WHERE login = @login;";
DB.CreateParameter (cmd, "login", email);
using (var reader = cmd.ExecuteReader ()) {
if (reader.Read ())
open_person = new DBPerson (reader);
}
}
if (open_person == null) {
open_person = new DBPerson ();
open_person.login = email;
open_person.roles = split [1];
open_person.Save (db);
} else {
// only save if something has changed
if (open_person.roles != split [1]) {
open_person.roles = split [1];
open_person.Save (db);
}
}
WebServiceLogin login = new WebServiceLogin ();
login.Ip4 = ip4;
login.User = open_person.login;
db.Audit (login, "DBLogin_Extensions.LoginOpenId (email: {0}, ip4: {1})", email, ip4);
var result = new DBLogin ();
result.person_id = open_person.id;
result.ip4 = ip4;
result.cookie = CreateCookie ();
result.expires = DateTime.Now.AddDays (1);
result.Save (db);
response.User = email;
response.UserName = email;
response.UserRoles = open_person.Roles;
response.Cookie = result.cookie;
return;
}
throw new Exception ("The provided email address is not allowed to log in");
}
