private AuthenticationResult Authenticate(string id, string key)
{
AuthenticationResult result = null;
//Support checking only the lower 26 bits of the key, because of stupid Wiegand protocol!
if (key.StartsWith("W26#"))
{
using (var db = new AccessControlDatabase()) {
var sql = @"
SELECT
m.member_id AS 'Id',
m.name AS 'Name',
m.type AS 'Type',
m.apricot_admin AS Admin,
m.joined AS Joined,
m.expires AS Expiration,
DATE_ADD(m.expires, INTERVAL 7 DAY) > NOW() AS AccessGranted
FROM
member m
INNER JOIN keycode k
ON m.member_id = k.member_id
WHERE
0x00FFFFFE & CONV(k.keycode_id, 16, 10) = CONV(@0, 16, 10)
LIMIT 1;" ;
result = db.SingleOrDefault <AuthenticationResult>(sql, key.Substring(6));
}
}
else
{
using (var db = new AccessControlDatabase()) {
var sql = @"
SELECT
m.member_id AS 'Id',
m.name AS 'Name',
m.type AS 'Type',
m.apricot_admin AS Admin,
m.joined AS Joined,
m.expires AS Expiration,
DATE_ADD(m.expires, INTERVAL 7 DAY) > NOW() AS AccessGranted
FROM
member m
INNER JOIN keycode k
ON m.member_id = k.member_id
WHERE
k.keycode_id = @1
LIMIT 1;" ;
result = db.SingleOrDefault <AuthenticationResult>(sql, id, key);
}
}
RecordAttempt(id, key, result?.Id ?? -1, result?.AccessGranted ?? false, true, false);
if (result == null)
{
throw new Exception("Code not found");
}
return(result);
}
public IActionResult Initialize([FromBody] string payload)
{
try {
var request = JsonDocument.Parse(payload).RootElement;
var id = request.GetProperty("Id").GetInt32();
var version = request.GetProperty("Version").GetString();
DbResult result;
using (var db = new AccessControlDatabase()) {
var sql = @"
SELECT
r.name,
r.timeout,
r.enabled,
g.name AS groupName,
r.settings
FROM
reader r
INNER JOIN `group` g
ON r.group_id = g.group_id
WHERE
r.reader_id = @0
LIMIT 1;" ;
result = db.SingleOrDefault <DbResult>(sql, id);
}
if (id < 1 || result == null)
{
return(StatusCode(401));
}
var clientAddress = HttpContext.Connection.RemoteIpAddress.ToString();
RecordClient(id, clientAddress, version, payload);
var output = new ReaderResult {
Name = result.name,
Timeout = result.timeout,
Enabled = result.enabled,
Group = result.groupName,
Settings = result.settings,
};
return(new JsonResult(output));
}
catch (Exception ex) {
Console.Write(ex.ToString());
return(StatusCode(500));
}
}
public IActionResult Lookup(string id)
{
try {
DbResult result;
using (var db = new AccessControlDatabase()) {
var sql = @"
SELECT
r.name,
r.timeout,
r.enabled,
g.name AS groupName,
r.address
FROM
reader r
INNER JOIN `group` g
ON r.group_id = g.group_id
WHERE
r.reader_id = @0
LIMIT 1;" ;
result = db.SingleOrDefault <DbResult>(sql, id);
}
if (result == null)
{
return(StatusCode(403));
}
var clientAddress = HttpContext.Connection.RemoteIpAddress.ToString();
if (result.address != clientAddress)
{
RecordClientAddress(id, clientAddress);
}
var output = new ReaderResult {
Name = result.name,
Timeout = result.timeout,
Enabled = result.enabled,
Group = result.groupName,
};
return(new JsonResult(output));
}
catch {
return(StatusCode(500));
}
}
private AuthenticationResult Authenticate(string key, int readerId)
{
if (!string.IsNullOrEmpty(key))
{
int? groupId = null;
string sql = null;
using (var db = new AccessControlDatabase()) {
sql = @"
SELECT
group_id
FROM
reader
WHERE
reader_id = @0
AND enabled = 1
LIMIT 1;" ;
groupId = db.SingleOrDefault <int?>(sql, readerId);
if (groupId == null)
{
return(null);
}
//Support checking only the lower 26 bits of the key, because of stupid Wiegand protocol!
if (key.StartsWith("W26#"))
{
if (groupId != 0)
{
sql = @"
SELECT
m.member_id AS 'Id',
m.name AS 'Name',
m.type AS 'Type',
m.apricot_admin AS Admin,
m.joined AS Joined,
m.expires AS Expiration,
DATE_ADD(m.expires, INTERVAL 7 DAY) > NOW() AS AccessGranted
FROM
member m
INNER JOIN keycode k
ON m.member_id = k.member_id
INNER JOIN group_member gm
ON m.member_id = gm.member_id
WHERE
0x00FFFFFF & CONV(k.keycode_id, 16, 10) = CONV(@0, 16, 10)
AND gm.group_id = @1
LIMIT 1;" ;
}
else
{
sql = @"
SELECT
m.member_id AS 'Id',
m.name AS 'Name',
m.type AS 'Type',
m.apricot_admin AS Admin,
m.joined AS Joined,
m.expires AS Expiration,
DATE_ADD(m.expires, INTERVAL 7 DAY) > NOW() AS AccessGranted
FROM
member m
INNER JOIN keycode k
ON m.member_id = k.member_id
WHERE
0x00FFFFFF & CONV(k.keycode_id, 16, 10) = CONV(@0, 16, 10)
LIMIT 1;" ;
}
return(db.SingleOrDefault <AuthenticationResult>(sql, key.Substring(6), groupId));
}
else
{
if (groupId != 0)
{
sql = @"
SELECT
m.member_id AS 'Id',
m.name AS 'Name',
m.type AS 'Type',
m.apricot_admin AS Admin,
m.joined AS Joined,
m.expires AS Expiration,
DATE_ADD(m.expires, INTERVAL 7 DAY) > NOW() AS AccessGranted
FROM
member m
INNER JOIN keycode k
ON m.member_id = k.member_id
INNER JOIN group_member gm
ON m.member_id = gm.member_id
WHERE
(k.keycode_id = @0 OR k.keycode_id = @1)
AND gm.group_id = @2
LIMIT 1;" ;
}
else
{
sql = @"
SELECT
m.member_id AS 'Id',
m.name AS 'Name',
m.type AS 'Type',
m.apricot_admin AS Admin,
m.joined AS Joined,
m.expires AS Expiration,
DATE_ADD(m.expires, INTERVAL 7 DAY) > NOW() AS AccessGranted
FROM
member m
INNER JOIN keycode k
ON m.member_id = k.member_id
WHERE
(k.keycode_id = @0 OR k.keycode_id = @1)
LIMIT 1;" ;
}
// Check for older style keys with the trailing # in the database
return(db.SingleOrDefault <AuthenticationResult>(sql, key, $"{key}#", groupId));
}
}
}
return(null);
}