public AuthenticationTicket Unprotect(string protectedText, string purpose)
{
var authenticatedUser = JWT.CrackJwt(protectedText);
if (authenticatedUser == null)
{
return(null);
}
return(new AuthenticationTicket(authenticatedUser, "Cookie"));
}
public AuthenticationTicket Unprotect(string protectedText, string purpose)
{
var authenticatedUser = jwt.CrackJwt(protectedText);
if (authenticatedUser == null)
{
throw new InvalidCredentialException("Sorry, you've been logged out, please log in again!");
}
return(new AuthenticationTicket(authenticatedUser, "Cookie"));
}
public async Task <GameScoreResult> SubmitScore(User activeUser, GameType gameId, int score, string scoreToken)
{
var key = await GameRepo.GetGameSigningKey(gameId, activeUser.Id);
GameRepo.DeleteGameSigningKey(gameId, activeUser.Id);
bool succeeded = false;
ClaimsPrincipal token = null;
bool validClaims = false;
if (key != null)
{
token = JwtProvider.CrackJwt(scoreToken, key);
validClaims = token?.Claims.Where(c => c.Type == "g").FirstOrDefault().Value == ((int)gameId).ToString();//don't forget about GUS
validClaims &= token?.Claims.Where(c => c.Type == "u").FirstOrDefault().Value == activeUser.Username;
validClaims &= token?.Claims.Where(c => c.Type == "s").FirstOrDefault().Value == score.ToString();
}
if (!validClaims)
{
throw new CritterException("Sorry, we couldn't record this score! Something went wrong.",
$"Potential cheating: user {activeUser.Id} at game {gameId} with score {score} and token: {scoreToken}",
System.Net.HttpStatusCode.BadRequest, LogLevel.Warning);
}
GameScoreResult result = new GameScoreResult();
using (var trans = TransactionScopeFactory.Create())
{
GameConfig gameCfg = (await ConfigRepo.RetrieveGamesConfigByIds(true, gameId)).FirstOrDefault();
if (gameCfg == null)
{
throw new CritterException("Sorry, we couldn't record this score because this game doesn't exist!",
$"Invalid game ID entered by user {activeUser.Id} for game {gameId} with score {score} and token: {scoreToken}",
System.Net.HttpStatusCode.NotFound, LogLevel.Error);
}
var previousSubmissions = await GameRepo.GetScoreSubmissionCount(gameId, activeUser.Id);
if (gameCfg.DailyCashCountCap <= previousSubmissions)
{
throw new CritterException("Sorry, we couldn't record this score, you have submitted your score too many times for this game today!",
gameCfg.DailyCashCountCap < previousSubmissions ? $"User {activeUser.Id} over-submitted at game {gameId} with token: {scoreToken} somehow" : null,
System.Net.HttpStatusCode.TooManyRequests, gameCfg.DailyCashCountCap < previousSubmissions ? LogLevel.Error : LogLevel.Debug);
}
bool success = await GameRepo.UpsertGameScoreForLeaderboard(activeUser.Id, gameId, score);
if (gameCfg.ScoreToCashFactor.HasValue)
{
int cashVal = (int)((gameCfg.ScoreToCashFactor ?? 1) * score);
cashVal = Math.Min(cashVal, gameCfg.CashCap ?? Int32.MaxValue);
result.CashWon = cashVal;
activeUser = await UserDomain.ChangeUserCash(cashVal, activeUser);
}
result.RemainingSubmissions = (gameCfg.DailyCashCountCap ?? 100) - (previousSubmissions + 1);
await GameRepo.SetScoreSubmissionCount(gameId, activeUser.Id, previousSubmissions + 1);
trans.Complete();
succeeded = true;
}
if (!succeeded)
{
GameRepo.SaveGameSigningKey(gameId, activeUser.Id, key); //let em try again if we Db fail
throw new CritterException("We failed to record your score. Please try and submit again! Contact an admin if this continues.",
$"Failed to record good score for user {activeUser.Id} at game {gameId} with score {score} and token: {scoreToken}",
System.Net.HttpStatusCode.InternalServerError, LogLevel.Error);
}
return(result);
}