예제 #1
0
        public async Task SeedAsync(IUnitOfWork uow)
        {
#if DEBUG
            var account = await uow.Accounts.FirstAsync();

            var login = new Login();
            login.AccountId = account.Id;
            login.Username  = "******";
            login.Salt      = _secureHashProvider.Random(64);
            login.Hash      = _secureHashProvider.Hash("test" + login.Salt);
            login.Email     = "*****@*****.**";
            uow.Logins.Add(login);
#endif
        }
예제 #2
0
        private async Task <AuthenticationResult> Authenticate(INetworkMessage message, AuthenticationNetworkContext context)
        {
            await _authenticationSynchronizationContextService.Acquire();

            try
            {
                AuthenticationResult result = AuthenticationResult.Unknown;
                if (message is AuthenticationRequest request)
                {
                    _logger.LogInformation($"User login attempt: {request.Username} with password: {request.Password} with client version: {request.ClientLongVersion}");
                    try
                    {
                        await using (var uow = _unitOfWorkFactory.Create())
                        {
                            if (request.ClientLongVersion != ClientLongVersion)
                            {
                                result = AuthenticationResult.InvalidClientVersion;
                            }
                            else
                            {
                                var login = await uow.Logins.Where(p => p.Username == request.Username).FirstOrDefaultAsync();

                                if (login == null)
                                {
                                    result = AuthenticationResult.InvalidUsername;
                                }
                                else
                                {
                                    if (login.DisabledUntil != null && login.DisabledUntil > DateTime.Now)
                                    {
                                        result = AuthenticationResult.CellphoneLocked;
                                    }
                                    else
                                    {
                                        var hash = _secureHashProvider.Hash(request.Password + login.Salt);
                                        if (hash != login.Hash)
                                        {
                                            result = AuthenticationResult.InvalidPassword;
                                        }
                                        else
                                        {
                                            var account = await uow.Accounts.Where(p => p.Id == login.AccountId).FirstOrDefaultAsync();

                                            if (account.Online)
                                            {
                                                result = AuthenticationResult.AlreadyLoggedIn;
                                            }
                                            else
                                            {
                                                if (!account.Enabled)
                                                {
                                                    result = AuthenticationResult.BlockedAccount;
                                                }
                                                else
                                                {
                                                    account.Online = true;

                                                    account.Key1    = _secureHashProvider.RandomInt();
                                                    account.Key2    = _secureHashProvider.RandomInt();
                                                    result          = AuthenticationResult.Success;
                                                    context.Account = account;
                                                }
                                            }
                                        }
                                    }
                                    uow.LoginAttempts.Add(new LoginAttempt(context.Options.RemoteIPAddress, login.Id, result == AuthenticationResult.Success));
                                    await uow.CommitAsync();
                                }
                            }
                        }
                    }
                    catch (Exception ex)
                    {
                        result = AuthenticationResult.Unknown;
                        _logger.LogError(ex, "Process");
                    }
                }
                return(result);
            }
            finally
            {
                _authenticationSynchronizationContextService.Release();
            }
        }