public void Index(Request req, Response res)
{
if (!LoginServer.Instance.Conf.Login.IsTrustedSource(req.ClientIp))
{
return;
}
var name = req.Parameter("name");
var pass = req.Parameter("pass");
// Check parameters
if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass))
{
res.Send("0");
return;
}
// Get account
var account = LoginServer.Instance.Database.GetAccount(name);
if (account == null)
{
res.Send("0");
return;
}
// Check password
var passwordCorrect = Password.Check(pass, account.Password);
// Response
res.Send(passwordCorrect ? "1" : "0");
}
public override void Handle(HttpRequestEventArgs args, string requestuestPath, string localPath)
{
var request = args.Request;
var response = args.Response;
if (!LoginServer.Instance.Conf.Login.IsTrustedSource(request.ClientIp))
{
return;
}
var name = request.Parameter("name");
var pass = request.Parameter("pass");
// Check parameters
if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pass))
{
response.Send("0");
return;
}
// Get account
var account = LoginServer.Instance.Database.GetAccount(name);
if (account == null)
{
response.Send("0");
return;
}
// Check password
var passwordCorrect = Password.Check(pass, account.Password);
// Response
response.Send(passwordCorrect ? "1" : "0");
}
public HttpMessage <string> ChangePass(ProfileUser profile_user)
{
return(TryCatchResponse(() =>
{
if (profile_user == null || string.IsNullOrEmpty(profile_user.Email))
{
throw new Exception("Неверные параметры для изменения пароля.");
}
List <User> users = GetUsers(profile_user.Email);
if (users == null || users.Count == 0)
{
throw new Exception("Пользователь не найден.");
}
User user = GetUserByPass(Password.ComputeHash(profile_user.Pass), users);
if (user == null)
{
throw new Exception("Неверно указан пароль.");
}
if (string.IsNullOrEmpty(profile_user.ChangePass))
{
throw new Exception("Не указан новый пароль.");
}
switch (Password.Check(profile_user.ChangePass))
{
case 1: throw new Exception("Пароль слишком короткий.");
case 2: throw new Exception("Не указан хотя бы один заглавный символ.");
case 3: throw new Exception("Не указан хотя бы один прописной символ.");
case 4: throw new Exception("Не указана хотя бы одна цифра.");
default: break;
}
SetPassword(users[0], users[0].Email, profile_user.ChangePass, "Изменение пароля в Auto Parts Site");
return CreateResponseOk("Ok");
}));
}
public void Internal_ServerIdentify(LoginClient client, Packet packet)
{
var passwordHash = packet.GetString();
if (!Password.Check(LoginServer.Instance.Conf.Internal.Password, passwordHash))
{
Send.Internal_ServerIdentifyR(client, false);
Log.Warning("Invalid internal password from '{0}'.", client.Address);
client.Kill();
return;
}
client.State = ClientState.LoggedIn;
lock (LoginServer.Instance.ChannelClients)
LoginServer.Instance.ChannelClients.Add(client);
Send.Internal_ServerIdentifyR(client, true);
}
public void Login(LoginClient client, Packet packet)
{
// Officially you're disconnected if your client's ident is incorrect,
// we give a meaningful message instead, because users commonly try
// to use Aura with non-NA clients.
if (!LoginServer.Instance.Conf.Login.IdentAllow.IsMatch(client.Ident))
{
Send.LoginR_Msg(client, "Unfortunately Aura doesn't support your client, please use the latest, updated NA client.\nIf you're the admin, you can disable this check in 'login.conf'.");
return;
}
var loginType = (LoginType)packet.GetByte();
var accountId = packet.GetString();
var password = "";
var secondaryPassword = "";
var sessionKey = 0L;
switch (loginType)
{
// Normal login, password
case LoginType.Normal:
case LoginType.EU:
case LoginType.KR:
case LoginType.CmdLogin:
// [150100] From raw to MD5
// [KR180XYY] From MD5 to SHA1
var passbin = packet.GetBin();
password = Encoding.UTF8.GetString(passbin);
// Upgrade raw to MD5
if (loginType == LoginType.EU)
{
password = Password.RawToMD5(passbin);
}
// Upgrade MD5 to SHA1 (used by newer clients)
if (password.Length == 32) // MD5
{
password = Password.MD5ToSHA256(password);
}
// Create new account
if (LoginServer.Instance.Conf.Login.NewAccounts && (accountId.StartsWith("new//") || accountId.StartsWith("new__")))
{
accountId = accountId.Remove(0, 5);
if (!LoginServer.Instance.Database.AccountExists(accountId) && password != "")
{
LoginServer.Instance.Database.CreateAccount(accountId, password);
Log.Info("New account '{0}' was created.", accountId);
}
}
// Set login type to normal if it's not secondary,
// we have all information and don't care anymore.
if (loginType != LoginType.SecondaryPassword)
{
loginType = LoginType.Normal;
}
break;
// Logging in, coming from a channel
case LoginType.FromChannel:
// [160XXX] Double account name
{
packet.GetString();
}
sessionKey = packet.GetLong();
break;
// Second password
case LoginType.SecondaryPassword:
// [XXXXXX] Double account name
{
packet.GetString();
}
sessionKey = packet.GetLong();
secondaryPassword = packet.GetString(); // SSH1
break;
case LoginType.CHN:
sessionKey = packet.GetLong();
secondaryPassword = packet.GetString();
break;
// Unsupported NX hash
case LoginType.NewHash:
// Triggered by people using their official accounts?
// Are those information cached somewhere?
// TODO: Rephrase? Sounds weird, as if we *know* their data.
Send.LoginR_Msg(client, Localization.Get("Please don't use your official login information."));
return;
// Unsupported/unknown type
case LoginType.CH:
default:
Send.LoginR_Msg(client, Localization.Get("Unsupported password encryption, please use the latest NA client."));
return;
}
var machineId = packet.GetBin();
var unkInt1 = packet.GetInt();
var unkInt2 = packet.GetInt();
var localClientIP = packet.GetString();
// Get account
var account = LoginServer.Instance.Database.GetAccount(accountId);
if (account == null)
{
Send.LoginR_Fail(client, LoginResult.IdOrPassIncorrect);
return;
}
// Update account's secondary password
if (loginType == LoginType.SecondaryPassword && account.SecondaryPassword == null)
{
account.SecondaryPassword = secondaryPassword;
LoginServer.Instance.Database.UpdateAccountSecondaryPassword(account);
}
if (loginType == LoginType.CHN)
{
#warning RSA for tiancity password
}
// Check bans
if (account.BannedExpiration > DateTime.Now)
{
Send.LoginR_Msg(client, Localization.Get("You've been banned till {0}.\r\nReason: {1}"), account.BannedExpiration, account.BannedReason);
return;
}
// Check password/session
if (!Password.Check(password, account.Password) && account.SessionKey != sessionKey)
{
Send.LoginR_Fail(client, LoginResult.IdOrPassIncorrect);
return;
}
// Check secondary password
if (loginType == LoginType.SecondaryPassword)
{
// Set new secondary password
if (account.SecondaryPassword == null)
{
account.SecondaryPassword = secondaryPassword;
LoginServer.Instance.Database.UpdateAccountSecondaryPassword(account);
}
// Check secondary
else if (account.SecondaryPassword != secondaryPassword)
{
Send.LoginR_Fail(client, LoginResult.SecondaryFail);
return;
}
}
// Check logged in already
if (account.LoggedIn)
{
Send.LoginR_Fail(client, LoginResult.AlreadyLoggedIn);
return;
}
account.SessionKey = LoginServer.Instance.Database.CreateSession(account.Name);
// Second password, please!
if (LoginServer.Instance.Conf.Login.EnableSecondaryPassword && loginType == LoginType.Normal)
{
Send.LoginR_Secondary(client, account, account.SessionKey);
return;
}
// Update account
account.LastLogin = DateTime.Now;
account.LoggedIn = true;
LoginServer.Instance.Database.UpdateAccount(account);
// Req. Info
account.CharacterCards = LoginServer.Instance.Database.GetCharacterCards(account.Name);
account.PetCards = LoginServer.Instance.Database.GetPetCards(account.Name);
account.Characters = LoginServer.Instance.Database.GetCharacters(account.Name);
account.Pets = LoginServer.Instance.Database.GetPetsAndPartners(account.Name);
account.Gifts = LoginServer.Instance.Database.GetGifts(account.Name);
// Add free cards if there are none.
// If you don't have chars and char cards, you get a new free card,
// if you don't have pets or pet cards either, you'll also get a 7-day horse.
if (account.CharacterCards.Count < 1 && account.Characters.Count < 1)
{
// Free card
var card = LoginServer.Instance.Database.AddCard(account.Name, 147, 0);
account.CharacterCards.Add(card);
if (account.PetCards.Count < 1 && account.Pets.Count < 1)
{
// 7-day Horse
card = LoginServer.Instance.Database.AddCard(account.Name, MabiId.PetCardType, 260016);
account.PetCards.Add(card);
}
}
// Success
Send.LoginR(client, account, account.SessionKey, LoginServer.Instance.ServerList.List);
client.Account = account;
client.State = ClientState.LoggedIn;
Log.Info("User '{0}' logged in.", account.Name);
}
public bool Check(string checkedPassword)
{
Password password = new Password("Password123456123456");
return password.Check(checkedPassword);
}
public bool Check(string checkedPassword)
{
Password password = new Password("Password123456123456");
return(password.Check(checkedPassword));
}
