/// <summary>
/// Verifies a user token
/// </summary>
/// <param name="tokenToVerify">The token to verify</param>
/// <returns>The ID of the user if authentication was successful, 0 otherwise</returns>
internal int VerifyToken(UserToken tokenToVerify)
{
int userID = GetID(tokenToVerify.username);
if (userID != 0 && getUserToken(userID).Verify(tokenToVerify))
return userID;
else
return 0;
}
/// <summary>
/// Sends an upload request with a single song and either an upvote or a downvote.
/// The server will check the database for that song. If the song exists, it will
/// add the vote to it, otherwise it will add the song to the server and save it
/// with the vote.
///
/// The response will contain a single SongParameters item with the song and it's score
/// </summary>
/// <param name="song">Song to upload</param>
/// <param name="upOrDownvote">Vote. True if an upvote, false otherwise.</param>
/// <param name="userInfo">The user authentication token</param>
public BBRequest(SongParameters song, bool upOrDownvote, UserToken userInfo)
{
requestType = new UpDownVote(song, upOrDownvote, userInfo);
}
/// <summary>
/// Verifies that two tokens are equal to each other and the "expires" date has not passed.
/// Uses SlowEquals to prevent timing attacks.
/// </summary>
/// <param name="token">Token to compare</param>
/// <returns>Whether the tokens match and are valid</returns>
public bool Verify(UserToken token)
{
bool equal = (this.username.ToLower() == token.username.ToLower());
equal &= (TrimMilliseconds(this.expires) == TrimMilliseconds(token.expires));
equal &= (this.expires.CompareTo(DateTime.Now) > 0);
equal &= PasswordHash.PasswordHash.SlowEquals(Convert.FromBase64String(this.token), Convert.FromBase64String(token.token));
return equal;
}
/// <summary>
/// Sends a request to the server to verify a user token is valid.
/// </summary>
/// <param name="token">Token to verify</param>
/// <returns>True if the token is valid</returns>
public bool VerifyToken(UserToken token)
{
TokenVerifyRequest request = new TokenVerifyRequest(token);
object reply;
using (TcpClient client = new TcpClient()) {
client.Connect(serverEndPoint);
NetworkStream networkStream = client.GetStream();
Message.Send(networkStream, request);
reply = Message.Recieve(networkStream);
}
if (reply == null)
throw new Exception("BBRequest Error: Expected reply but recieved none");//Console.Error.WriteLine("BBRequest Error: Expected reply but recieved none");
else if (!(reply is TokenVerifyResponse))
throw new Exception("BBRequest Error: Expected VerifyTokenResponse but recieved unknown response type");
else
return ((TokenVerifyResponse)reply).valid;
}
public TokenVerifyRequest(UserToken token)
{
this.token = token;
}
public UpDownVote(SongParameters song, bool vote, UserToken userInfo)
: base(userInfo)
{
this.song = song;
this.vote = vote;
}
public AuthResponse(UserToken token)
{
this.token = token;
}
public RequestScore(SongParameters song, UserToken userInfo)
: base(userInfo)
{
this.song = song;
}
protected Request(UserToken userInfo)
{
this.userToken = userInfo;
}
/// <summary>
/// Sends a request for the score of a single song.
///
/// The response will contain a single SongParameters item with the song and it's score
/// </summary>
/// <param name="song">Song to check the score of</param>
/// <param name="userInfo">The user authentication token</param>
public BBRequest(SongParameters song, UserToken userInfo)
{
requestType = new RequestScore(song, userInfo);
}
private void startUp()
{
UserToken tempToken = new UserToken(Properties.Settings.Default.username, Properties.Settings.Default.expires, Properties.Settings.Default.token);
if (server.Test())
{
if (server.VerifyToken(tempToken))
{
currentUser = tempToken;
accountForm.user.Text = currentUser.username;
}
else
{
MessageBox.Show("Login has expired. Please log in again");
accountForm.ShowDialog();
}
createRedditThreads();
}
else
{
MessageBox.Show("Server is not connected. Try again later", "Auto-login failed");
}
}
private void sendScore(int tempScore, SongParameters tempSong, UserToken tempUser, int tempGenre)
{
if (server.Test())
{
if (tempScore > 0) server.SendRequest(new BBRequest(tempSong, true, tempUser));
else if (tempScore < 0) server.SendRequest(new BBRequest(tempSong, false, tempUser));
createRedditThreads();
if (!this.IsDisposed) this.Invoke((MethodInvoker)delegate { this.Invalidate(); });
}
}