void handleLoginMessage(AccountClient client, MessageIn msg)
{
MessageOut reply=new MessageOut(Protocol.APMSG_LOGIN_RESPONSE);
//Überprüfung ob es sich um einen Login Request handelt
if(client.status!=AccountClientStatus.CLIENT_LOGIN)
{
reply.writeInt8((int)ErrorMessage.ERRMSG_FAILURE);
client.send(reply);
return;
}
int clientVersion=msg.readInt32();
if(clientVersion<ManaServ.PROTOCOL_VERSION)
{
reply.writeInt8((int)Login.LOGIN_INVALID_VERSION);
client.send(reply);
return;
}
// Check whether the last login attempt for this IP is still too fresh
IPAddress address=client.getIP();
DateTime now=DateTime.Now;
if(mLastLoginAttemptForIP.ContainsKey(address)) //TODO Schauen ob der Vergleich gegen das IPAdress Objekt funktioniert
{
DateTime lastAttempt=mLastLoginAttemptForIP[address];
lastAttempt.AddSeconds(1); //TODO schauen ob hier im Original wirklich Sekunden gemeint sind
if(now<lastAttempt)
{
reply.writeInt8((int)Login.LOGIN_INVALID_TIME);
client.send(reply);
return;
}
}
mLastLoginAttemptForIP[address]=now;
string username=msg.readString();
string password=msg.readString();
if(Program.stringFilter.findDoubleQuotes(username))
{
reply.writeInt8((int)ErrorMessage.ERRMSG_INVALID_ARGUMENT);
client.send(reply);
return;
}
uint maxClients=(uint)Configuration.getValue("net_maxClients", 1000);
if(getClientCount()>=maxClients)
{
reply.writeInt8((int)ErrorMessage.ERRMSG_SERVER_FULL);
client.send(reply);
return;
}
// Check if the account exists
ISL.Server.Account.Account acc=null;
foreach(ISL.Server.Account.Account tmp in mPendingAccounts)
{
if(tmp.getName()==username)
{
acc=tmp;
break;
}
}
mPendingAccounts.Remove(acc);
//TODO Überprüfen ob SHA256 das gewünschte Ergebniss liefert
if(acc!=null)
{
if(SHA256.HashString(acc.getPassword()+acc.getRandomSalt())!=password)
{
reply.writeInt8((int)ErrorMessage.ERRMSG_INVALID_ARGUMENT);
client.send(reply);
//delete acc;
return;
}
}
if(acc.getLevel()==(int)AccessLevel.AL_BANNED)
{
reply.writeInt8((int)Login.LOGIN_BANNED);
client.send(reply);
//delete acc;
return;
}
// The client successfully logged in...
// Set lastLogin date of the account.
DateTime login=DateTime.Now;
acc.setLastLogin(login);
Program.storage.updateLastLogin(acc);
// Associate account with connection.
client.setAccount(acc);
client.status=AccountClientStatus.CLIENT_CONNECTED;
reply.writeInt8((int)ErrorMessage.ERRMSG_OK);
addServerInfo(reply);
client.send(reply); // Acknowledge login
// Return information about available characters
Dictionary<uint, Character> chars=acc.getCharacters();
// Send characters list
foreach(ISL.Server.Account.Character character in chars.Values)
{
sendCharacterData(client, character);
}
}
void handleRegisterMessage(AccountClient client, MessageIn msg)
{
int clientVersion=msg.readInt32();
string username=msg.readString();
string password=msg.readString();
string email=msg.readString();
string captcha=msg.readString();
MessageOut reply=new MessageOut(Protocol.APMSG_REGISTER_RESPONSE);
if(client.status!=AccountClientStatus.CLIENT_LOGIN)
{
reply.writeInt8((int)ErrorMessage.ERRMSG_FAILURE);
}
else if(!mRegistrationAllowed)
{
reply.writeInt8((int)ErrorMessage.ERRMSG_FAILURE);
}
else if(clientVersion<ManaServ.PROTOCOL_VERSION)
{
reply.writeInt8((int)Register.REGISTER_INVALID_VERSION);
}
else if(Program.stringFilter.findDoubleQuotes(username)
||Program.stringFilter.findDoubleQuotes(email)
||username.Length<mMinNameLength
||username.Length>mMaxNameLength
||!Program.stringFilter.isEmailValid(email)
||!Program.stringFilter.filterContent(username))
{
reply.writeInt8((int)ErrorMessage.ERRMSG_INVALID_ARGUMENT);
}
else if(Program.storage.doesUserNameExist(username))
{
reply.writeInt8((int)Register.REGISTER_EXISTS_USERNAME);
}
else if(Program.storage.doesEmailAddressExist(SHA256.HashString(email)))
{
reply.writeInt8((int)Register.REGISTER_EXISTS_EMAIL);
}
else if(!checkCaptcha(client, captcha))
{
reply.writeInt8((int)Register.REGISTER_CAPTCHA_WRONG);
}
else
{
ISL.Server.Account.Account acc=new ISL.Server.Account.Account();
acc.setName(username);
acc.setPassword(SHA256.HashString(password));
// We hash email server-side for additional privacy
// we ask for it again when we need it and verify it
// through comparing it with the hash.
acc.setEmail(SHA256.HashString(email));
acc.setLevel((int)AccessLevel.AL_PLAYER);
// Set the date and time of the account registration, and the last login
DateTime regdate=DateTime.Now;
acc.setRegistrationDate(regdate);
acc.setLastLogin(regdate);
Program.storage.addAccount(acc);
reply.writeInt8((int)ErrorMessage.ERRMSG_OK);
addServerInfo(reply);
// Associate account with connection
client.setAccount(acc);
client.status=AccountClientStatus.CLIENT_CONNECTED;
}
client.send(reply);
}
void tokenMatched(AccountClient client, int accountID)
{
MessageOut reply=new MessageOut(Protocol.APMSG_RECONNECT_RESPONSE);
//Associate account with connection.
ISL.Server.Account.Account acc=Program.storage.getAccount(accountID);
client.setAccount(acc);
client.status=AccountClientStatus.CLIENT_CONNECTED;
reply.writeInt8((int)ErrorMessage.ERRMSG_OK);
client.send(reply);
// Return information about available characters
Dictionary<uint, Character> chars=acc.getCharacters();
// Send characters list
foreach(Character character in chars.Values)
{
sendCharacterData(client, character);
}
}
