/// <summary>
/// Authentication module
/// </summary>
public Auth() : base("/api/auth")
{
// Request Body (safer) { "user":"******", "pass":"******", "device":"device name" }
// return apikey=yzx
Post["/"] = x =>
{
string apiKey = "";
//Bind POST body
AuthUser auth = this.Bind();
if (!string.IsNullOrEmpty(auth.user))
{
if (!string.IsNullOrEmpty(auth.device) & auth.pass != null)
{
//create and save new token for authenticated user or return known one
apiKey = UserDatabase.ValidateUser(auth.user, Digest.Hash(auth.pass), auth.device);
if (string.IsNullOrEmpty(apiKey))
{
return(new Response {
StatusCode = HttpStatusCode.Unauthorized
});
}
else
{
return(this.Response.AsJson(new { apikey = apiKey }));
}
}
else
{
//if password or device is missing
return(new Response {
StatusCode = HttpStatusCode.BadRequest
});
}
}
else
{
//if bind failed
return(new Response {
StatusCode = HttpStatusCode.ExpectationFailed
});
}
};
//remove apikey from database
//pass it as ?apikey=xyz
Delete["/"] = x =>
{
var apiKey = (string)this.Request.Query.apikey;
if (UserDatabase.RemoveApiKey(apiKey))
{
return(HttpStatusCode.OK);
}
else
{
return(HttpStatusCode.InternalServerError);
}
};
}
/// <summary>
/// Create user from Contract_JMMUser
/// </summary>
/// <returns></returns>
private object CreateUser()
{
Request request = this.Request;
SVR_JMMUser _user = (SVR_JMMUser)this.Context.CurrentUser;
if (_user.IsAdmin == 1)
{
JMMUser user = this.Bind();
user.Password = Digest.Hash(user.Password);
user.HideCategories = "";
user.PlexUsers = "";
if (new ShokoServiceImplementation().SaveUser(user) == "")
{
return(APIStatus.statusOK());
}
else
{
return(APIStatus.internalError());
}
}
else
{
return(APIStatus.adminNeeded());
}
}
/// <summary>
/// Create user from Contract_JMMUser
/// </summary>
/// <returns></returns>
private object CreateUser()
{
Request request = this.Request;
Entities.JMMUser _user = (Entities.JMMUser) this.Context.CurrentUser;
if (_user.IsAdmin == 1)
{
Contract_JMMUser user = this.Bind();
user.Password = Digest.Hash(user.Password);
user.HideCategories = new HashSet <string>(StringComparer.InvariantCultureIgnoreCase);
user.PlexUsers = new HashSet <string>(StringComparer.InvariantCultureIgnoreCase);
if (new JMMServiceImplementation().SaveUser(user) == "")
{
return(APIStatus.statusOK());
}
else
{
return(APIStatus.internalError());
}
}
else
{
return(APIStatus.adminNeeded());
}
}
public byte[] InputHash(SigHash hashType, Script subScript, int inputIndex)
{
if (hashType.HasFlag(SigHash.None))
{
throw new NotImplementedException();
}
if (hashType.HasFlag(SigHash.Single))
{
throw new NotImplementedException();
}
if (hashType.HasFlag(SigHash.AnyoneCanPay))
{
throw new NotImplementedException();
}
Transaction copy = Transaction.FromByteArray(ToByteArray());
foreach (Input input in copy.Inputs)
{
input.ScriptSig = new Script();
}
copy.Inputs[inputIndex].ScriptSig = subScript;
var verify = new List <byte>();
verify.AddRange(copy.ToByteArray());
verify.AddRange(BitConverter.GetBytes((UInt32)hashType));
return(Digest.Hash <SHA256, SHA256>(verify.ToArray()));
}
public ActionResult ChangePassword(int userID, [FromBody] string password, bool revokeAPIKeys = true)
{
try
{
SVR_JMMUser jmmUser = RepoFactory.JMMUser.GetByID(userID);
if (jmmUser == null)
{
return(BadRequest("User not found"));
}
if (jmmUser.JMMUserID != User.JMMUserID && !User.IsAdminUser())
{
return(Unauthorized());
}
jmmUser.Password = Digest.Hash(password);
RepoFactory.JMMUser.Save(jmmUser, false);
if (revokeAPIKeys)
{
RepoFactory.AuthTokens.DeleteAllWithUserID(jmmUser.JMMUserID);
}
}
catch (Exception ex)
{
return(InternalError(ex.ToString()));
}
return(Ok());
}
private static byte[] GetChecksum(byte[] data)
{
// SHA256 sha256 = new SHA256Managed();
byte[] hash = Digest.Hash <SHA256, SHA256>(data);
var result = new byte[ChecksumSizeInBytes];
Buffer.BlockCopy(hash, 0, result, 0, result.Length);
return(result);
}
public void MultiDigest()
{
Assert.AreEqual(
Digest.Hash <SHA256, SHA256>(new byte[] { 0x01, 0x02, 0x03 }),
new byte[] { 0x19, 0xC6, 0x19, 0x7E, 0x21, 0x40, 0xB9, 0xD0, 0x34, 0xFB, 0x20, 0xB9, 0xAC, 0x7B, 0xB7, 0x53, 0xA4, 0x12, 0x33, 0xCA, 0xF1, 0xE1, 0xDA, 0xFD, 0xA7, 0x31, 0x6A, 0x99, 0xCE, 0xF4, 0x14, 0x16 }
);
Assert.AreEqual(
Digest.Hash <SHA256, RIPEMD160>(new byte[] { 0x01, 0x02, 0x03 }),
new byte[] { 0x6B, 0x6E, 0x89, 0x5C, 0x36, 0x97, 0x9F, 0xB6, 0x06, 0x47, 0x3E, 0x08, 0x68, 0x68, 0x0F, 0x64, 0xBF, 0x72, 0x16, 0x64, 0x2A, 0x16, 0x70, 0xC1, 0xF2, 0x5E, 0xE3, 0xD2, 0xDE, 0x75, 0xAB, 0x71 }
);
}
public JMMUser AuthenticateUser(string userName, string password)
{
using (var session = JMMService.SessionFactory.OpenSession())
{
string hashedPassword = Digest.Hash(password);
JMMUser cr = session
.CreateCriteria(typeof(JMMUser))
.Add(Restrictions.Eq("Username", userName))
.Add(Restrictions.Eq("Password", hashedPassword))
.UniqueResult <JMMUser>();
return(cr);
}
}
public ActionResult ChangePassword([FromBody] string newPassword)
{
try
{
User.Password = Digest.Hash(newPassword.Trim());
RepoFactory.JMMUser.Save(User, false);
RepoFactory.AuthTokens.DeleteAllWithUserID(User.JMMUserID);
return(Ok());
}
catch (Exception ex)
{
logger.Error(ex, ex.ToString());
}
return(InternalError());
}
/// <summary>
/// Create user from Contract_JMMUser
/// </summary>
/// <returns></returns>
private object CreateUser()
{
SVR_JMMUser _user = (SVR_JMMUser)Context.CurrentUser;
if (_user.IsAdmin == 1)
{
JMMUser user = this.Bind();
user.Password = Digest.Hash(user.Password);
user.HideCategories = string.Empty;
user.PlexUsers = string.Empty;
return(new ShokoServiceImplementation().SaveUser(user) == string.Empty
? APIStatus.OK()
: APIStatus.InternalError());
}
return(APIStatus.AdminNeeded());
}
private void CreateInitialUsers()
{
if (RepoFactory.JMMUser.GetAll().Any())
{
return;
}
Thread.CurrentThread.CurrentUICulture = CultureInfo.GetCultureInfo(ServerSettings.Instance.Culture);
string defaultPassword = ServerSettings.Instance.Database.DefaultUserPassword == ""
? ""
: Digest.Hash(ServerSettings.Instance.Database.DefaultUserPassword);
SVR_JMMUser defaultUser = new SVR_JMMUser
{
CanEditServerSettings = 1,
HideCategories = string.Empty,
IsAdmin = 1,
IsAniDBUser = 1,
IsTraktUser = 1,
Password = defaultPassword,
Username = ServerSettings.Instance.Database.DefaultUserUsername
};
RepoFactory.JMMUser.Save(defaultUser, true);
SVR_JMMUser familyUser = new SVR_JMMUser
{
CanEditServerSettings = 1,
HideCategories = "ecchi,nudity,sex,sexual abuse,horror,erotic game,incest,18 restricted",
IsAdmin = 1,
IsAniDBUser = 1,
IsTraktUser = 1,
Password = string.Empty,
Username = "******"
};
RepoFactory.JMMUser.Save(familyUser, true);
}
public JMMUser AuthenticateUser(string userName, string password)
{
string hashedPassword = Digest.Hash(password);
return(Cache.Values.FirstOrDefault(a => a.Username == userName && a.Password == hashedPassword));
}
/// <summary>
/// Returns the address that corresponds to the public part of this ECKey. Note that an address is derived from
/// the RIPEMD-160 hash of the public key and is not the public key itself (which is too large to be convenient).
/// </summary>
public Address ToAddress()
{
byte[] hashedPubKey = Digest.Hash <RIPEMD160, SHA256>(PubKey);
return(new Address(Base58.EncodeWithChecksum(ArrayHelpers.ConcatArrays(new byte[] { 0x00 }, hashedPubKey))));
}
public MessageHeader(string command, byte[] payload)
{
Command = command;
PayloadLength = (UInt32)payload.Length;
ExpectedChecksum = Digest.Hash <SHA256, SHA256>(payload).Take(4).ToArray();
}
public void Step()
{
byte next = Execution.Pop();
bool branchIsRunning = RunBranch.Items.All(b => b);
if (branchIsRunning)
{
if (Opcodes.IsFastPush(next))
{
Main.Push(Execution.Pop(next));
}
else
{
switch ((Op)next)
{
case Op.False:
Main.Push(false);
break;
case Op.PushData1:
int i = new SignedInt(Execution.Pop()).Value;
Main.Push(Execution.Pop(i));
break;
case Op.PushData2:
Main.Push(Execution.Pop(new SignedInt(Execution.Pop(2)).Value));
break;
case Op.PushData4:
Main.Push(Execution.Pop(new SignedInt(Execution.Pop(4)).Value));
break;
case Op.Negate1:
Main.Push(-1);
break;
case Op.True:
Main.Push(true);
break;
case Op.Num2:
Main.Push(2);
break;
case Op.Num3:
Main.Push(3);
break;
case Op.Num4:
Main.Push(4);
break;
case Op.Num5:
Main.Push(5);
break;
case Op.Num6:
Main.Push(6);
break;
case Op.Num7:
Main.Push(7);
break;
case Op.Num8:
Main.Push(8);
break;
case Op.Num9:
Main.Push(9);
break;
case Op.Num10:
Main.Push(10);
break;
case Op.Num11:
Main.Push(11);
break;
case Op.Num12:
Main.Push(12);
break;
case Op.Num13:
Main.Push(13);
break;
case Op.Num14:
Main.Push(14);
break;
case Op.Num15:
Main.Push(15);
break;
case Op.Num16:
Main.Push(16);
break;
case Op.Verify:
if (!Main.PopTruth())
{
throw new Exception();
}
break;
case Op.Return:
throw new Exception();
case Op.ToAltStack:
Alt.Push(Main.Pop());
break;
case Op.FromAltStack:
Main.Push(Alt.Pop());
break;
case Op.IfDup:
if (Main.IsTrue)
{
Main.Push(Main[0]);
}
break;
case Op.Depth:
Main.Push(Main.Count);
break;
case Op.Drop:
Main.Pop();
break;
case Op.Dup:
Main.Push(Main[0]);
break;
case Op.Nip:
Main.RemoveAt(1);
break;
case Op.Over:
Main.Push(Main[1]);
break;
case Op.Pick:
Main.Push(Main[Main.PopInt()]);
break;
case Op.Roll:
int index = Main.PopInt();
byte[] roll = Main[index];
Main.RemoveAt(index);
Main.Push(roll);
break;
case Op.Rot:
byte[][] rot = Main.Pop(3);
Main.Push(new byte[][] { rot[0], rot[2], rot[1] });
break;
case Op.Swap:
byte[][] swap = Main.Pop(2);
Main.Push(new byte[][] { swap[0], swap[1] });
break;
case Op.Tuck:
byte[][] tuck = Main.Pop(2);
Main.Push(new byte[][] { tuck[0], tuck[1], tuck[0] });
break;
case Op.Drop2:
Main.Pop(2);
break;
case Op.Dup2:
Main.Push(new byte[][] { Main[1], Main[0] });
break;
case Op.Dup3:
Main.Push(new byte[][] { Main[2], Main[1], Main[0] });
break;
case Op.Over2:
Main.Push(new byte[][] { Main[3], Main[2] });
break;
case Op.Rot2:
byte[][] rot2 = Main.Pop(6);
Main.Push(new byte[][] { rot2[1], rot2[0], rot2[5], rot2[4], rot2[3], rot2[2] });
break;
case Op.Swap2:
byte[][] swap2 = Main.Pop(4);
Main.Push(new byte[][] { swap2[2], swap2[3], swap2[0], swap2[1] });
break;
case Op.Size:
throw new NotImplementedException();
case Op.Equal:
Main.Push(Main[0].SequenceEqual(Main[1]));
break;
case Op.EqualVerify:
Main.Push(Main[0] == Main[1]);
goto case Op.Verify;
case Op.Add1:
Main.Push(Main.PopInt() + 1);
break;
case Op.Sub1:
Main.Push(Main.PopInt() - 1);
break;
case Op.Negate:
Main.Push(-Main.PopInt());
break;
case Op.Abs:
Main.Push(Math.Abs(Main.PopInt()));
break;
case Op.Not:
Main.Push(Main.PopInt() == 0 ? 1 : 0);
break;
case Op.NotEqual0:
Main.Push(Main.PopInt() == 0 ? 0 : 1);
break;
case Op.Add:
Main.Push(Main.PopInt() + Main.PopInt());
break;
case Op.Sub:
int b = Main.PopInt();
Main.Push(Main.PopInt() - b);
break;
case Op.BoolAnd:
Main.Push(Main.PopBool() && Main.PopBool());
break;
case Op.BoolOr:
Main.Push(Main.PopBool() || Main.PopBool());
break;
case Op.NumEqual:
Main.Push(Main.PopInt() == Main.PopInt());
break;
case Op.NumEqualVerify:
Main.Push(Main.PopInt() == Main.PopInt());
goto case Op.Verify;
case Op.NumNotEqual:
Main.Push(Main.PopInt() != Main.PopInt());
break;
case Op.LessThan:
Main.Push(Main.PopInt() < Main.PopInt());
break;
case Op.GreaterThan:
Main.Push(Main.PopInt() > Main.PopInt());
break;
case Op.LessThanOrEqual:
Main.Push(Main.PopInt() <= Main.PopInt());
break;
case Op.GreaterThanOrEqual:
Main.Push(Main.PopInt() >= Main.PopInt());
break;
case Op.Min:
Main.Push(Math.Min(Main.PopInt(), Main.PopInt()));
break;
case Op.Max:
Main.Push(Math.Max(Main.PopInt(), Main.PopInt()));
break;
case Op.Within:
int max = Main.PopInt();
int min = Main.PopInt();
int x = Main.PopInt();
Main.Push(min <= x && x < max);
break;
case Op.RIPEMD160:
Main.Push(RIPEMD160.Hash(Main.Pop()));
break;
case Op.SHA1:
Main.Push(SHA1.Hash(Main.Pop()));
break;
case Op.SHA256:
Main.Push(SHA256.Hash(Main.Pop()));
break;
case Op.Hash160:
Main.Push(Digest.Hash <RIPEMD160, SHA256>(Main.Pop()));
break;
case Op.Hash256:
Main.Push(Digest.Hash <SHA256, SHA256>(Main.Pop()));
break;
case Op.CodeSeparator:
lastSeparatorIndex = _start.Count - Execution.Count;
break;
case Op.CheckSig:
// Main.Push(Transaction.SigIsValid(Main.Pop(), Main.Pop(), SubScript, InputIndex));
throw new NotImplementedException();
case Op.CheckSigVerify:
throw new NotImplementedException();
case Op.CheckMultiSig:
throw new NotImplementedException();
case Op.CheckMultiSigVerify:
throw new NotImplementedException();
case Op.Reserved:
case Op.Ver:
case Op.Reserved1:
case Op.Reserved2:
throw new Exception(String.Format("Invalid script! (opcode {0} used)", (Op)next));
case Op.If:
case Op.NotIf:
case Op.Else:
case Op.EndIf:
goto case Op.Nop;
case Op.Nop:
case Op.Nop1:
case Op.Nop2:
case Op.Nop3:
case Op.Nop4:
case Op.Nop5:
case Op.Nop6:
case Op.Nop7:
case Op.Nop8:
case Op.Nop9:
case Op.Nop10:
break;
default:
throw new Exception(String.Format("{0} is an invalid opcode", next));
}
}
}
switch ((Op)next)
{
case Op.If:
RunBranch.Push(branchIsRunning && Main.PopBool());
break;
case Op.NotIf:
RunBranch.Push(branchIsRunning && !Main.PopBool());
break;
case Op.Else:
RunBranch.Push(!RunBranch.Pop() && !branchIsRunning);
break;
case Op.EndIf:
RunBranch.Pop();
break;
case Op.VerIf:
case Op.VerNotIf:
throw new Exception(String.Format("Invalid script! (opcode {0} included)", (Op)next));
}
}
