예제 #1
0
        /// <summary>
        /// Handles a request to log in
        /// </summary>
        /// <param name="message"></param>
        protected virtual void HandleLogIn(IIncommingMessage message)
        {
            if (message.Peer.HasExtension <IUserExtension>())
            {
                message.Respond("Already logged in", ResponseStatus.Unauthorized);
                return;
            }

            var encryptedData = message.AsBytes();
            var securityExt   = message.Peer.GetExtension <PeerSecurityExtension>();
            var aesKey        = securityExt.AesKey;

            if (aesKey == null)
            {
                // There's no aesKey that client and master agreed upon
                message.Respond("Insecure request".ToBytes(), ResponseStatus.Unauthorized);
                return;
            }

            var decrypted = Msf.Security.DecryptAES(encryptedData, aesKey);
            var data      = new Dictionary <string, string>().FromBytes(decrypted);

            var db = Msf.Server.DbAccessors.GetAccessor <IAuthDatabase>();

            IAccountData accountData = null;

            // ---------------------------------------------
            // Guest Authentication
            if (data.ContainsKey("guest") && EnableGuestLogin)
            {
                var guestUsername = GenerateGuestUsername();
                accountData = db.CreateAccountObject();

                accountData.Username = guestUsername;
                accountData.IsGuest  = true;
                accountData.IsAdmin  = false;
            }

            // ----------------------------------------------
            // Token Authentication
            if (data.ContainsKey("token") && accountData == null)
            {
                accountData = db.GetAccountByToken(data["token"]);
                if (accountData == null)
                {
                    message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
                    return;
                }

                var otherSession = GetLoggedInUser(accountData.Username);
                if (otherSession != null)
                {
                    otherSession.Peer.Disconnect("Other user logged in");
                    message.Respond("This account is already logged in".ToBytes(),
                                    ResponseStatus.Unauthorized);
                    return;
                }
            }

            // ----------------------------------------------
            // Username / Password authentication

            if (data.ContainsKey("username") && data.ContainsKey("password") && accountData == null)
            {
                var username = data["username"];
                var password = data["password"];

                accountData = db.GetAccount(username);

                if (accountData == null)
                {
                    // Couldn't find an account with this name
                    message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
                    return;
                }

                if (!Msf.Security.ValidatePassword(password, accountData.Password))
                {
                    // Password is not correct
                    message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
                    return;
                }
            }

            if (accountData == null)
            {
                message.Respond("Invalid request", ResponseStatus.Unauthorized);
                return;
            }

            // Setup auth extension
            var extension = message.Peer.AddExtension(CreateUserExtension(message.Peer));

            extension.Load(accountData);
            var infoPacket = extension.CreateInfoPacket();

            // Finalize login
            FinalizeLogin(extension);

            message.Respond(infoPacket.ToBytes(), ResponseStatus.Success);
            return;
        }
예제 #2
0
        /// <summary>
        /// Handles account registration request
        /// </summary>
        /// <param name="message"></param>
        protected virtual void HandleRegister(IIncommingMessage message)
        {
            var encryptedData = message.AsBytes();

            var securityExt = message.Peer.GetExtension <PeerSecurityExtension>();
            var aesKey      = securityExt.AesKey;

            if (aesKey == null)
            {
                // There's no aesKey that client and master agreed upon
                message.Respond("Insecure request".ToBytes(), ResponseStatus.Unauthorized);
                return;
            }

            var decrypted = Msf.Security.DecryptAES(encryptedData, aesKey);
            var data      = new Dictionary <string, string>().FromBytes(decrypted);

            if (!data.ContainsKey("username") || !data.ContainsKey("password") || !data.ContainsKey("email"))
            {
                message.Respond("Invalid registration request".ToBytes(), ResponseStatus.Error);
                return;
            }

            var username = data["username"];
            var password = data["password"];
            var email    = data["email"].ToLower();

            var usernameLower = username.ToLower();

            var extension = message.Peer.GetExtension <IUserExtension>();

            if (extension != null && !extension.AccountData.IsGuest)
            {
                // Fail, if user is already logged in, and not with a guest account
                message.Respond("Invalid registration request".ToBytes(), ResponseStatus.Error);
                return;
            }

            if (!IsUsernameValid(usernameLower))
            {
                message.Respond("Invalid Username".ToBytes(), ResponseStatus.Error);
                return;
            }

            if (Config.ForbiddenUsernames.Contains(usernameLower))
            {
                // Check if uses forbidden username
                message.Respond("Forbidden word used in username".ToBytes(), ResponseStatus.Error);
                return;
            }

            if (Config.ForbiddenWordsInUsernames.FirstOrDefault(usernameLower.Contains) != null)
            {
                // Check if there's a forbidden word in username
                message.Respond("Forbidden word used in username".ToBytes(), ResponseStatus.Error);
                return;
            }

            if ((username.Length < Config.UsernameMinChars) ||
                (username.Length > Config.UsernameMaxChars))
            {
                // Check if username length is good
                message.Respond("Invalid usernanme length".ToBytes(), ResponseStatus.Error);

                return;
            }

            if (!ValidateEmail(email))
            {
                // Check if email is valid
                message.Respond("Invalid Email".ToBytes(), ResponseStatus.Error);
                return;
            }

            var db = Msf.Server.DbAccessors.GetAccessor <IAuthDatabase>();

            var account = db.CreateAccountObject();

            account.Username = username;
            account.Email    = email;
            account.Password = Msf.Security.CreateHash(password);

            try
            {
                db.InsertNewAccount(account);

                if (Registered != null)
                {
                    Registered.Invoke(message.Peer, account);
                }

                message.Respond(ResponseStatus.Success);
            }
            catch (Exception e)
            {
                Logs.Error(e);
                message.Respond("Username or E-mail is already registered".ToBytes(), ResponseStatus.Error);
            }
        }
예제 #3
0
        private void HandleUserJoinedChannel(IIncommingMessage message)
        {
            var data = new List <string>().FromBytes(message.AsBytes());

            UserJoinedChannel?.Invoke(data[0], data[1]);
        }
예제 #4
0
파일: BaseLobby.cs 프로젝트: xyberviri/MST
        public void GameAccessRequestHandler(IIncommingMessage message)
        {
            if (lobbyRoom == null)
            {
                message.Respond("Game is not running", ResponseStatus.Failed);
                return;
            }

            var requestData = new MstProperties(new Dictionary <string, string>().FromBytes(message.AsBytes()));

            lobbyRoom.GetAccess(message.Peer, requestData, (access, error) =>
            {
                if (access == null)
                {
                    message.Respond(error ?? "Failed to get access to game", ResponseStatus.Failed);
                    return;
                }

                // Send back the access
                message.Respond(access, ResponseStatus.Success);
            });
        }
예제 #5
0
        /// <summary>
        /// Handles a request to log in
        /// </summary>
        /// <param name="message"></param>
        protected virtual void HandleLogIn(IIncommingMessage message)
        {
            /*
             * if (message.Peer.HasExtension<IUserExtension>())
             * {
             * message.Respond("Already logged in", ResponseStatus.Unauthorized);
             * return;
             * }
             */

            var encryptedData = message.AsBytes();
            var securityExt   = message.Peer.GetExtension <PeerSecurityExtension>();
            var aesKey        = securityExt.AesKey;

            if (aesKey == null)
            {
                // There's no aesKey that client and master agreed upon
                message.Respond("Insecure request".ToBytes(), ResponseStatus.Unauthorized);
                return;
            }

            var decrypted = Msf.Security.DecryptAES(encryptedData, aesKey);
            var data      = new Dictionary <string, string>().FromBytes(decrypted);

            var db = Msf.Server.DbAccessors.GetAccessor <IAuthDatabase>();

            IAccountData accountData = null;

            accountData            = db.CreateAccountObject();
            accountData.Username   = ClientUI.UsernameGenerator.generateName();
            accountData.IsGuest    = true;
            accountData.IsAdmin    = false;
            accountData.Properties = new Dictionary <string, string> ();
            accountData.Properties.Add(AlbotDictKeys.icon, (UnityEngine.Random.Range(1, 100).ToString()));


            //Small hack to check if the key is active
            if (data.ContainsKey("AlphaKey") == false || AlbotAlphaKeysModule.requstLogin(data["AlphaKey"]) == false)
            {
                message.Respond("Invalid Key!", ResponseStatus.Unauthorized);
                return;
            }
            accountData.Properties.Add("AlphaKey", data ["AlphaKey"]);

            /*
             * // ---------------------------------------------
             * // Guest Authentication
             * if (data.ContainsKey("guest") && EnableGuestLogin)
             * {
             * //var guestUsername = GenerateGuestUsername();
             * accountData = db.CreateAccountObject();
             *      accountData.Username = ClientUI.UsernameGenerator.generateName();
             * accountData.IsGuest = true;
             * accountData.IsAdmin = false;
             *      accountData.Properties = new Dictionary<string, string> ();
             *      accountData.Properties.Add(AlbotDictKeys.icon, (UnityEngine.Random.Range(1, 100).ToString()) );
             * }
             */
            /*
             * // ----------------------------------------------
             * // Token Authentication
             * if (data.ContainsKey("token") && accountData == null)
             * {
             * accountData = db.GetAccountByToken(data["token"]);
             * if (accountData == null)
             * {
             * message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
             * return;
             * }
             *
             * var otherSession = GetLoggedInUser(accountData.Username);
             * if (otherSession != null)
             * {
             * otherSession.Peer.Disconnect("Other user logged in");
             * message.Respond("This account is already logged in".ToBytes(),
             * ResponseStatus.Unauthorized);
             * return;
             * }
             * }
             */
            // ----------------------------------------------
            // Username / Password authentication

            /*
             * if (data.ContainsKey("username") && data.ContainsKey("password") && accountData == null)
             * {
             * var username = data["username"];
             * var password = data["password"];
             *
             * accountData = db.GetAccount(username);
             *
             * if (accountData == null)
             * {
             * // Couldn't find an account with this name
             * message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
             * return;
             * }
             *
             * if (!Msf.Security.ValidatePassword(password, accountData.Password))
             * {
             * // Password is not correct
             * message.Respond("Invalid Credentials".ToBytes(), ResponseStatus.Unauthorized);
             * return;
             * }
             * }
             */

            if (accountData == null)
            {
                message.Respond("Invalid request", ResponseStatus.Unauthorized);
                return;
            }

            // Setup auth extension
            var extension = message.Peer.AddExtension(CreateUserExtension(message.Peer));

            extension.Load(accountData);
            var infoPacket = extension.CreateInfoPacket();


            // Finalize login
            FinalizeLogin(extension);

            message.Respond(infoPacket.ToBytes(), ResponseStatus.Success);
            return;
        }