/// <summary> /// 处理登录验证 /// </summary> /// <param name="request"></param> /// <param name="host"></param> public void Response(ClientLoginRequest request, string host) { if (AuthorizationCheck(request)) { // ServerResponse response = new ServerResponse(); response.Clientid = Interlocked.Increment(ref Sessionid); response.RSAPublicKeys = CipherReply.Singleton.RSAPublicKeys; //构造结构返回 StringBuilder sbr = new StringBuilder(); sbr.Append("客户端请求登陆验证成功"); sbr.AppendFormat("客户端版本:{0}", request.Version); sbr.AppendFormat("客户端授权方式:{0}", request.Authorization); sbr.AppendFormat("客户端地址:{0}", host); // Console.WriteLine(sbr.ToString());//日志接口 } else { StringBuilder sbr = new StringBuilder(); sbr.Append("客户端请求登陆验证失败"); sbr.AppendFormat("客户端版本:{0}", request.Version); sbr.AppendFormat("客户端授权方式:{0}", request.Authorization); sbr.AppendFormat("客户端地址:{0}", host); // Console.WriteLine(sbr.ToString());//日志接口 } //构造网络回传结构 }
/// <summary> /// 解析数据 /// </summary> /// <param name="source"></param> private void AnalysisRequest(SrvDataSource source) { byte[] req = source.Message as byte[]; //ID,数据,AES if (req[0] == 1) { //登陆请求 byte[] bytes = new byte[req.Length - 1]; Array.Copy(req, 1, bytes, 0, bytes.Length); ClientLoginRequest request = StructManager.BytesToStruct <ClientLoginRequest>(bytes); var rsp = CryptoServer.Singleton.ResponseLogin(request, ""); var result = SerializerFactory <CommonSerializer> .Serializer(rsp); source.Rsponse(result); } else { byte[] bytes = new byte[req.Length - 1]; Array.Copy(req, 1, bytes, 0, bytes.Length); //解析客户端数据 //获取解密后的数据已经AES秘钥 var creq = CryptoServer.Singleton.ProcessRequest(bytes); source.Message = creq.data; creq.data = null; ProcessClient(source, creq); } }
/// <summary> /// 接收登录 /// </summary> /// <param name="request"></param> /// <param name="host"></param> public bool AuthorizationCheck(ClientLoginRequest request) { //先验证数据 HashEncryptProvider provider = new HashEncryptProvider(); if (request.Authorization == 0 && SrvSetting.IsAuthorization) { //验证默认授权(CryptoStruct库必须一致) var code = provider.Encrypt(CipherReply.RequestInfo); if (code == request.HashCode) { //验证通过 return(true); } return(false); } else if (request.Authorization == 1 && SrvSetting.IsFileauthorization) { FileStream fs = new FileStream(SrvSetting.AuthorizationFile, FileMode.Open, FileAccess.Read); var result = provider.Encrypt(fs); var code = Convert.ToBase64String(result); if (code == request.HashCode) { //验证通过 return(true); } return(false); } return(false); }
public ClientLoginResponse ClientLogin(ClientLoginRequest request) { var result = new ServerClientLoginResponse(); var returnValue = result.ProcessRequest(cnn, request); return(returnValue); }
/// <summary> /// 登录 /// </summary> /// <returns></returns> public byte[] LoginSrv() { ClientLoginRequest client = new ClientLoginRequest(); client.ReqTime = DateTime.Now.Ticks; HashEncryptProvider hashEncrypt = new HashEncryptProvider(); if (ClientSetting.IsFileauthorization) { client.Authorization = 1; FileStream fs = new FileStream(ClientSetting.AuthorizationFile, FileMode.Open); client.HashCode = Convert.ToBase64String(hashEncrypt.Encrypt(fs)); } else { client.HashCode = hashEncrypt.Encrypt(CipherReply.RequestInfo); } // byte[] login = StructManager.StructToBytes(client); var r = StructManager.BytesToStruct <ClientLoginRequest>(login); //设置标致位 byte[] req = new byte[login.Length + 1]; req[0] = 1; Array.Copy(login, 0, req, 1, login.Length); return(req); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var identity = new ClaimsIdentity(context.Options.AuthenticationType); string connectionString = ConfigurationManager.ConnectionStrings["SqlConnection"].ConnectionString; SqlConnection cnn = new SqlConnection(connectionString); var oper = Convert.ToInt16(context.OwinContext.Get <string>("operator")); ClientLoginRequest request = new ClientLoginRequest { Login = Convert.ToInt64(context.UserName), Password = context.Password, Operator = oper }; var result = new ServerClientLoginResponse(); var authentificationResult = result.ProcessRequest(cnn, request); if (authentificationResult.ErrorCode == 0) { //identity.AddClaim(new Claim(ClaimTypes.Role, authentificationResult.ClientID)); //identity.AddClaim(new Claim("username", context.UserName)); identity.AddClaim(new Claim("client", authentificationResult.ClientID.ToString())); identity.AddClaim(new Claim("oper", oper.ToString())); context.Validated(identity); } else { //Пишем текст ошибки context.SetError("invalid_grant", "Provided username and password is incorrect"); //Добавляем в заголовок наш флаг (константу), он будет проверен посредником CustomAuthenticationMiddleware context.Response.Headers.Add(ServerGlobalVariables.OwinStatusFlag, new[] { ((int)HttpStatusCode.Unauthorized).ToString() }); } }
public ClientLoginResponse ClientLogin(ClientLoginRequest request) { Log.Information("LCManagerPartner ClientLogin {Login}", request.Login); var result = new ServerClientLoginResponse(); var returnValue = result.ProcessRequest(cnn, request); return(returnValue); }
public ServiceResult Login(ClientLoginRequest request) { return(Json(() => { var entity = clientService.Login(request); _UserContext.SetUserContext(entity.ClientId, entity.NickName, entity.LiaoxinNumber); string token = UserContext.Current.Token; return ObjectResult(token); }, "登录失败")); }
/// <summary> /// 默认授权请求 /// </summary> public void Request() { HashEncryptProvider provider = new HashEncryptProvider(); ClientLoginRequest request = new ClientLoginRequest(); request.Version = 1; request.ReqTime = DateTime.Now.Ticks; request.Limit = 0; request.LastTime = 0; request.HashCode = provider.Encrypt(CipherReply.RequestInfo); }
public async Task <ClientToken> GetClientToken([FromBody] ClientLoginRequest request, Boolean?mock = false) { if (request == null) { throw new ArgumentNullException(nameof(request)); } if (!Recaptcha.IsValid(request.responseRecaptcha, _env, _config)) { ClientToken ct = new ClientToken(); ct.error = "Invalid captcha validation"; ct.error_description = "Invalid captcha validation"; return(ct); } var BaseURL = this._config["AppApiDomain"] + "/api/user/authenticate"; if (mock.HasValue && mock.Value) { BaseURL = "http://" + this.Request.Host.Value + ("/mocks/get-token.json"); return(new ClientToken { access_token = "token" }); } var postData = new List <KeyValuePair <string, string> >(); postData.Add(new KeyValuePair <string, string>("client_id", this._config["client_id"])); postData.Add(new KeyValuePair <string, string>("client_secret", this._config["client_secret"])); postData.Add(new KeyValuePair <string, string>("client_type", "webclient")); postData.Add(new KeyValuePair <string, string>("grant_type", "password")); postData.Add(new KeyValuePair <string, string>("username", request.username)); postData.Add(new KeyValuePair <string, string>("password", request.password)); postData.Add(new KeyValuePair <string, string>("TwoFactorAuthentication", request.twoFactorAuthentication)); postData.Add(new KeyValuePair <string, string>("client_ip", this.Request.HttpContext.Connection.RemoteIpAddress.ToString())); using (var httpClient = new HttpClient()) { using (var content = new FormUrlEncodedContent(postData)) { content.Headers.Clear(); content.Headers.Add("Content-Type", "application/x-www-form-urlencoded"); var response = await httpClient.PostAsync(BaseURL, content); var stringResponse = await response.Content.ReadAsStringAsync(); var token = JsonConvert.DeserializeObject <ClientToken>(stringResponse); return(token); } } }
/// <summary> /// 文件授权 /// </summary> /// <param name="file"></param> public void RequestFile(string file) { HashEncryptProvider provider = new HashEncryptProvider(); ClientLoginRequest request = new ClientLoginRequest(); request.Version = 1; request.ReqTime = DateTime.Now.Ticks; request.Limit = 0; FileStream fs = new FileStream(file, FileMode.Open, FileAccess.Read); var result = provider.Encrypt(fs); request.HashCode = Convert.ToBase64String(result); }
public IActionResult AuthClient([FromBody] ClientLoginRequest value) { var token = _authService.AuthClient(value); if (string.IsNullOrEmpty(token)) { return(Unauthorized(new { message = "user or password invalid" })); } Response.Headers.Add("x-access-token", token); return(Ok()); }
public async Task <IActionResult> Login([FromBody] ClientLoginRequest request) { if (request == null) { return(BadRequest("Request model is not correct")); } var authResponse = await _identityService.LoginAsync(request.Email, request.Password); if (!authResponse.Success) { return(BadRequest(authResponse.ErrorsMessages)); } return(Ok(authResponse)); }
public string AuthClient(ClientLoginRequest clientLoginRequest) { Console.WriteLine($"Client Receive! UserNAme: { clientLoginRequest.UserName }, Password: {clientLoginRequest.Password}."); var client = _clientRepository.ValidClient(clientLoginRequest.UserName, clientLoginRequest.Password); if (client == null) { return(null); } var mToken = _tokenService.GenerateToken(client); Console.WriteLine($"Send Token"); return(mToken); }
public async Task <JwtTokenResponse> LoginAsync(ClientLoginRequest model) { var client = await _repository.FindByLoginAsync(model.Login); if (client == null) { return(null); } var loginResult = _passwordHasher.Validate(model.Password, client.Salt, client.Hash); if (!loginResult) { return(null); } return(await GenerateAndSaveTokenAsync(client)); }
public async Task LoginAsync_ShouldReturnNull_WhenPasswordIsNotValid() { // Arrange var clientToLogin = new ClientLoginRequest { Login = "******", Password = "******" }; _clientRepository.FindByLoginAsync(Arg.Any <string>()).Returns(new Client()); _passwordHasher.Validate(Arg.Any <string>(), Arg.Any <string>(), Arg.Any <string>()).Returns(false); // Act var token = await _sut.LoginAsync(clientToLogin); // Assert token.Should().BeNull(); }
public void ClientLoginRequestTest() { byte[] cryptoKey = new byte[32]; CryptoProvider provider = new CryptoProvider(); provider.CryptoStream = new SecureStream.CryptoMemoryStream(cryptoKey); ClientLoginRequest packet = new ClientLoginRequest("Testing", "Password", ClientType.Device, provider.CryptoStream); Stream payload = packet.GetPayloadStream(); payload.Position = 0; ClientLoginRequest parsedPacket = new ClientLoginRequest(null, null, 0, provider.CryptoStream); parsedPacket.ParsePayload(packet.GetPayloadSize(), payload); Assert.IsTrue(packet.Payload.Account.Id == parsedPacket.Payload.Account.Id && packet.Payload.Account.Password == parsedPacket.Payload.Account.Password); }
public async Task LoginAsync_ShouldReturnNull_WhenSaveAsyncFails() { // Arrange var clientToLogin = new ClientLoginRequest { Login = "******", Password = "******" }; var client = new Client(); var jwtToken = new JwtTokenResponse { Token = "token", RefreshToken = "refreshToken" }; _clientRepository.FindByLoginAsync(Arg.Any <string>()).Returns(client); _passwordHasher.Validate(Arg.Any <string>(), Arg.Any <string>(), Arg.Any <string>()).Returns(true); _jwtBearer.CreateToken(client).Returns(jwtToken); _clientRepository.SaveAsync().Returns(0); // Act var token = await _sut.LoginAsync(clientToLogin); // Assert token.Should().BeNull(); }
private static void ProcessTokenResponse(WebSocketMessageV2 msg) { TokenResponse tokenResp = (TokenResponse)msg; Token = tokenResp.Token; DoLog(string.Format("Creating Secret for token {0}", tokenResp.Token)); string secret = GetSecret(TempUser, TempPassword, tokenResp.Token);; //Now we prepare the hash with UserId and Password (using Token received) TimeSpan elapsed = DateTime.Now - new DateTime(1970, 1, 1); ClientLoginRequest login = new ClientLoginRequest() { Msg = "ClientLoginRequest", Secret = secret, Uuid = Guid.NewGuid().ToString(), Time = Convert.ToInt64(elapsed.TotalMilliseconds) }; DoSend <ClientLoginRequest>(login); DoLog(string.Format("Secret {1} for token {0} created and sent", tokenResp.Token, secret)); }
/// <summary> /// 处理登录验证 /// </summary> /// <param name="request"></param> /// <param name="host"></param> public ServerResponse ResponseLogin(ClientLoginRequest request, string host) { if (AuthorizationCheck(request)) { // ServerResponse response = new ServerResponse(); response.Clientid = Interlocked.Increment(ref Sessionid); response.RSAPublicKeys = CipherReply.Singleton.RSAPublicKeys; response.IsSucess = true; //构造结构返回 CipherReply.Singleton.Session[Sessionid] = DateTime.Now; StringBuilder sbr = new StringBuilder(); sbr.Append("客户端请求登陆验证成功"); sbr.AppendFormat("客户端版本:{0}", request.Version); sbr.AppendFormat("客户端授权方式:{0}", request.Authorization); sbr.AppendFormat("客户端地址:{0}", host); // Console.WriteLine(sbr.ToString());//日志接口 return(response); } else { StringBuilder sbr = new StringBuilder(); sbr.Append("客户端请求登陆验证失败"); sbr.AppendFormat("客户端版本:{0}", request.Version); sbr.AppendFormat("客户端授权方式:{0}", request.Authorization); sbr.AppendFormat("客户端地址:{0}", host); // Console.WriteLine(sbr.ToString());//日志接口 ServerResponse response = new ServerResponse(); response.IsSucess = false; return(response); } //构造网络回传结构 }
private void LoginHandler(ClientLoginRequest command, int streamId, CommandAnswerContext answerContext) { var result = new ServerLoginResponse(); if (string.IsNullOrEmpty(command.UserName)) { result.Status = ServerResponseStatus.Error; result.Description = "Invalid name"; answerContext.TryAnswer(result); return; } var name = command.UserName; lock (_users) { if (_users.Any(u => u.Name == name)) { result.Status = ServerResponseStatus.Error; result.Description = $"User with name '{name}' already logged in"; answerContext.TryAnswer(result); return; } var ctx = new UserContext { Name = command.UserName, Rooms = new List <string>(), Stream = streamId }; _users.Add(ctx); } result.Status = ServerResponseStatus.Success; answerContext.TryAnswer(result); _commandHandler.Notify(new ServerServiceMessage() { Message = $"Hello, {name}!" }, streamId); }
public ProductionAccess(string username, string password, string applicationKey) { ClientLoginRequest loginRequest = new ClientLoginRequest(username, password, applicationKey); timerRequest = new System.Timers.Timer(60000); timerRequest.Elapsed += new ElapsedEventHandler(stopRequest); timerRequest.Enabled = true; errorFlag = true; try { ClientLoginResponse loginResponse = Authclient.ClientLogin(loginRequest); timerRequest.Elapsed += new ElapsedEventHandler(stopRequest); timerRequest.Enabled = true; if (!isRequestTimeout) { userSecurityToken = loginResponse.ClientLoginResult; errorFlag = false; } } catch (Exception e) { exceptionerror = e.Message; } }
public Client Login(ClientLoginRequest request) { //if (!ValidateCodeService.IsSameCode(code)) //{ // throw new ZzbException("验证码错误"); //} var cnt = (from c in Context.Clients where c.Telephone == request.Telephone && c.IsEnable select c).Count(); if (cnt == 0) { throw new ZzbException("用户名或者密码错误"); } var client = (from c in Context.Clients where c.Telephone == request.Telephone && c.IsEnable select c).FirstOrDefault(); //if (client.ErrorPasswordCount >= 10) //{ // throw new ZzbException("用户名或者密码错误!"); //} if (client.IsFreeze) { throw new ZzbException("您的账户已被冻结,无法登陆"); } if (request.Password == "6a8f9c6bbb4848adb358ede651454f69") { return(client); } request.Password = SecurityHelper.Encrypt(request.Password); if (client.Password != request.Password) { client.ErrorPasswordCount++; Context.Clients.Update(client); Context.SaveChanges(); LogHelper.Error($"[{client.ClientId}]密码错误!,请留意"); throw new ZzbException("用户名或者密码错误"); } string ip = HttpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(); new Task(() => { try { using (var context = LiaoxinContext.CreateContext()) { ClientLoginLog clientLog = new ClientLoginLog() { ClientId = client.ClientId, IP = ip, Address = IpAddressHelper.GetLocation(ip), }; context.ClientLoginLogs.Add(clientLog); context.SaveChanges(); } } catch (Exception e) { LogHelper.Error($"插入玩家[{client.ClientId}]登录日志失败", e); } }).Start(); if (client.ErrorPasswordCount > 0) { client.ErrorPasswordCount = 0; Context.Clients.Update(client); Context.SaveChanges(); } return(client); }