public ApiAccountModel GetAccount(string token, string accountGuid)
{
if (string.IsNullOrEmpty(accountGuid))
{
accountGuid = JwtCookieManager.GetUserGuid(token);
}
using (DbConnection connection = GetConnection())
{
using (var result = connection.QueryMultiple(
"SELECT * FROM account WHERE accountGuid = @gid; SELECT * FROM managed_world WHERE accountGuid = @gid;",
new { gid = Guid.Parse(accountGuid).ToByteArray() }))
{
AccountModel account = result.ReadSingle <AccountModel>();
List <ManagedServerModel> servers = result.Read <ManagedServerModel>().ToList();
return(new ApiAccountModel()
{
AccountGuid = account.Gid.ToString(),
Name = account.Name,
DisplayName = account.DisplayName,
Email = account.Email,
ManagedWorlds = servers
});
}
}
}
public LoginResult Authenticate(string username, string password)
{
return(new LoginResult()
{
StatusCode = System.Net.HttpStatusCode.OK,
Token = JwtCookieManager.CreateToken(Guid.Parse(me.AccountGuid), 1, me.Name, me.DisplayName, roles.ToArray())
});
}
private bool SaveWeenie(string token, Weenie weenie)
{
if (_weenieCache == null)
{
throw new ApplicationException("Sandboxing is not configured correctly. See error logs for details.");
}
JsonSerializerSettings settings = new JsonSerializerSettings();
settings.NullValueHandling = NullValueHandling.Ignore;
string userGuidString = JwtCookieManager.GetUserGuid(token);
Guid userGuid = Guid.Parse(userGuidString);
string weenieFolder = Path.Combine(_cacheDirectory, "weenies", userGuid.ToString());
if (!Directory.Exists(weenieFolder))
{
Directory.CreateDirectory(weenieFolder);
}
WeenieChange wc = null;
string weenieFile = Path.Combine(weenieFolder, $"{weenie.WeenieId}.json");
if (File.Exists(weenieFile))
{
// replace the weenie
wc = JsonConvert.DeserializeObject <WeenieChange>(File.ReadAllText(weenieFile));
wc.Weenie = weenie;
wc.Submitted = false;
}
else
{
wc = new WeenieChange();
wc.UserGuid = JwtCookieManager.GetUserGuid(token);
wc.Weenie = weenie;
wc.UserName = JwtCookieManager.GetUserDisplayName(token);
wc.SubmissionTime = DateTime.Now;
}
string content = JsonConvert.SerializeObject(wc, settings);
File.WriteAllText(weenieFile, content);
if (!_weenieCache.ContainsKey(userGuid))
{
_weenieCache.TryAdd(userGuid, new Dictionary <uint, string>());
}
if (!_weenieCache[userGuid].ContainsKey(weenie.WeenieId))
{
_weenieCache[userGuid].Add(weenie.WeenieId, weenieFile);
}
return(true);
}
public Recipe GetRecipe(string token, Guid recipeGuid)
{
Guid userGuid = Guid.Parse(JwtCookieManager.GetUserGuid(token));
if (_recipeCache.ContainsKey(userGuid) && _recipeCache[userGuid].ContainsKey(recipeGuid))
{
string file = _recipeCache[userGuid][recipeGuid];
return(JsonConvert.DeserializeObject <Recipe>(File.ReadAllText(file)));
}
return(_backingProvider.GetRecipe(token, recipeGuid));
}
public Content GetContent(string token, Guid contentGuid)
{
Guid userGuid = Guid.Parse(JwtCookieManager.GetUserGuid(token));
if (_contentCache.ContainsKey(userGuid) && _contentCache[userGuid].ContainsKey(contentGuid))
{
string file = _contentCache[userGuid][contentGuid];
return(JsonConvert.DeserializeObject <Content>(File.ReadAllText(file)));
}
return(_backingProvider.GetContent(token, contentGuid));
}
public LoginResult Authenticate(string username, string password)
{
HttpStatusCode resultStatus = HttpStatusCode.Unauthorized;
string resultToken = null;
using (DbConnection connection = GetConnection())
{
var result = connection.Query <AccountModel>(
"SELECT * FROM account WHERE accountName = @name;",
new { name = username }).FirstOrDefault();
if (string.Compare(result?.Name, username, true) == 0)
{
// compare the password
string hashedPassword = HashPassword(password, result.PasswordSalt);
if (string.Compare(result.PasswordHash, hashedPassword) == 0)
{
// password correct
resultStatus = HttpStatusCode.OK;
// fetch subscription / roles
var role = connection.Query <SubscriptionModel>(
"SELECT * FROM subscription WHERE accountGuid = @gid;",
new { gid = result.Gid.ToByteArray() }).FirstOrDefault();
List <string> roles = new List <string>();
foreach (AccessLevel level in Enum.GetValues(typeof(AccessLevel)))
{
if ((int)role.AccessLevel >= (int)level)
{
roles.Add(level.ToString());
}
}
// token
resultToken = JwtCookieManager.CreateToken(
result.Gid,
result.Id,
result.Name,
result.DisplayName,
roles.ToArray());
}
}
}
return(new LoginResult()
{
StatusCode = resultStatus,
Token = resultToken
});
}
public WeenieChange GetMySandboxedChange(string token, uint weenieClassId)
{
string userGuidString = JwtCookieManager.GetUserGuid(token);
Guid userGuid = Guid.Parse(userGuidString);
if (_weenieCache.ContainsKey(userGuid) && _weenieCache[userGuid].ContainsKey(weenieClassId))
{
string fileName = _weenieCache[userGuid][weenieClassId];
WeenieChange wc = JsonConvert.DeserializeObject <WeenieChange>(File.ReadAllText(fileName));
return(wc);
}
return(null);
}
public LoginResult Authenticate(string username, string password)
{
var account = _accountCache.FirstOrDefault(a => a.Username.ToLower() == username.ToLower());
if (account?.PasswordMatches(password) == true)
{
string token = JwtCookieManager.CreateToken(account.AccountGuid, account.Id, account.Username, account.DisplayName, account.GetRoles());
return(new LoginResult()
{
StatusCode = System.Net.HttpStatusCode.OK, Token = token
});
}
return(new LoginResult()
{
StatusCode = System.Net.HttpStatusCode.Unauthorized
});
}
public Weenie GetWeenie(string token, uint weenieClassId)
{
if (token != null)
{
string userGuidString = JwtCookieManager.GetUserGuid(token);
Guid userGuid = Guid.Parse(userGuidString);
if (_weenieCache != null && _weenieCache.ContainsKey(userGuid) &&
_weenieCache[userGuid].ContainsKey(weenieClassId))
{
string file = _weenieCache[userGuid][weenieClassId];
WeenieChange wc = JsonConvert.DeserializeObject <WeenieChange>(File.ReadAllText(file));
return(wc.Weenie);
}
}
return(_backingProvider.GetWeenie(token, weenieClassId));
}
private LocalAccount GetAccount(string token)
{
try
{
var accountGuidString = JwtCookieManager.GetUserGuid(token);
Guid accountGuid;
if (!Guid.TryParse(accountGuidString, out accountGuid))
{
return(null);
}
return(_accountCache.FirstOrDefault(la => la.AccountGuid == accountGuid));
}
catch
{
return(null);
}
}
public List <WeenieChange> GetMyWeenieChanges(string token)
{
string userGuidString = JwtCookieManager.GetUserGuid(token);
Guid userGuid = Guid.Parse(userGuidString);
List <WeenieChange> mine = new List <WeenieChange>();
if (_weenieCache.ContainsKey(userGuid))
{
var c = _weenieCache[userGuid];
foreach (var file in c.Values)
{
var wc = JsonConvert.DeserializeObject <WeenieChange>(File.ReadAllText(file));
if (wc != null)
{
mine.Add(wc);
}
}
}
return(mine);
}
public void UpdateAccount(string token, ApiAccountModel model)
{
string gid = JwtCookieManager.GetUserGuid(token);
if (!Guid.Equals(gid, model.AccountGuid))
{
return;
}
using (DbConnection connection = GetConnection())
{
// we don't care about managed worlds any more
connection.Execute(
"UPDATE account SET displayName = @display, email = @email WHERE accountGuid = @gid",
new
{
gid = model.AccountGuid,
display = model.DisplayName,
email = model.Email
});
}
}
public ApiAccountModel GetAccount(string token, string accountGuid)
{
RestRequest request;
if (string.IsNullOrWhiteSpace(accountGuid))
{
accountGuid = JwtCookieManager.GetUserGuid(token);
}
if (JwtCookieManager.GetUserGuid(token).ToLower() == accountGuid.ToLower())
{
// bypass the admin api if we're asking for our own account
request = BuildRequest("/Account/GetMyAccount", Method.GET, token);
}
else
{
request = BuildRequest("/Account/Get", Method.GET, token);
request.AddQueryParameter("accountGuid", accountGuid);
}
var response = _client.Execute(request);
if (response.StatusCode == HttpStatusCode.OK)
{
return(JsonConvert.DeserializeObject <ApiAccountModel>(response.Content));
}
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
throw new ApplicationException("Destination server disallowed your request.");
}
if (response.StatusCode == HttpStatusCode.NotFound)
{
return(null);
}
throw new ApplicationException($"Unexpected response {response.StatusCode} from server. Content: {response.Content}.");
}
