public async Task <IActionResult> Password(string password, string newpwd, string confirm) { if (newpwd != confirm) { return(Prompt(x => { x.Title = "修改密码失败"; x.Details = "两次密码输入不一致"; x.StatusCode = 400; })); } var validate = SHA256.Validate(User.Identity.Name, password, Account.Salt, Account.Hash); if (!validate) { return(Prompt(x => { x.Title = "修改密码失败"; x.Details = "当前密码输入不正确"; x.StatusCode = 400; })); } var hash1 = SHA256.Generate(newpwd); var hash2 = Lib.SRP6.Generate(User.Identity.Name, newpwd); using (var conn = Account.GetAuthDb()) { await conn.ExecuteAsync( "UPDATE `pomelo_account` SET `Hash` = @hash, `Salt` = @salt WHERE `Id` = @Id;" + "UPDATE `account` SET `v` = @v, `s` = @s WHERE `id` = @Id;", new { hash1.hash, hash1.salt, hash2.v, hash2.s, Account.Id }); } return(Prompt(x => { x.Title = "修改密码成功"; x.Details = "您已成功修改了密码,请使用新密码登录门户网站及游戏客户端。"; })); }
public async Task <IActionResult> Register(string username, string password, string confirm, string email, string contact, uint?referee) { if (password != confirm) { return(Prompt(x => { x.Title = "注册失败"; x.Details = "两次密码输入不一致"; x.StatusCode = 400; })); } using (var conn = Account.GetAuthDb()) { var query = await conn.QueryAsync <int>( "SELECT COUNT(1) FROM `pomelo_account` " + "WHERE `username` = @username;", new { username }); var count = query.First(); if (count > 0) { return(Prompt(x => { x.Title = "注册失败"; x.Details = $"用户名{username}已经被注册,请您更换后再尝试!"; x.StatusCode = 400; })); } query = await conn.QueryAsync <int>( "SELECT COUNT(1) FROM `pomelo_account` " + "WHERE `email` = @email;", new { email }); count = query.First(); if (count > 0) { return(Prompt(x => { x.Title = "注册失败"; x.Details = $"电子邮箱{email}已经被注册,请您更换后再尝试!"; x.StatusCode = 400; })); } var hash1 = SHA256.Generate(password); var hash2 = Lib.SRP6.Generate(username, password); var account = new Account { Username = username, Hash = hash1.hash, Salt = hash1.salt, Role = AccountLevel.Player, Email = email, Contact = contact, Referee = referee }; query = await conn.QueryAsync <int>( "INSERT INTO `pomelo_account` (`Id`, `Username`, `Hash`, `Salt`, `Role`, `Email`, `Contact`, `Referee`) " + "VALUES (@Id, @Username, @Hash, @Salt, @Role, @Email, @Contact, @Referee);" + "SELECT LAST_INSERT_ID();", account); await conn.ExecuteAsync( "INSERT INTO `account` (`id`, `username`, `gmlevel`, `v`, `s`, `email`, `joindate`, `expansion`)" + "VALUES (@entry, @username, @gmlevel, @v, @s, @email, @joindate, @expansion)", new { id = query, username = username.ToUpper(), gmlevel = account.Role, hash2.v, hash2.s, email = email.ToUpper(), joindate = DateTime.UtcNow, expansion = 1 }); // 初始柚子币 await conn.ExecuteAsync( "INSERT INTO `pomelo_currency_owned` (`accid`, `currency`, `amount`) " + "VALUES (@accid, @currency, @amount);", new { accid = query, currency = 2, amount = 200 }); return(Prompt(x => { x.Title = "注册成功"; x.Details = "您已经成功注册柚子通行证,您可以使用该账号登录游戏、论坛发帖、在网站上管理角色公会等。"; x.HideBack = true; x.RedirectText = "登录"; x.RedirectUrl = Url.Action("Login"); })); } }