コード例 #1
0
        public async Task <ActionResult <byte[]> > GetCvk([FromRoute] Guid vuid, [FromRoute] string token, [FromHeader] Guid tranid)
        {
            var tran = TranToken.Parse(FromBase64(token));

            var account = await _managerCvk.GetById(vuid);

            if (account == null || !tran.Check(account.CvkiAuth, vuid.ToByteArray()))
            {
                _logger.LoginUnsuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, vuid, $"Unsuccessful login for {vuid} with {token}");
                return(Unauthorized($"Invalid account or signature"));
            }

            if (!tran.OnTime)
            {
                _logger.LoginUnsuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, vuid, $"Expired token: {token}");
                return(StatusCode(408, new TranToken().ToString()));
            }

            _logger.LoginSuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, vuid, $"Returning cvk from {vuid}");
            return(account.CvkiAuth.Encrypt(account.CVKi.ToByteArray(true, true)));
        }
コード例 #2
0
        public async Task <ActionResult> Authenticate([FromRoute] Guid uid, [FromRoute] C25519Point point, [FromRoute] string token, [FromHeader] Guid tranid)
        {
            if (!token.FromBase64UrlString(out byte[] bytesToken))
            {
                _logger.LoginUnsuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, uid, $"Authenticate: Invalid token format for {uid}");
                return(Unauthorized());
            }

            var tran    = TranToken.Parse(bytesToken);
            var account = await _manager.GetById(uid);

            if (account == null || tran == null || !tran.Check(account.PrismiAuth, uid.ToByteArray()))
            {
                if (account == null)
                {
                    _logger.LoginUnsuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, uid, $"Authenticate: Account {uid} does not exist");
                }
                else
                {
                    _logger.LoginUnsuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, uid, $"Authenticate: Invalid token for {uid}");
                }

                return(Unauthorized("Invalid account or signature"));
            }

            if (!tran.OnTime)
            {
                _logger.LoginUnsuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, uid, $"Authenticate: Expired token for {uid}");
                return(StatusCode(418, new TranToken().ToString()));
            }

            _logger.LoginSuccessful(ControllerContext.ActionDescriptor.ControllerName, tranid, uid, $"Authenticate: Successful login for {uid}");
            var cvkAuthi = (point * account.Cmki).ToByteArray();

            return(Ok(account.PrismiAuth.EncryptStr(cvkAuthi)));
        }