public void Index(Request req, Response res) { if (!LoginServer.Instance.Conf.Login.IsTrustedSource(req.ClientIp)) { return; } var name = req.Parameter("name"); var pass = req.Parameter("pass"); // Check parameters if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass)) { res.Send("0"); return; } // Get account var account = LoginServer.Instance.Database.GetAccount(name); if (account == null) { res.Send("0"); return; } // Check password var passwordCorrect = Password.Check(pass, account.Password); // Response res.Send(passwordCorrect ? "1" : "0"); }
public override void Handle(HttpRequestEventArgs args, string requestuestPath, string localPath) { var request = args.Request; var response = args.Response; if (!LoginServer.Instance.Conf.Login.IsTrustedSource(request.ClientIp)) { return; } var name = request.Parameter("name"); var pass = request.Parameter("pass"); // Check parameters if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass)) { response.Send("0"); return; } // Get account var account = LoginServer.Instance.Database.GetAccount(name); if (account == null) { response.Send("0"); return; } // Check password var passwordCorrect = Password.Check(pass, account.Password); // Response response.Send(passwordCorrect ? "1" : "0"); }
public HttpMessage <string> ChangePass(ProfileUser profile_user) { return(TryCatchResponse(() => { if (profile_user == null || string.IsNullOrEmpty(profile_user.Email)) { throw new Exception("Неверные параметры для изменения пароля."); } List <User> users = GetUsers(profile_user.Email); if (users == null || users.Count == 0) { throw new Exception("Пользователь не найден."); } User user = GetUserByPass(Password.ComputeHash(profile_user.Pass), users); if (user == null) { throw new Exception("Неверно указан пароль."); } if (string.IsNullOrEmpty(profile_user.ChangePass)) { throw new Exception("Не указан новый пароль."); } switch (Password.Check(profile_user.ChangePass)) { case 1: throw new Exception("Пароль слишком короткий."); case 2: throw new Exception("Не указан хотя бы один заглавный символ."); case 3: throw new Exception("Не указан хотя бы один прописной символ."); case 4: throw new Exception("Не указана хотя бы одна цифра."); default: break; } SetPassword(users[0], users[0].Email, profile_user.ChangePass, "Изменение пароля в Auto Parts Site"); return CreateResponseOk("Ok"); })); }
public void Internal_ServerIdentify(LoginClient client, Packet packet) { var passwordHash = packet.GetString(); if (!Password.Check(LoginServer.Instance.Conf.Internal.Password, passwordHash)) { Send.Internal_ServerIdentifyR(client, false); Log.Warning("Invalid internal password from '{0}'.", client.Address); client.Kill(); return; } client.State = ClientState.LoggedIn; lock (LoginServer.Instance.ChannelClients) LoginServer.Instance.ChannelClients.Add(client); Send.Internal_ServerIdentifyR(client, true); }
public void Login(LoginClient client, Packet packet) { // Officially you're disconnected if your client's ident is incorrect, // we give a meaningful message instead, because users commonly try // to use Aura with non-NA clients. if (!LoginServer.Instance.Conf.Login.IdentAllow.IsMatch(client.Ident)) { Send.LoginR_Msg(client, "Unfortunately Aura doesn't support your client, please use the latest, updated NA client.\nIf you're the admin, you can disable this check in 'login.conf'."); return; } var loginType = (LoginType)packet.GetByte(); var accountId = packet.GetString(); var password = ""; var secondaryPassword = ""; var sessionKey = 0L; switch (loginType) { // Normal login, password case LoginType.Normal: case LoginType.EU: case LoginType.KR: case LoginType.CmdLogin: // [150100] From raw to MD5 // [KR180XYY] From MD5 to SHA1 var passbin = packet.GetBin(); password = Encoding.UTF8.GetString(passbin); // Upgrade raw to MD5 if (loginType == LoginType.EU) { password = Password.RawToMD5(passbin); } // Upgrade MD5 to SHA1 (used by newer clients) if (password.Length == 32) // MD5 { password = Password.MD5ToSHA256(password); } // Create new account if (LoginServer.Instance.Conf.Login.NewAccounts && (accountId.StartsWith("new//") || accountId.StartsWith("new__"))) { accountId = accountId.Remove(0, 5); if (!LoginServer.Instance.Database.AccountExists(accountId) && password != "") { LoginServer.Instance.Database.CreateAccount(accountId, password); Log.Info("New account '{0}' was created.", accountId); } } // Set login type to normal if it's not secondary, // we have all information and don't care anymore. if (loginType != LoginType.SecondaryPassword) { loginType = LoginType.Normal; } break; // Logging in, coming from a channel case LoginType.FromChannel: // [160XXX] Double account name { packet.GetString(); } sessionKey = packet.GetLong(); break; // Second password case LoginType.SecondaryPassword: // [XXXXXX] Double account name { packet.GetString(); } sessionKey = packet.GetLong(); secondaryPassword = packet.GetString(); // SSH1 break; case LoginType.CHN: sessionKey = packet.GetLong(); secondaryPassword = packet.GetString(); break; // Unsupported NX hash case LoginType.NewHash: // Triggered by people using their official accounts? // Are those information cached somewhere? // TODO: Rephrase? Sounds weird, as if we *know* their data. Send.LoginR_Msg(client, Localization.Get("Please don't use your official login information.")); return; // Unsupported/unknown type case LoginType.CH: default: Send.LoginR_Msg(client, Localization.Get("Unsupported password encryption, please use the latest NA client.")); return; } var machineId = packet.GetBin(); var unkInt1 = packet.GetInt(); var unkInt2 = packet.GetInt(); var localClientIP = packet.GetString(); // Get account var account = LoginServer.Instance.Database.GetAccount(accountId); if (account == null) { Send.LoginR_Fail(client, LoginResult.IdOrPassIncorrect); return; } // Update account's secondary password if (loginType == LoginType.SecondaryPassword && account.SecondaryPassword == null) { account.SecondaryPassword = secondaryPassword; LoginServer.Instance.Database.UpdateAccountSecondaryPassword(account); } if (loginType == LoginType.CHN) { #warning RSA for tiancity password } // Check bans if (account.BannedExpiration > DateTime.Now) { Send.LoginR_Msg(client, Localization.Get("You've been banned till {0}.\r\nReason: {1}"), account.BannedExpiration, account.BannedReason); return; } // Check password/session if (!Password.Check(password, account.Password) && account.SessionKey != sessionKey) { Send.LoginR_Fail(client, LoginResult.IdOrPassIncorrect); return; } // Check secondary password if (loginType == LoginType.SecondaryPassword) { // Set new secondary password if (account.SecondaryPassword == null) { account.SecondaryPassword = secondaryPassword; LoginServer.Instance.Database.UpdateAccountSecondaryPassword(account); } // Check secondary else if (account.SecondaryPassword != secondaryPassword) { Send.LoginR_Fail(client, LoginResult.SecondaryFail); return; } } // Check logged in already if (account.LoggedIn) { Send.LoginR_Fail(client, LoginResult.AlreadyLoggedIn); return; } account.SessionKey = LoginServer.Instance.Database.CreateSession(account.Name); // Second password, please! if (LoginServer.Instance.Conf.Login.EnableSecondaryPassword && loginType == LoginType.Normal) { Send.LoginR_Secondary(client, account, account.SessionKey); return; } // Update account account.LastLogin = DateTime.Now; account.LoggedIn = true; LoginServer.Instance.Database.UpdateAccount(account); // Req. Info account.CharacterCards = LoginServer.Instance.Database.GetCharacterCards(account.Name); account.PetCards = LoginServer.Instance.Database.GetPetCards(account.Name); account.Characters = LoginServer.Instance.Database.GetCharacters(account.Name); account.Pets = LoginServer.Instance.Database.GetPetsAndPartners(account.Name); account.Gifts = LoginServer.Instance.Database.GetGifts(account.Name); // Add free cards if there are none. // If you don't have chars and char cards, you get a new free card, // if you don't have pets or pet cards either, you'll also get a 7-day horse. if (account.CharacterCards.Count < 1 && account.Characters.Count < 1) { // Free card var card = LoginServer.Instance.Database.AddCard(account.Name, 147, 0); account.CharacterCards.Add(card); if (account.PetCards.Count < 1 && account.Pets.Count < 1) { // 7-day Horse card = LoginServer.Instance.Database.AddCard(account.Name, MabiId.PetCardType, 260016); account.PetCards.Add(card); } } // Success Send.LoginR(client, account, account.SessionKey, LoginServer.Instance.ServerList.List); client.Account = account; client.State = ClientState.LoggedIn; Log.Info("User '{0}' logged in.", account.Name); }
public bool Check(string checkedPassword) { Password password = new Password("Password123456123456"); return password.Check(checkedPassword); }
public bool Check(string checkedPassword) { Password password = new Password("Password123456123456"); return(password.Check(checkedPassword)); }