public void Login(string username, string password, string token) { bool loggedIn = false; Account account; string message; do { account = Account.Get(username); if (account == null) { message = "Invalid username or password."; break; } if (Session != null) { message = "You are already logged in."; break; } if (!Util.IsValidUsername(username)) { message = Util.InvalidUsernameMessage; break; } if (string.IsNullOrEmpty(password)) { if (string.IsNullOrEmpty(token)) { message = "Missing password."; break; } var loginToken = LoginToken.Find(account.Id, token); if (loginToken == null) { message = "Automatic login failed. Login with your username and password."; break; } loginToken.UpdateAccessed(UserAgent, Address); IsTokenLogin = true; loggedIn = true; message = $"Logged in as {account.Name}."; } else { if (!Util.IsValidPassword(password)) { message = Util.InvalidPasswordMessage; break; } var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt))); if (givenPassword != account.Password) { account = null; message = "Invalid username or password."; break; } var newToken = new LoginToken { UserId = account.Id, Created = Util.GetCurrentTimestamp(), Accessed = Util.GetCurrentTimestamp(), UserAgent = UserAgent, Address = Address, Token = Util.GenerateLoginToken(), }; newToken.Insert(); IsTokenLogin = false; token = newToken.Token; loggedIn = true; message = $"Logged in as {account.Name}."; } } while (false); if (loggedIn) { Send(new AuthenticateResponse { Name = account.Name, Tokens = token, Success = true }); var session = Program.SessionManager.GetOrCreate(account); session.Add(this); } SendSysMessage(message); }
public void Login(string username, string password, List <string> tokens) { Account account = null; string message; do { if (Session != null) { message = "You are already logged in."; break; } if (!Util.IsValidUsername(username)) { message = Util.InvalidUsernameMessage; break; } var existingTokens = LoginToken.FindAll(username).ToList(); if (String.IsNullOrEmpty(password)) { if (tokens.Count == 0) { message = "Missing password."; break; } if (!existingTokens.Any(t => t.Address == Address && tokens.Contains(t.Token))) { message = "Automatic login failed. Login with your username and password."; break; } account = Account.Get(username); tokens = existingTokens.Select(t => t.Token).ToList(); message = String.Format("Logged in as {0}.", account.Name); } else { if (!Util.IsValidPassword(password)) { message = Util.InvalidPasswordMessage; break; } account = Account.Get(username); if (account == null) { message = "Invalid username or password."; break; } var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt))); if (givenPassword != account.Password) { account = null; message = "Invalid username or password."; break; } LoginToken newToken = existingTokens.FirstOrDefault(t => t.Address == Address); if (newToken == null) { newToken = new LoginToken { Name = account.Name.ToLower(), Address = Address, Token = Util.GenerateLoginToken(), Created = Util.GetCurrentTimestamp() }; newToken.Insert(); existingTokens.Add(newToken); } tokens = existingTokens.Select(t => t.Token).ToList(); message = String.Format("Logged in as {0}.", account.Name); } } while (false); if (account != null) { Send(new AuthenticateResponse { Name = account.Name, Tokens = string.Join(",", tokens), Success = true }); var session = Program.SessionManager.GetOrCreate(account); session.Add(this); } SendSysMessage(message); }