public static void HandleLoginRequest(ClientPacket packet, Session session) { PacketInboundLoginRequest loginRequest = new PacketInboundLoginRequest(packet); Task t = new Task(() => DoLogin(session, loginRequest)); t.Start(); }
private static void DoLogin(Session session, PacketInboundLoginRequest loginRequest) { var account = DatabaseManager.Authentication.GetAccountByName(loginRequest.Account); if (account == null) { if (loginRequest.NetAuthType == NetAuthType.AccountPassword && loginRequest.Password != "") { if (ConfigManager.Config.Server.Accounts.AllowAutoAccountCreation) { log.Info($"Auto creating account for: {loginRequest.Account}"); // no account, dynamically create one string[] parameters = new string[] { loginRequest.Account, loginRequest.Password }; AccountCommands.HandleAccountCreate(session, parameters); account = DatabaseManager.Authentication.GetAccountByName(loginRequest.Account); } } } try { log.Info($"new client connected: {loginRequest.Account}. setting session properties"); AccountSelectCallback(account, session, loginRequest); } catch (Exception ex) { log.Info("Error in HandleLoginRequest trying to find the account.", ex); AccountSelectCallback(null, session, null); } }
private static void DoLogin(Session session, PacketInboundLoginRequest loginRequest) { var account = DatabaseManager.Authentication.GetAccountByName(loginRequest.Account); if (account == null) { if (loginRequest.NetAuthType == NetAuthType.AccountPassword && loginRequest.Password != "") { if (ConfigManager.Config.Server.Accounts.AllowAutoAccountCreation) { // no account, dynamically create one if (WorldManager.WorldStatus == WorldManager.WorldStatusState.Open) { log.Info($"Auto creating account for: {loginRequest.Account}"); } else { log.Debug($"Auto creating account for: {loginRequest.Account}"); } var accessLevel = (AccessLevel)ConfigManager.Config.Server.Accounts.DefaultAccessLevel; if (!System.Enum.IsDefined(typeof(AccessLevel), accessLevel)) { accessLevel = AccessLevel.Player; } if (DatabaseManager.AutoPromoteNextAccountToAdmin) { accessLevel = AccessLevel.Admin; DatabaseManager.AutoPromoteNextAccountToAdmin = false; log.Warn($"Automatically setting account AccessLevel to Admin for account \"{loginRequest.Account}\" because there are no admin accounts in the current database."); } account = DatabaseManager.Authentication.CreateAccount(loginRequest.Account.ToLower(), loginRequest.Password, accessLevel, session.EndPoint.Address); } } } try { log.Debug($"new client connected: {loginRequest.Account}. setting session properties"); AccountSelectCallback(account, session, loginRequest); } catch (Exception ex) { log.Error("Error in HandleLoginRequest trying to find the account.", ex); session.Terminate(SessionTerminationReason.AccountSelectCallbackException); } }
public static async void HandleLoginRequest(ClientPacket packet, Session session) { PacketInboundLoginRequest loginRequest = new PacketInboundLoginRequest(packet); try { var result = await DatabaseManager.Authentication.GetAccountByName(loginRequest.Account); AccountSelectCallback(result, session); } catch (IndexOutOfRangeException) { AccountSelectCallback(null, session); } }
public static void HandleLoginRequest(ClientPacket packet, Session session) { try { PacketInboundLoginRequest loginRequest = new PacketInboundLoginRequest(packet); if (loginRequest.Account.Length > 50) { NetworkManager.SendLoginRequestReject(session, CharacterError.AccountInvalid); session.Terminate(SessionTerminationReason.AccountInformationInvalid); return; } Task t = new Task(() => DoLogin(session, loginRequest)); t.Start(); } catch (Exception ex) { log.ErrorFormat("Received LoginRequest from {0} that threw an exception.", session.EndPoint); log.Error(ex); } }
private static void DoLogin(Session session, PacketInboundLoginRequest loginRequest) { var account = DatabaseManager.Authentication.GetAccountByName(loginRequest.Account); if (account == null) { if (loginRequest.NetAuthType == NetAuthType.AccountPassword && loginRequest.Password != "") { if (ConfigManager.Config.Server.Accounts.AllowAutoAccountCreation) { // no account, dynamically create one log.Info($"Auto creating account for: {loginRequest.Account}"); var accessLevel = (AccessLevel)ConfigManager.Config.Server.Accounts.DefaultAccessLevel; if (!System.Enum.IsDefined(typeof(AccessLevel), accessLevel)) { accessLevel = AccessLevel.Player; } account = DatabaseManager.Authentication.CreateAccount(loginRequest.Account.ToLower(), loginRequest.Password, accessLevel); } } } try { log.Debug($"new client connected: {loginRequest.Account}. setting session properties"); AccountSelectCallback(account, session, loginRequest); } catch (Exception ex) { log.Error("Error in HandleLoginRequest trying to find the account.", ex); AccountSelectCallback(null, session, null); } }
private static void AccountSelectCallback(Account account, Session session, PacketInboundLoginRequest loginRequest) { packetLog.DebugFormat("ConnectRequest TS: {0}", Timers.PortalYearTicks); if (session.Network.ConnectionData.ServerSeed == null || session.Network.ConnectionData.ClientSeed == null) { // these are null if ConnectionData.DiscardSeeds() is called because of some other error condition. session.Terminate(SessionTerminationReason.BadHandshake, new GameMessageCharacterError(CharacterError.ServerCrash1)); return; } var connectRequest = new PacketOutboundConnectRequest( Timers.PortalYearTicks, session.Network.ConnectionData.ConnectionCookie, session.Network.ClientId, session.Network.ConnectionData.ServerSeed, session.Network.ConnectionData.ClientSeed); session.Network.ConnectionData.DiscardSeeds(); session.Network.EnqueueSend(connectRequest); if (loginRequest.NetAuthType < NetAuthType.AccountPassword) { if (loginRequest.Account == "acservertracker:jj9h26hcsggc") { //log.Info($"Incoming ping from a Thwarg-Launcher client... Sending Pong..."); session.Terminate(SessionTerminationReason.PongSentClosingConnection, new GameMessageCharacterError(CharacterError.ServerCrash1)); return; } if (WorldManager.WorldStatus == WorldManager.WorldStatusState.Open) { log.Info($"client {loginRequest.Account} connected with no Password or GlsTicket included so booting"); } else { log.Debug($"client {loginRequest.Account} connected with no Password or GlsTicket included so booting"); } session.Terminate(SessionTerminationReason.NotAuthorizedNoPasswordOrGlsTicketIncludedInLoginReq, new GameMessageCharacterError(CharacterError.AccountInvalid)); return; } if (account == null) { session.Terminate(SessionTerminationReason.NotAuthorizedAccountNotFound, new GameMessageCharacterError(CharacterError.AccountDoesntExist)); return; } if (!PropertyManager.GetBool("account_login_boots_in_use").Item) { if (NetworkManager.Find(account.AccountName) != null) { session.Terminate(SessionTerminationReason.AccountInUse, new GameMessageCharacterError(CharacterError.Logon)); return; } } if (loginRequest.NetAuthType == NetAuthType.AccountPassword) { if (!account.PasswordMatches(loginRequest.Password)) { if (WorldManager.WorldStatus == WorldManager.WorldStatusState.Open) { log.Info($"client {loginRequest.Account} connected with non matching password so booting"); } else { log.Debug($"client {loginRequest.Account} connected with non matching password so booting"); } session.Terminate(SessionTerminationReason.NotAuthorizedPasswordMismatch, new GameMessageBootAccount(session, " because the password entered for this account was not correct.")); // TO-DO: temporary lockout of account preventing brute force password discovery // exponential duration of lockout for targeted account return; } if (PropertyManager.GetBool("account_login_boots_in_use").Item) { var previouslyConnectedAccount = NetworkManager.Find(account.AccountName); if (previouslyConnectedAccount != null) { previouslyConnectedAccount.Terminate(SessionTerminationReason.AccountLoggedIn, new GameMessageCharacterError(CharacterError.Logon)); } } if (WorldManager.WorldStatus == WorldManager.WorldStatusState.Open) { log.Info($"client {loginRequest.Account} connected with verified password"); } else { log.Debug($"client {loginRequest.Account} connected with verified password"); } } else if (loginRequest.NetAuthType == NetAuthType.GlsTicket) { if (WorldManager.WorldStatus == WorldManager.WorldStatusState.Open) { log.Info($"client {loginRequest.Account} connected with GlsTicket which is not implemented yet so booting"); } else { log.Debug($"client {loginRequest.Account} connected with GlsTicket which is not implemented yet so booting"); } session.Terminate(SessionTerminationReason.NotAuthorizedGlsTicketNotImplementedToProcLoginReq, new GameMessageCharacterError(CharacterError.AccountInvalid)); return; } // TODO: check for account bans account.UpdateLastLogin(session.EndPoint.Address); session.SetAccount(account.AccountId, account.AccountName, (AccessLevel)account.AccessLevel); session.State = SessionState.AuthConnectResponse; }
private static void AccountSelectCallback(Account account, Session session, PacketInboundLoginRequest loginRequest) { packetLog.DebugFormat("ConnectRequest TS: {0}", session.Network.ConnectionData.ServerTime); var connectRequest = new PacketOutboundConnectRequest(session.Network.ConnectionData.ServerTime, 0, session.Network.ClientId, ISAAC.ServerSeed, ISAAC.ClientSeed); session.Network.EnqueueSend(connectRequest); if (loginRequest.NetAuthType < NetAuthType.AccountPassword) { log.Info($"client {loginRequest.Account} connected with no Password or GlsTicket included so booting"); session.SendCharacterError(CharacterError.AccountInUse); session.State = SessionState.NetworkTimeout; return; } if (account == null) { session.SendCharacterError(CharacterError.AccountDoesntExist); session.State = SessionState.NetworkTimeout; return; } if (WorldManager.Find(account.AccountName) != null) { var foundSession = WorldManager.Find(account.AccountName); if (foundSession.State == SessionState.AuthConnected) { session.SendCharacterError(CharacterError.AccountInUse); session.State = SessionState.NetworkTimeout; } return; } if (loginRequest.NetAuthType == NetAuthType.AccountPassword) { if (!account.PasswordMatches(loginRequest.Password)) { log.Info($"client {loginRequest.Account} connected with non matching password does so booting"); session.SendCharacterError(CharacterError.AccountInUse); session.State = SessionState.NetworkTimeout; return; } log.Info($"client {loginRequest.Account} connected with verified password"); } else if (loginRequest.NetAuthType == NetAuthType.GlsTicket) { log.Info($"client {loginRequest.Account} connected with GlsTicket which is not implemented yet so booting"); session.SendCharacterError(CharacterError.AccountInUse); session.State = SessionState.NetworkTimeout; return; } // TODO: check for account bans session.SetAccount(account.AccountId, account.AccountName, (AccessLevel)account.AccessLevel); session.State = SessionState.AuthConnectResponse; }
private static void DoLogin(Session session, PacketInboundLoginRequest loginRequest) { // validate the token Guid accountGuid; string accountName; string loggingIdentifier; Guid subscriptionGuid; Subscription sub; if (ConfigManager.Config.Server.SecureAuthentication) { try { var tokenInfo = JwtManager.ParseRemoteToken(loginRequest.JwtToken); if (tokenInfo == null) { throw new UnauthorizedAccessException($"improper token used for login {loginRequest.ClientAccountString}, token {loginRequest.JwtToken}"); } accountName = tokenInfo.Name; accountGuid = tokenInfo.AccountGuid; } catch (Exception ex) { log.Info("Error in HandleLoginRequest validating the ticket.", ex); session.SendCharacterError(CharacterError.AccountInvalid); return; } if (!Guid.TryParse(loginRequest.ClientAccountString, out subscriptionGuid)) { // if it's not a guid, it's an account name. verify it matches the ticket if (accountName != loginRequest.ClientAccountString) { log.Info("Error in HandleLoginRequest validating the ticket."); session.SendCharacterError(CharacterError.AccountInvalid); return; } else { // look for subscriptions var subs = DatabaseManager.Authentication.GetSubscriptionsByAccount(accountGuid); if (subs.Count < 1) { // go go gadget dynamic subscription creation sub = new Subscription() { AccessLevel = Entity.Enum.AccessLevel.Player, Name = "auto", AccountGuid = accountGuid }; DatabaseManager.Authentication.CreateSubscription(sub); } else { // already have a subscription, just pull it sub = subs[0]; } } } else { var subs = DatabaseManager.Authentication.GetSubscriptionsByAccount(accountGuid); sub = subs.Find(s => s.SubscriptionGuid == subscriptionGuid); } loggingIdentifier = $"{accountName}.{sub.Name}"; } else { // insecure mode. we have no token of value, and only the ClientAccountString. if (!Guid.TryParse(loginRequest.ClientAccountString, out subscriptionGuid)) { // client account string is not a guid. assume it is an account name var account = DatabaseManager.Authentication.GetAccountByName(loginRequest.ClientAccountString); if (account == null) { // no account, dynamically create one account = new Account(); account.Name = loginRequest.ClientAccountString; account.DisplayName = loginRequest.ClientAccountString; account.SetPassword(""); DatabaseManager.Authentication.CreateAccount(account); } // look for subscriptions var subs = DatabaseManager.Authentication.GetSubscriptionsByAccount(account.AccountGuid); if (subs.Count < 1) { // go go gadget dynamic subscription creation sub = new Subscription() { AccessLevel = Entity.Enum.AccessLevel.Player, Name = "default", AccountGuid = account.AccountGuid }; DatabaseManager.Authentication.CreateSubscription(sub); } else { // already have a subscription, just pull it sub = subs[0]; } loggingIdentifier = $"{account.Name}.{sub.Name}"; } else { // subscription guid provided sub = DatabaseManager.Authentication.GetSubscriptionByGuid(subscriptionGuid); loggingIdentifier = $"Unknown.{sub.Name}"; } } try { log.Info($"new client connected: {loginRequest.ClientAccountString}. setting session properties"); SubscriptionSelectCallback(sub, session, loginRequest.ClientAccountString, loggingIdentifier); } catch (Exception ex) { log.Info("Error in HandleLoginRequest trying to find the subscription.", ex); SubscriptionSelectCallback(null, session, null, null); } }
private static void AccountSelectCallback(Account account, Session session, PacketInboundLoginRequest loginRequest) { packetLog.DebugFormat("ConnectRequest TS: {0}", session.Network.ConnectionData.ServerTime); var connectRequest = new PacketOutboundConnectRequest( session.Network.ConnectionData.ServerTime, session.Network.ConnectionData.ConnectionCookie, session.Network.ClientId, session.Network.ConnectionData.ServerSeed, session.Network.ConnectionData.ClientSeed); session.Network.ConnectionData.DiscardSeeds(); session.Network.EnqueueSend(connectRequest); if (loginRequest.NetAuthType < NetAuthType.AccountPassword) { if (loginRequest.Account == "acservertracker:jj9h26hcsggc") { log.Info($"Incoming ping from a Thwarg-Launcher client... Sending Pong..."); session.BootSession("Pong sent, closing connection.", new GameMessageCharacterError(CharacterError.Undefined)); return; } log.Info($"client {loginRequest.Account} connected with no Password or GlsTicket included so booting"); session.BootSession("Not Authorized: No password or GlsTicket included in login request", new GameMessageCharacterError(CharacterError.AccountInUse)); return; } if (account == null) { session.BootSession("Not Authorized: Account Not Found", new GameMessageCharacterError(CharacterError.AccountDoesntExist)); return; } if (WorldManager.Find(account.AccountName) != null) { session.SendCharacterError(CharacterError.AccountInUse); session.BootSession("Account In Use: Found another session already logged in for this account.", new GameMessageCharacterError(CharacterError.AccountInUse)); return; } if (loginRequest.NetAuthType == NetAuthType.AccountPassword) { if (!account.PasswordMatches(loginRequest.Password)) { log.Info($"client {loginRequest.Account} connected with non matching password does so booting"); session.BootSession("Not Authorized: Password does not match.", new GameMessageCharacterError(CharacterError.AccountInUse)); // TO-DO: temporary lockout of account preventing brute force password discovery // exponential duration of lockout for targeted account return; } log.Info($"client {loginRequest.Account} connected with verified password"); } else if (loginRequest.NetAuthType == NetAuthType.GlsTicket) { log.Info($"client {loginRequest.Account} connected with GlsTicket which is not implemented yet so booting"); session.SendCharacterError(CharacterError.AccountInUse); session.BootSession("Not Authorized: GlsTicket is not implemented to process login request", new GameMessageCharacterError(CharacterError.AccountInUse)); return; } // TODO: check for account bans session.SetAccount(account.AccountId, account.AccountName, (AccessLevel)account.AccessLevel); session.State = SessionState.AuthConnectResponse; }