public void Login(string username, string password, string token)
{
bool loggedIn = false;
Account account;
string message;
do
{
account = Account.Get(username);
if (account == null)
{
message = "Invalid username or password.";
break;
}
if (Session != null)
{
message = "You are already logged in.";
break;
}
if (!Util.IsValidUsername(username))
{
message = Util.InvalidUsernameMessage;
break;
}
if (string.IsNullOrEmpty(password))
{
if (string.IsNullOrEmpty(token))
{
message = "Missing password.";
break;
}
var loginToken = LoginToken.Find(account.Id, token);
if (loginToken == null)
{
message = "Automatic login failed. Login with your username and password.";
break;
}
loginToken.UpdateAccessed(UserAgent, Address);
IsTokenLogin = true;
loggedIn = true;
message = $"Logged in as {account.Name}.";
}
else
{
if (!Util.IsValidPassword(password))
{
message = Util.InvalidPasswordMessage;
break;
}
var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt)));
if (givenPassword != account.Password)
{
account = null;
message = "Invalid username or password.";
break;
}
var newToken = new LoginToken
{
UserId = account.Id,
Created = Util.GetCurrentTimestamp(),
Accessed = Util.GetCurrentTimestamp(),
UserAgent = UserAgent,
Address = Address,
Token = Util.GenerateLoginToken(),
};
newToken.Insert();
IsTokenLogin = false;
token = newToken.Token;
loggedIn = true;
message = $"Logged in as {account.Name}.";
}
} while (false);
if (loggedIn)
{
Send(new AuthenticateResponse
{
Name = account.Name,
Tokens = token,
Success = true
});
var session = Program.SessionManager.GetOrCreate(account);
session.Add(this);
}
SendSysMessage(message);
}
public void Login(string username, string password, List <string> tokens)
{
Account account = null;
string message;
do
{
if (Session != null)
{
message = "You are already logged in.";
break;
}
if (!Util.IsValidUsername(username))
{
message = Util.InvalidUsernameMessage;
break;
}
var existingTokens = LoginToken.FindAll(username).ToList();
if (String.IsNullOrEmpty(password))
{
if (tokens.Count == 0)
{
message = "Missing password.";
break;
}
if (!existingTokens.Any(t => t.Address == Address && tokens.Contains(t.Token)))
{
message = "Automatic login failed. Login with your username and password.";
break;
}
account = Account.Get(username);
tokens = existingTokens.Select(t => t.Token).ToList();
message = String.Format("Logged in as {0}.", account.Name);
}
else
{
if (!Util.IsValidPassword(password))
{
message = Util.InvalidPasswordMessage;
break;
}
account = Account.Get(username);
if (account == null)
{
message = "Invalid username or password.";
break;
}
var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt)));
if (givenPassword != account.Password)
{
account = null;
message = "Invalid username or password.";
break;
}
LoginToken newToken = existingTokens.FirstOrDefault(t => t.Address == Address);
if (newToken == null)
{
newToken = new LoginToken
{
Name = account.Name.ToLower(),
Address = Address,
Token = Util.GenerateLoginToken(),
Created = Util.GetCurrentTimestamp()
};
newToken.Insert();
existingTokens.Add(newToken);
}
tokens = existingTokens.Select(t => t.Token).ToList();
message = String.Format("Logged in as {0}.", account.Name);
}
} while (false);
if (account != null)
{
Send(new AuthenticateResponse
{
Name = account.Name,
Tokens = string.Join(",", tokens),
Success = true
});
var session = Program.SessionManager.GetOrCreate(account);
session.Add(this);
}
SendSysMessage(message);
}