public bool DecryptCredentials(out Account account, ClearIdentificationMessage message)
{
try
{
account = null;
var username = message.username;
var password = message.password;
account = AccountManager.Instance.FindAccountByLogin(username);
if (account == null)
{
return(false);
}
return(account.PasswordHash == password.GetMD5());
}
catch (Exception)
{
account = null;
return(false);
}
}
public static void HandleClearIdentificationMessage(AuthClient client, ClearIdentificationMessage message)
{
lock (ConnectionQueue.SyncRoot)
ConnectionQueue.Remove(client);
if (client.QueueShowed)
{
SendQueueStatusMessage(client, 0, 0); // close the popup
}
/* Invalid password */
if (!CredentialManager.Instance.DecryptCredentials(out var account, message))
{
SendIdentificationFailedMessage(client, IdentificationFailureReasonEnum.WRONG_CREDENTIALS);
client.DisconnectLater(1000);
return;
}
/* Check ServerIP - AntiBot Mesure */
if (!message.serverIp.Contains(AuthServer.CustomHost)) //Will cause problem with NAT as CustomHost will not be the public server IP
{
SendIdentificationFailedMessage(client, IdentificationFailureReasonEnum.BANNED);
client.DisconnectLater(1000);
return;
}
SendCredentialsAcknowledgementMessage(client);
client.Account = account;
/* Check Sanctions */
if (account.IsBanned && account.BanEndDate > DateTime.Now)
{
SendIdentificationFailedBannedMessage(client, account.BanEndDate.Value);
client.DisconnectLater(1000);
return;
}
if (account.IsLifeBanned)
{
SendIdentificationFailedBannedMessage(client);
client.DisconnectLater(1000);
return;
}
if (account.BanEndDate < DateTime.Now)
{
account.IsBanned = false;
account.IsJailed = false;
account.BanEndDate = null;
}
var ipBan = AccountManager.Instance.FindMatchingIpBan(client.IP);
if (ipBan != null && ipBan.GetRemainingTime() > TimeSpan.Zero)
{
SendIdentificationFailedBannedMessage(client, ipBan.GetEndDate());
client.DisconnectLater(1000);
return;
}
var hardwareIdBan = AccountManager.Instance.FindHardwareIdBan(message.hardwareId);
if (hardwareIdBan != null)
{
SendIdentificationFailedBannedMessage(client);
client.DisconnectLater(1000);
return;
}
AccountManager.Instance.DisconnectClientsUsingAccount(account, client, success => AuthServer.Instance.IOTaskPool.AddMessage(() =>
{
// we must reload the record since it may have been modified
if (success)
{
account = AccountManager.Instance.FindAccountById(account.Id);
}
/* Bind Account to Client */
client.Account = account;
client.UserGroup = AccountManager.Instance.FindUserGroup(account.UserGroupId);
client.Account.LastHardwareId = message.hardwareId;
if (client.UserGroup == null)
{
SendIdentificationFailedMessage(client, IdentificationFailureReasonEnum.UNKNOWN_AUTH_ERROR);
logger.Error("User group {0} doesn't exist !", client.Account.UserGroupId);
return;
}
/* Propose at client to give a nickname */
if (client.Account.Nickname == string.Empty)
{
client.Send(new NicknameRegistrationMessage());
return;
}
SendIdentificationSuccessMessage(client, false);
/* If autoconnect, send to the lastServer */
if (message.autoconnect && client.Account.LastConnectionWorld != null && WorldServerManager.Instance.CanAccessToWorld(client, client.Account.LastConnectionWorld.Value))
{
SendSelectServerData(client, WorldServerManager.Instance.GetServerById(client.Account.LastConnectionWorld.Value));
}
else
{
SendServersListMessage(client, 0, true);
}
}), () =>
{
client.Disconnect();
logger.Error("Error while joining last used world server, connection aborted");
});
}
