public void Login(string username, string password, List <string> tokens)
{
Account account = null;
string message;
do
{
if (Session != null)
{
message = "You are already logged in.";
break;
}
if (!Util.IsValidUsername(username))
{
message = Util.InvalidUsernameMessage;
break;
}
var existingTokens = LoginToken.FindAll(username).ToList();
if (String.IsNullOrEmpty(password))
{
if (tokens.Count == 0)
{
message = "Missing password.";
break;
}
if (!existingTokens.Any(t => t.Address == Address && tokens.Contains(t.Token)))
{
message = "Automatic login failed. Login with your username and password.";
break;
}
account = Account.Get(username);
tokens = existingTokens.Select(t => t.Token).ToList();
message = String.Format("Logged in as {0}.", account.Name);
}
else
{
if (!Util.IsValidPassword(password))
{
message = Util.InvalidPasswordMessage;
break;
}
account = Account.Get(username);
if (account == null)
{
message = "Invalid username or password.";
break;
}
var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt)));
if (givenPassword != account.Password)
{
account = null;
message = "Invalid username or password.";
break;
}
LoginToken newToken = existingTokens.FirstOrDefault(t => t.Address == Address);
if (newToken == null)
{
newToken = new LoginToken
{
Name = account.Name.ToLower(),
Address = Address,
Token = Util.GenerateLoginToken(),
Created = Util.GetCurrentTimestamp()
};
newToken.Insert();
existingTokens.Add(newToken);
}
tokens = existingTokens.Select(t => t.Token).ToList();
message = String.Format("Logged in as {0}.", account.Name);
}
} while (false);
if (account != null)
{
Send(new AuthenticateResponse
{
Name = account.Name,
Tokens = string.Join(",", tokens),
Success = true
});
var session = Program.SessionManager.GetOrCreate(account);
session.Add(this);
}
SendSysMessage(message);
}