void MvcApplication_PostAuthenticateRequest(object sender, EventArgs e)
{
if (DateTime.UtcNow.Subtract(lastPollCheck).TotalMinutes > 15)
{
PollController.AutoClosePolls();
lastPollCheck = DateTime.UtcNow;
}
Account acc = null;
if (Request[GlobalConst.ASmallCakeCookieName] != null)
{
var testAcc = Account.AccountByName(new ZkDataContext(), Request[GlobalConst.ASmallCakeLoginCookieName]);
if (testAcc != null)
{
if (AuthTools.ValidateSiteAuthToken(testAcc.Name, testAcc.Password, Request[GlobalConst.ASmallCakeCookieName]))
{
acc = testAcc;
}
}
}
if (acc == null)
{
if (Request[GlobalConst.LoginCookieName] != null)
{
acc = AuthServiceClient.VerifyAccountHashed(Request[GlobalConst.LoginCookieName], Request[GlobalConst.PasswordHashCookieName]);
}
}
if (acc != null)
{
var ip = GetUserIP();
using (var db = new ZkDataContext()) {
var penalty = Punishment.GetActivePunishment(acc.AccountID, ip, null, x => x.BanSite, db);
if (penalty != null)
{
Response.Write(string.Format("You are banned! (IP match to account {0})\n", penalty.AccountByAccountID.Name));
Response.Write(string.Format("Ban expires: {0} UTC\n", penalty.BanExpires));
Response.Write(string.Format("Reason: {0}\n", penalty.Reason));
Response.End();
}
else
{
HttpContext.Current.User = acc;
// todo replace with safer permanent cookie
Response.SetCookie(new HttpCookie(GlobalConst.LoginCookieName, acc.Name)
{
Expires = DateTime.Now.AddMonths(12)
});
Response.SetCookie(new HttpCookie(GlobalConst.PasswordHashCookieName, acc.Password)
{
Expires = DateTime.Now.AddMonths(12)
});
}
}
}
}
public ActionResult Logon(string username, string password, string referer)
{
// block excessive login attempts
if (!Global.Server.LoginChecker.VerifyIp(Request.UserHostAddress))
{
return(Content("Too many login failures, access blocked"));
}
// return from steam openid
var openid = new OpenIdRelyingParty();
IAuthenticationResponse response = openid.GetResponse();
if (response != null)
{
return(ProcessSteamOpenIDResponse(response));
}
// initiate steam login request if no password provided
if (string.IsNullOrEmpty(password))
{
return(RedirectToSteamOpenID(username, referer, openid));
}
// standard login
var db = new ZkDataContext();
var loginUpper = username.ToUpper();
var acc = db.Accounts.FirstOrDefault(x => x.Name == username) ?? db.Accounts.FirstOrDefault(x => x.Name.ToUpper() == loginUpper);
if (acc == null)
{
return(Content("Invalid login name"));
}
var hashed = Utils.HashLobbyPassword(password);
acc = AuthServiceClient.VerifyAccountHashed(acc.Name, hashed);
if (acc != null)
{
FormsAuthentication.SetAuthCookie(acc.Name, true);
if (string.IsNullOrEmpty(referer))
{
referer = Url.Action("Index");
}
return(Redirect(referer));
}
else
{
Trace.TraceWarning("Invalid login attempt for {0}", username);
Global.Server.LoginChecker.LogIpFailure(Request.UserHostAddress);
return(Content("Invalid password"));
}
}
public void SubmitMissionScore(string login, string passwordHash, string missionName, int score, int gameSeconds, string missionVars = "")
{
missionName = Mission.GetNameWithoutVersion(missionName);
using (var db = new ZkDataContext())
{
var acc = AuthServiceClient.VerifyAccountHashed(login, passwordHash);
if (acc == null)
{
throw new ApplicationException("Invalid login or password");
}
acc.Xp += GlobalConst.XpForMissionOrBots;
var mission = db.Missions.Single(x => x.Name == missionName);
if (score != 0)
{
var scoreEntry = mission.MissionScores.FirstOrDefault(x => x.AccountID == acc.AccountID);
if (scoreEntry == null)
{
scoreEntry = new MissionScore()
{
MissionID = mission.MissionID, AccountID = acc.AccountID, Score = int.MinValue
};
mission.MissionScores.Add(scoreEntry);
}
if (score > scoreEntry.Score)
{
var max = mission.MissionScores.Max(x => (int?)x.Score);
if (max == null || max <= score)
{
mission.TopScoreLine = login;
acc.Xp += 150; // 150 for getting top score
}
scoreEntry.Score = score;
scoreEntry.Time = DateTime.UtcNow;
scoreEntry.MissionRevision = mission.Revision;
scoreEntry.GameSeconds = gameSeconds;
}
}
acc.CheckLevelUp();
db.SubmitChanges();
// ====================
// campaign stuff
ProgressCampaign(acc.AccountID, mission.MissionID, missionVars);
}
}
public ActionResult Logon(string login, string password, string referer)
{
var db = new ZkDataContext();
var acc = db.Accounts.FirstOrDefault(x => x.Name == login); // FIXME: might want to just not allow duplicate names to happen in the first place
if (acc == null)
{
return(Content("Invalid login name"));
}
var hashed = Utils.HashLobbyPassword(password);
acc = AuthServiceClient.VerifyAccountHashed(login, hashed);
if (acc == null)
{
return(Content("Invalid password"));
}
else
{
// todo replace with safer permanent cookie
Response.SetCookie(new HttpCookie(GlobalConst.LoginCookieName, login)
{
Expires = DateTime.Now.AddMonths(12)
});
Response.SetCookie(new HttpCookie(GlobalConst.PasswordHashCookieName, hashed)
{
Expires = DateTime.Now.AddMonths(12)
});
FormsAuthentication.SetAuthCookie(acc.Name, false);
if (string.IsNullOrEmpty(referer))
{
referer = Url.Action("Index");
}
return(Redirect(referer));
}
}
public void SubmitMissionScore(string login, string passwordHash, string missionName, int score, int gameSeconds, string missionVars = "")
{
missionName = Mission.GetNameWithoutVersion(missionName);
using (var db = new ZkDataContext())
{
var acc = AuthServiceClient.VerifyAccountHashed(login, passwordHash);
if (acc == null)
{
Trace.TraceWarning("Invalid login attempt for {0}", login);
System.Threading.Thread.Sleep(new Random().Next(2000));
}
acc.Xp += GlobalConst.XpForMissionOrBots;
var mission = db.Missions.Single(x => x.Name == missionName);
if (score != 0 || mission.RequiredForMultiplayer)
{
var scoreEntry = mission.MissionScores.FirstOrDefault(x => x.AccountID == acc.AccountID);
if (scoreEntry == null)
{
scoreEntry = new MissionScore()
{
MissionID = mission.MissionID, AccountID = acc.AccountID, Score = int.MinValue
};
mission.MissionScores.Add(scoreEntry);
}
if (score > scoreEntry.Score)
{
var max = mission.MissionScores.Max(x => (int?)x.Score);
if (max == null || max <= score)
{
mission.TopScoreLine = login;
acc.Xp += 150; // 150 for getting top score
}
scoreEntry.Score = score;
scoreEntry.Time = DateTime.UtcNow;
scoreEntry.MissionRevision = mission.Revision;
scoreEntry.GameSeconds = gameSeconds;
}
}
acc.CheckLevelUp();
db.SaveChanges();
if (!acc.CanPlayMultiplayer)
{
if (
db.Missions.Where(x => x.RequiredForMultiplayer)
.All(y => y.MissionScores.Any(z => z.AccountID == acc.AccountID)))
{
acc.CanPlayMultiplayer = true;
db.SaveChanges();
Global.Server.PublishAccountUpdate(acc);
Global.Server.GhostPm(acc.Name, "Congratulations! You are now authorized to play MultiPlayer games!");
}
}
}
}