public Session(string ip, User user)
{
this.ip = ip;
this.user = user;
this.expires = DateTime.Now.AddHours(SESSION_LENGTH_IN_HOURS);
}
private int addSession(String IP, User user, out Warning warning)
{
// If the user was already logged in, then don't let another IP log in.
if (loggedInUsers.Contains(user.ID))
{
warning = Warning.USER_ALREADY_LOGGED_IN;
return -1;
}
else
{
loggedInUsers.Add(user.ID);
}
Session session = new Session(IP, user);
int hashcode = session.GetHashCode();
sessions.Add(hashcode, session);
warning = Warning.NONE;
return hashcode;
}
public int Login(string username, string password, string ip, out Warning warning)
{
// If the IP is blocked and the x number of hours hasn't passed, then return warning BLOCKED_IP.
if (blockedIPs.ContainsKey(ip))
{
if (blockedIPs[ip].CompareTo(new DateTime()) > 0)
{
warning = Warning.BLOCKED_IP;
connector.CloseConnection();
return -1;
}
else
{
blockedIPs.Remove(ip);
}
}
User user = null;
// Encrypt password with MD5 hashing
password = encryptPassword(password);
MySqlDataReader dr = connector.selectUserQuery(username, password);
// If the database returns a row then return warning NONE or else keep track of login attemps of this IP.
if (dr.Read())
{
user = new User(int.Parse(dr[0].ToString()), dr[1].ToString(), dr[2].ToString(), dr[3].ToString());
connector.CloseConnection();
int hashcode = addSession(ip, user, out warning);
if (warning == Warning.NONE)
{
// returns hascode associated with session
return hashcode;
}
return -1;
}
else
{
if(loginAttemps.ContainsKey(ip))
loginAttemps[ip] = loginAttemps[ip] + 1;
else
loginAttemps.Add(ip, 1);
// If the user has x number of login attemps, then block his IP for x number of hours.
if (loginAttemps[ip] == NUMBER_OF_LOGIN_ATTEMPTS)
{
blockedIPs.Add(ip, new DateTime().AddHours(NUMBER_OF_HOURS_BLOCKED));
loginAttemps.Remove(ip);
}
}
connector.CloseConnection();
warning = Warning.WRONG_COMBINATION;
return -1;
}
