Esempio n. 1
0
		public static void AddUser(User user)
		{
			Settings.ConnectionString.UsingConnection(conn => conn.UsingCommand("insert into users ([login], [pass], [avatar]) values (@login, @pass, @avatar)",
				cmd =>
				{
					cmd.AddParam("login", user.Login, DbType.String);
					cmd.AddParam("pass", user.Pass, DbType.String);
					cmd.AddParam("avatar", user.Avatar, DbType.String);
					if(cmd.ExecuteNonQuery() > 0)
						Log.DebugFormat("Add user '{0}'", user.Login);
				}));
		}
Esempio n. 2
0
		protected override AjaxResult ProcessRequestInternal(HttpContext context)
		{
			AntiFlood.CheckFlood($"{context.Request.CurrentExecutionFilePath}:{context.Request.UserHostAddress}", 50);

			User user;
			if(context.Request.QueryString["signup"] != null)
			{
				throw new HttpException(403, "Registration is disabled");

				var login = context.Request.Form["login"].TrimToNull();
				if(login == null)
					throw new HttpException(400, "Login is empty");
				if(login.Length < 4)
					throw new HttpException(400, "Login too short");
				if(login.Length > Settings.MaxLoginLength)
					throw new HttpException(400, "Login too long");

				try
				{
					user = new User {Login = login, Pass = RandomPass(), Avatar = RandomAvatar()};
					DbStorage.AddUser(user);
				}
				catch(Exception)
				{
					throw new HttpException(400, "User already exists? Try another login");
				}
			}
			else
			{
				var pass = context.Request.Form["pass"].TrimToNull();
				if(pass == null)
					throw new HttpException(403, "Access denied");

				user = DbStorage.FindUserByPass(pass);
				if(user == null)
					throw new HttpException(403, "Access denied");

				var utcNow = DateTime.UtcNow;

				if(user.StartTime > utcNow)
					throw new HttpException(403, $"Start at '{user.StartTime.ToReadable()}'");

				if(user.EndTime != DateTime.MinValue && user.EndTime < utcNow)
					throw new HttpException(403, "The End");
			}

			AuthModule.SetAuthLoginCookie(user.Login.Trim());

			return new AjaxResult {Text = user.Pass};
		}
Esempio n. 3
0
		public static User FindUser(string key, string value)
		{
			return Settings.ConnectionString.UsingConnection(conn => conn.UsingCommand($"select [login], [pass], [avatar], [startat], [endat] from users where {key} = @val",
				cmd =>
				{
					cmd.AddParam("val", value, DbType.String);
					var reader = cmd.ExecuteReader();
					if(reader.IsClosed || !reader.Read())
						return null;
					var user = new User
					{
						Login = reader.GetString(0),
						Pass = reader.GetString(1),
						Avatar = reader.TryGetString(2),
						StartTime = reader.TryGetDateTime(3),
						EndTime = reader.TryGetDateTime(4)
					};
					Log.DebugFormat("Found user '{0}'", user.Login);
					return user;
				}));
		}