/// <summary>
/// Fetches the specified account from the database
/// </summary>
/// <param name="id">The id of the account</param>
/// <returns></returns>
public Account GetAccount(string id, out bool success)
{
StringBuilder infos = new StringBuilder();
for (int i = 1; i < 11; i++)
{
infos.Append(", info").Append(i.ToString());
}
string query = "SELECT hid, name, occupation" + infos.ToString() + ", location, email, radius, isVisible, showLog FROM Tbl_user WHERE id = " + id + " LIMIT 1;";
SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetDataArray, query, 18);
SqlDataArrayResponse dataArrayResponse = AwaitDataArrayResponse(sqlRequest, out bool sqlSuccess);
if (!sqlSuccess)
{
success = false;
return(null);
}
string[] account = dataArrayResponse.Result;
if (!dataArrayResponse.Success || account.Length != 18)
{
ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to fetch account info.");
success = false;
return(null);
}
string userid = account[0];
AesContext aesContext = new AesContext(userid);
string name = aesContext.DecryptOrDefault(account[1]);
string occupation = aesContext.DecryptOrDefault(account[2]);
string info1 = aesContext.DecryptOrDefault(account[3]);
string info2 = aesContext.DecryptOrDefault(account[4]);
string info3 = aesContext.DecryptOrDefault(account[5]);
string info4 = aesContext.DecryptOrDefault(account[6]);
string info5 = aesContext.DecryptOrDefault(account[7]);
string info6 = aesContext.DecryptOrDefault(account[8]);
string info7 = aesContext.DecryptOrDefault(account[9]);
string info8 = aesContext.DecryptOrDefault(account[10]);
string info9 = aesContext.DecryptOrDefault(account[11]);
string info10 = aesContext.DecryptOrDefault(account[12]);
string location = account[13];
string email = account[14];
bool successParse1 = int.TryParse(account[15], out int radius);
bool successParse2 = int.TryParse(account[16], out int isVisible);
bool successParse3 = int.TryParse(account[17], out int showLog);
if (!successParse1 || !successParse2 || !successParse3)
{
ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to fetch account info.");
success = false;
return(null);
}
AccountInfo accountInfo = new AccountInfo(name, occupation, info1, info2, info3, info4, info5, info6, info7, info8, info9, info10, location, radius, userid, email, Convert.ToBoolean(isVisible), Convert.ToBoolean(showLog));
success = true;
return(new Account(accountInfo, false, id));
}
public override void Process(ApiServer server)
{
if (server.AssertServerSetup(this) || server.AssertAccountNull())
{
return;
}
using DatabaseManager databaseManager = new DatabaseManager(server);
string query = "SELECT isOnline, name, hid, id FROM Tbl_user WHERE email = \'" + DatabaseEssentials.Security.Sanitize(Email) + "\';";
SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetDataArray, query, 4);
SqlDataArrayResponse dataArrayResponse = databaseManager.AwaitDataArrayResponse(sqlRequest, out bool success);
if (!success)
{
return;
}
string[] data = dataArrayResponse.Result;
if (!dataArrayResponse.Success || data.Length != sqlRequest.ExpectedColumns)
{
ApiError.Throw(ApiErrorCode.InvalidUser, server, "No account is associated with this email address.");
return;
}
string isOnline = data[0];
string encryptedName = data[1];
string userid = data[2];
server.Account = new Account(null, false, data[3]);
if (!isOnline.Equals("0"))
{
ApiError.Throw(ApiErrorCode.AlreadyOnline, server, "Already logged in from another device.");
return;
}
AesContext aesContext = new AesContext(userid);
string name = aesContext.DecryptOrDefault(encryptedName);
server.Account = new Account
{
AuthenticationCode = SecurityManager.GenerateSecurityCode(),
AuthenticationId = ApiRequestId.ConfirmPasswordReset,
AuthenticationTime = DatabaseEssentials.GetTimeStamp()
};
EmailManager emailManager = EmailManager.Create(Subject.ResetPassword, Email, string.IsNullOrEmpty(name) ? "user" : name, server.Account.AuthenticationCode);
emailManager.Send();
GenericSuccessResponse response = new GenericSuccessResponse(ResponseId.PasswordReset, true);
SerializedApiResponse serializedApiResponse = SerializedApiResponse.Create(response);
string json = serializedApiResponse.Serialize();
server.Send(json);
server.UnitTesting.MethodSuccess = true;
}
static void RunCheck(AesContext context, byte[] bytes, byte[] cipher, bool parallel = false)
{
Stopwatch sw = new Stopwatch();
Console.WriteLine("Encryption: ");
sw.Start();
var encryptedBytes = context.EncryptBytes(bytes, cipher, parallel);
sw.Stop();
Console.WriteLine($"Time: {sw.ElapsedMilliseconds} ms.");
Console.WriteLine("Decryption: ");
sw.Restart();
var roundTrip = context.DecryptBytes(encryptedBytes, cipher, parallel);
sw.Stop();
Console.WriteLine($"Time: {sw.ElapsedMilliseconds} ms.");
}
public override void Process(ApiServer server)
{
if (server.AssertServerSetup(this) || AccountInfo == null)
{
ApiError.Throw(ApiErrorCode.InvalidArgument, server, "AccountInfo was null.");
return;
}
if (server.AssertUserOnline() || server.AssertIdSet() || server.AssertAccountInfoNotNull())
{
return;
}
using DatabaseManager databaseManager = new DatabaseManager(server);
string query;
bool success;
if (string.IsNullOrEmpty(server.Account.AccountInfo.UserId))
{
query = "SELECT hid FROM Tbl_user WHERE id = " + DatabaseEssentials.Security.Sanitize(server.Account.Id);
SqlApiRequest sqlRequest = SqlApiRequest.Create(SqlRequestId.GetSingleOrDefault, query, 1);
SqlSingleOrDefaultResponse singleOrDefaultResponse = databaseManager.AwaitSingleOrDefaultResponse(sqlRequest, out success);
if (!success)
{
return;
}
if (!singleOrDefaultResponse.Success)
{
ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to determine userid.");
return;
}
server.Account.AccountInfo.UserId = singleOrDefaultResponse.Result;
}
AesContext aesContext = new AesContext(server.Account.AccountInfo.UserId);
string cryptoName = aesContext.EncryptOrDefault(AccountInfo.Name);
string cryptoOccupation = aesContext.EncryptOrDefault(AccountInfo.Occupation);
StringBuilder stringBuilder = new StringBuilder();
string[] infos = new string[] { AccountInfo.Info1, AccountInfo.Info2, AccountInfo.Info3, AccountInfo.Info4, AccountInfo.Info5, AccountInfo.Info6, AccountInfo.Info7, AccountInfo.Info8, AccountInfo.Info9, AccountInfo.Info10 };
for (int i = 0; i < infos.Length; i++)
{
stringBuilder.Append(", info").Append((i + 1).ToString()).Append(" = \'").Append(aesContext.EncryptOrDefault(infos[i])).Append('\'');
}
query = "UPDATE Tbl_user SET name = \'" + cryptoName + "\', occupation = \'" + cryptoOccupation + "\'" + stringBuilder.ToString() + ", location = \'" + DatabaseEssentials.Security.Sanitize(AccountInfo.Location) + "\', radius = " + AccountInfo.Radius.ToString() + ", isVisible = " + (AccountInfo.IsVisible ? "1" : "0") + ", showLog = " + (AccountInfo.ShowLog ? "1" : "0") + " WHERE id = " + DatabaseEssentials.Security.Sanitize(server.Account.Id) + ";";
SqlApiRequest sqlApiRequest = SqlApiRequest.Create(SqlRequestId.ModifyData, query, -1);
SqlModifyDataResponse modifyDataResponse = databaseManager.AwaitModifyDataResponse(sqlApiRequest, out success);
if (!success)
{
return;
}
if (!modifyDataResponse.Success)
{
ApiError.Throw(ApiErrorCode.InternalServerError, server, "Unable to update account info.");
return;
}
GenericSuccessResponse successResponse = new GenericSuccessResponse(ResponseId.UpdateAccountInfo, true);
SerializedApiResponse serializedApiResponse = SerializedApiResponse.Create(successResponse);
string json = serializedApiResponse.Serialize();
server.Send(json);
server.UnitTesting.MethodSuccess = true;
}
