/// <summary>
/// Handles a request to log in
/// </summary>
/// <param name="message"></param>
protected virtual void HandleLogIn(IIncommingMessage message)
{
if (message.Peer.HasExtension <IUserExtension>())
{
message.Respond("Already logged in", ResponseStatus.Unauthorized);
return;
}
var encryptedData = message.AsBytes();
var securityExt = message.Peer.GetExtension <PeerSecurityExtension>();
var aesKey = securityExt.AesKey;
if (aesKey == null)
{
// There's no aesKey that client and master agreed upon
message.Respond("Insecure request".ToBytes(), ResponseStatus.Unauthorized);
return;
}
var decrypted = Msf.Security.DecryptAES(encryptedData, aesKey);
var data = new Dictionary <string, string>().FromBytes(decrypted);
var db = Msf.Server.DbAccessors.GetAccessor <IAuthDatabase>();
IAccountData accountData = null;
// ---------------------------------------------
// Guest Authentication
if (data.ContainsKey("guest") && EnableGuestLogin)
{
var guestUsername = GenerateGuestUsername();
accountData = db.CreateAccountObject();
accountData.Username = guestUsername;
accountData.IsGuest = true;
accountData.IsAdmin = false;
}
// ----------------------------------------------
// Token Authentication
if (data.ContainsKey("token") && accountData == null)
{
accountData = db.GetAccountByToken(data["token"]);
if (accountData == null)
{
message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
return;
}
var otherSession = GetLoggedInUser(accountData.Username);
if (otherSession != null)
{
otherSession.Peer.Disconnect("Other user logged in");
message.Respond("This account is already logged in".ToBytes(),
ResponseStatus.Unauthorized);
return;
}
}
// ----------------------------------------------
// Username / Password authentication
if (data.ContainsKey("username") && data.ContainsKey("password") && accountData == null)
{
var username = data["username"];
var password = data["password"];
accountData = db.GetAccount(username);
if (accountData == null)
{
// Couldn't find an account with this name
message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
return;
}
if (!Msf.Security.ValidatePassword(password, accountData.Password))
{
// Password is not correct
message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
return;
}
}
if (accountData == null)
{
message.Respond("Invalid request", ResponseStatus.Unauthorized);
return;
}
// Setup auth extension
var extension = message.Peer.AddExtension(CreateUserExtension(message.Peer));
extension.Load(accountData);
var infoPacket = extension.CreateInfoPacket();
// Finalize login
FinalizeLogin(extension);
message.Respond(infoPacket.ToBytes(), ResponseStatus.Success);
return;
}
/// <summary>
/// Handles account registration request
/// </summary>
/// <param name="message"></param>
protected virtual void HandleRegister(IIncommingMessage message)
{
var encryptedData = message.AsBytes();
var securityExt = message.Peer.GetExtension <PeerSecurityExtension>();
var aesKey = securityExt.AesKey;
if (aesKey == null)
{
// There's no aesKey that client and master agreed upon
message.Respond("Insecure request".ToBytes(), ResponseStatus.Unauthorized);
return;
}
var decrypted = Msf.Security.DecryptAES(encryptedData, aesKey);
var data = new Dictionary <string, string>().FromBytes(decrypted);
if (!data.ContainsKey("username") || !data.ContainsKey("password") || !data.ContainsKey("email"))
{
message.Respond("Invalid registration request".ToBytes(), ResponseStatus.Error);
return;
}
var username = data["username"];
var password = data["password"];
var email = data["email"].ToLower();
var usernameLower = username.ToLower();
var extension = message.Peer.GetExtension <IUserExtension>();
if (extension != null && !extension.AccountData.IsGuest)
{
// Fail, if user is already logged in, and not with a guest account
message.Respond("Invalid registration request".ToBytes(), ResponseStatus.Error);
return;
}
if (!IsUsernameValid(usernameLower))
{
message.Respond("Invalid Username".ToBytes(), ResponseStatus.Error);
return;
}
if (Config.ForbiddenUsernames.Contains(usernameLower))
{
// Check if uses forbidden username
message.Respond("Forbidden word used in username".ToBytes(), ResponseStatus.Error);
return;
}
if (Config.ForbiddenWordsInUsernames.FirstOrDefault(usernameLower.Contains) != null)
{
// Check if there's a forbidden word in username
message.Respond("Forbidden word used in username".ToBytes(), ResponseStatus.Error);
return;
}
if ((username.Length < Config.UsernameMinChars) ||
(username.Length > Config.UsernameMaxChars))
{
// Check if username length is good
message.Respond("Invalid usernanme length".ToBytes(), ResponseStatus.Error);
return;
}
if (!ValidateEmail(email))
{
// Check if email is valid
message.Respond("Invalid Email".ToBytes(), ResponseStatus.Error);
return;
}
var db = Msf.Server.DbAccessors.GetAccessor <IAuthDatabase>();
var account = db.CreateAccountObject();
account.Username = username;
account.Email = email;
account.Password = Msf.Security.CreateHash(password);
try
{
db.InsertNewAccount(account);
if (Registered != null)
{
Registered.Invoke(message.Peer, account);
}
message.Respond(ResponseStatus.Success);
}
catch (Exception e)
{
Logs.Error(e);
message.Respond("Username or E-mail is already registered".ToBytes(), ResponseStatus.Error);
}
}
private void HandleUserJoinedChannel(IIncommingMessage message)
{
var data = new List <string>().FromBytes(message.AsBytes());
UserJoinedChannel?.Invoke(data[0], data[1]);
}
public void GameAccessRequestHandler(IIncommingMessage message)
{
if (lobbyRoom == null)
{
message.Respond("Game is not running", ResponseStatus.Failed);
return;
}
var requestData = new MstProperties(new Dictionary <string, string>().FromBytes(message.AsBytes()));
lobbyRoom.GetAccess(message.Peer, requestData, (access, error) =>
{
if (access == null)
{
message.Respond(error ?? "Failed to get access to game", ResponseStatus.Failed);
return;
}
// Send back the access
message.Respond(access, ResponseStatus.Success);
});
}
/// <summary>
/// Handles a request to log in
/// </summary>
/// <param name="message"></param>
protected virtual void HandleLogIn(IIncommingMessage message)
{
/*
* if (message.Peer.HasExtension<IUserExtension>())
* {
* message.Respond("Already logged in", ResponseStatus.Unauthorized);
* return;
* }
*/
var encryptedData = message.AsBytes();
var securityExt = message.Peer.GetExtension <PeerSecurityExtension>();
var aesKey = securityExt.AesKey;
if (aesKey == null)
{
// There's no aesKey that client and master agreed upon
message.Respond("Insecure request".ToBytes(), ResponseStatus.Unauthorized);
return;
}
var decrypted = Msf.Security.DecryptAES(encryptedData, aesKey);
var data = new Dictionary <string, string>().FromBytes(decrypted);
var db = Msf.Server.DbAccessors.GetAccessor <IAuthDatabase>();
IAccountData accountData = null;
accountData = db.CreateAccountObject();
accountData.Username = ClientUI.UsernameGenerator.generateName();
accountData.IsGuest = true;
accountData.IsAdmin = false;
accountData.Properties = new Dictionary <string, string> ();
accountData.Properties.Add(AlbotDictKeys.icon, (UnityEngine.Random.Range(1, 100).ToString()));
//Small hack to check if the key is active
if (data.ContainsKey("AlphaKey") == false || AlbotAlphaKeysModule.requstLogin(data["AlphaKey"]) == false)
{
message.Respond("Invalid Key!", ResponseStatus.Unauthorized);
return;
}
accountData.Properties.Add("AlphaKey", data ["AlphaKey"]);
/*
* // ---------------------------------------------
* // Guest Authentication
* if (data.ContainsKey("guest") && EnableGuestLogin)
* {
* //var guestUsername = GenerateGuestUsername();
* accountData = db.CreateAccountObject();
* accountData.Username = ClientUI.UsernameGenerator.generateName();
* accountData.IsGuest = true;
* accountData.IsAdmin = false;
* accountData.Properties = new Dictionary<string, string> ();
* accountData.Properties.Add(AlbotDictKeys.icon, (UnityEngine.Random.Range(1, 100).ToString()) );
* }
*/
/*
* // ----------------------------------------------
* // Token Authentication
* if (data.ContainsKey("token") && accountData == null)
* {
* accountData = db.GetAccountByToken(data["token"]);
* if (accountData == null)
* {
* message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
* return;
* }
*
* var otherSession = GetLoggedInUser(accountData.Username);
* if (otherSession != null)
* {
* otherSession.Peer.Disconnect("Other user logged in");
* message.Respond("This account is already logged in".ToBytes(),
* ResponseStatus.Unauthorized);
* return;
* }
* }
*/
// ----------------------------------------------
// Username / Password authentication
/*
* if (data.ContainsKey("username") && data.ContainsKey("password") && accountData == null)
* {
* var username = data["username"];
* var password = data["password"];
*
* accountData = db.GetAccount(username);
*
* if (accountData == null)
* {
* // Couldn't find an account with this name
* message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
* return;
* }
*
* if (!Msf.Security.ValidatePassword(password, accountData.Password))
* {
* // Password is not correct
* message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
* return;
* }
* }
*/
if (accountData == null)
{
message.Respond("Invalid request", ResponseStatus.Unauthorized);
return;
}
// Setup auth extension
var extension = message.Peer.AddExtension(CreateUserExtension(message.Peer));
extension.Load(accountData);
var infoPacket = extension.CreateInfoPacket();
// Finalize login
FinalizeLogin(extension);
message.Respond(infoPacket.ToBytes(), ResponseStatus.Success);
return;
}