public JsonResult Signout([FromBody] PostSignoutRequest request)
{
log.Info($"[ID: {HttpContext.Connection.Id}]Got logout request from {HttpContext.Connection.RemoteIpAddress.MapToIPv4()}:{HttpContext.Connection.RemotePort} with user {request.username}.");
// Check if user exists.
var users = from u in db.Users where u.Email == request.username select u;
if (users.Count() != 1)
{
log.Info($"[ID: {HttpContext.Connection.Id}]Request user is not exists.");
return(new JsonResult(ExceptionWorker.InvalidUsername())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
// Cooldown check.
var user = users.First();
var time = TimeWorker.GetTimeStamp10();
var cooldowns = from c in db.Cooldown where c.Uid == user.Id select c;
if (cooldowns.Count() != 1)
{
db.Cooldown.Add(new Cooldown()
{
Uid = user.Id,
TryTimes = 0,
LastTryTime = time,
LastLoginTime = user.CreateTime,
CooldownLevel = 0,
CooldownTime = time
});
db.SaveChanges();
}
cooldowns = from c in db.Cooldown where c.Uid == user.Id select c;
var cooldown = cooldowns.First();
if (Convert.ToDecimal(cooldown.CooldownTime) > Convert.ToDecimal(time))
{
log.Info($"[ID: {HttpContext.Connection.Id}]User {request.username} already in cooldown.");
return(new JsonResult(ExceptionWorker.TooManyTryTimes())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
else
{
if (cooldown.TryTimes >= Program.SecurityLoginTryTimes)
{
cooldown.CooldownLevel++;
cooldown.CooldownTime = time + cooldown.CooldownLevel * cooldown.CooldownLevel * 5 * 60;
db.SaveChanges();
log.Info($"[ID: {HttpContext.Connection.Id}]User {request.username} got into cooldown.");
return(new JsonResult(ExceptionWorker.TooManyTryTimes())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
cooldown.LastTryTime = time;
cooldown.TryTimes++;
db.SaveChanges();
}
// Password check.
var salt = user.CreateTime;
var passwordHashed = HashWorker.HashPassword(request.password, salt);
if (user.Password != passwordHashed)
{
log.Info($"[ID: {HttpContext.Connection.Id}]IP address {HttpContext.Connection.RemoteIpAddress}:{HttpContext.Connection.RemotePort} try to login with user {request.username} but wrong password.");
return(new JsonResult(ExceptionWorker.InvalidPassword())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
// Update cooldown.
cooldown.LastLoginTime = time;
cooldown.TryTimes = 0;
db.SaveChanges();
log.Info($"[ID: {HttpContext.Connection.Id}]Cooldown of user {user.Username} has reseted.");
return(new JsonResult(null)
{
StatusCode = (int)HttpStatusCode.NoContent
});
}
public JsonResult Authenticate([FromBody] PostAuthrnticateRequest request)
{
log.Info($"[ID: {HttpContext.Connection.Id}]Got login request from {HttpContext.Connection.RemoteIpAddress.MapToIPv4()}:{HttpContext.Connection.RemotePort} with user {request.username}.");
// Check if user exists.
var users = from u in db.Users where u.Email == request.username select u;
if (users.Count() != 1)
{
log.Info($"[ID: {HttpContext.Connection.Id}]Request user is not exists.");
return(new JsonResult(ExceptionWorker.InvalidUsername())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
// Cooldown check.
var user = users.First();
var time = TimeWorker.GetTimeStamp10();
var cooldowns = from c in db.Cooldown where c.Uid == user.Id select c;
if (cooldowns.Count() != 1)
{
db.Cooldown.Add(new Cooldown()
{
Uid = user.Id,
TryTimes = 0,
LastTryTime = time,
LastLoginTime = user.CreateTime,
CooldownLevel = 0,
CooldownTime = time
});
db.SaveChanges();
}
cooldowns = from c in db.Cooldown where c.Uid == user.Id select c;
var cooldown = cooldowns.First();
if (Convert.ToDecimal(cooldown.CooldownTime) > Convert.ToDecimal(time))
{
log.Info($"[ID: {HttpContext.Connection.Id}]User {user.Username} already in cooldown.");
return(new JsonResult(ExceptionWorker.TooManyTryTimes())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
else
{
if (cooldown.TryTimes >= Program.SecurityLoginTryTimes)
{
cooldown.CooldownLevel++;
cooldown.CooldownTime = time + cooldown.CooldownLevel * cooldown.CooldownLevel * 5 * 60;
db.SaveChanges();
log.Info($"[ID: {HttpContext.Connection.Id}]User {user.Username} got into cooldown.");
return(new JsonResult(ExceptionWorker.TooManyTryTimes())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
cooldown.LastTryTime = time;
cooldown.TryTimes++;
db.SaveChanges();
}
// Password check.
var salt = user.CreateTime;
var passwordHashed = HashWorker.HashPassword(request.password, salt);
if (user.Password != passwordHashed)
{
log.Info($"[ID: {HttpContext.Connection.Id}]IP address {HttpContext.Connection.RemoteIpAddress}:{HttpContext.Connection.RemotePort} try to login with user {request.username} but wrong password.");
return(new JsonResult(ExceptionWorker.InvalidPassword())
{
StatusCode = (int)HttpStatusCode.Forbidden
});
}
// Update cooldown.
cooldown.LastLoginTime = time;
cooldown.TryTimes = 0;
db.SaveChanges();
log.Info($"[ID: {HttpContext.Connection.Id}]Cooldown of user {request.username} has reseted.");
// Hand token out and select profile.
var accessToken = UuidWorker.GetUuid();
var clientToken = string.Empty;
if (request.clientToken != null)
{
clientToken = request.clientToken;
}
else
{
clientToken = UuidWorker.GetUuid();
}
Tokens token = new Tokens()
{
AccessToken = accessToken,
ClientToken = clientToken,
CreateTime = time,
Status = 2
};
PostAuthrnticateResponse response = new PostAuthrnticateResponse();
var profiles = from p in db.Profiles where p.Uid == user.Id select p;
List <Profile> availableProfiles = new List <Profile>();
foreach (var p in profiles)
{
var playerProfile = new Profile();
playerProfile.id = p.Uuid;
playerProfile.name = p.Name;
if (profiles.Count() > 1)
{
if (p.IsSelected == 1)
{
response.selectedProfile = playerProfile;
token.BindProfileId = p.Id;
log.Info($"[ID: {HttpContext.Connection.Id}]User {request.username} has logged and binded profile {playerProfile.name}.");
}
}
else if (profiles.Count() == 1)
{
response.selectedProfile = playerProfile;
token.BindProfileId = p.Id;
p.IsSelected = 1;
log.Info($"[ID: {HttpContext.Connection.Id}]User {request.username} has logged and binded profile {playerProfile.name}.");
}
else
{
log.Info($"[ID: {HttpContext.Connection.Id}]User {request.username} has logged but not bind any profile.");
}
availableProfiles.Add(playerProfile);
}
var tokens = from t in db.Tokens where t.BindProfileId == token.BindProfileId select t;
foreach (var t in tokens)
{
t.Status = 1;
}
db.Tokens.Add(token);
db.SaveChanges();
// Build response
response.accessToken = accessToken;
response.clientToken = clientToken;
var availableProfilesFinal = availableProfiles.ToArray();
response.availableProfiles = availableProfilesFinal;
if (request.requestUser)
{
var properties = new Properties()
{
name = "preferredLanguage",
value = user.PreferredLanguage
};
response.user = new User()
{
id = user.Username,
properties = new Properties[] { properties }
};
}
return(new JsonResult(response));
}