示例#1
0
文件: Database.cs 项目: TwE7k/Pegasus
        public AccountInfo CreateAccount(string username, string password, string ip, Privilege privileges)
        {
            string bcryptPassword = BCryptProvider.HashPassword(password);

            (int rowsEffected, long lastInsertedId) = ExecutePreparedStatement(PreparedStatementId.AccountInsert, username, bcryptPassword, ip, (ushort)privileges);

            var account = new AccountInfo();

            account.Read((uint)lastInsertedId, username, bcryptPassword, privileges);
            return(account);
        }
示例#2
0
        public void AccountCreateCommandHandler(ICommandContext context, string username, string password)
        {
            string encryptedPassword = BCryptProvider.HashPassword(password);

            if (DatabaseManager.Instance.AuthDatabase.CreateAccount(username.ToLower(), encryptedPassword))
            {
                context.SendMessage($"Successfully created Account {username}.");
            }
            else
            {
                context.SendError($"Failed to create account {username}!");
            }
        }
示例#3
0
        public static bool PasswordMatches(this Account account, string password)
        {
            if (account.PasswordSalt == "use bcrypt") // Account password is using bcrypt
            {
                if (Common.ConfigManager.Config.Server.Accounts.ForceWorkFactorMigration &&
                    (BCryptProvider.GetPasswordWorkFactor(account.PasswordHash) != Common.ConfigManager.Config.Server.Accounts.PasswordHashWorkFactor))
                // Upgrade (or downgrade) Password workfactor if not the same as config specifies, ForceWorkFactorMigration is TRUE and Password Matches
                {
                    if (BCryptProvider.Verify(password, account.PasswordHash))
                    {
                        account.SetPassword(password);
                        account.SetSaltForBCrypt();

                        DatabaseManager.Authentication.UpdateAccount(account);

                        return(true);
                    }
                    else
                    {
                        return(false);
                    }
                }
                else
                {
                    return(BCryptProvider.Verify(password, account.PasswordHash));
                }
            }
            else // Account password is using SHA512 salt
            {
                log.Debug($"{account.AccountName} password verified using SHA512 hash/salt, migrating to bcrypt.");

                var input = GetPasswordHash(account, password);

                if (input == account.PasswordHash) // If password matches, migrate to bcrypt
                {
                    account.SetPassword(password);
                    account.SetSaltForBCrypt();

                    DatabaseManager.Authentication.UpdateAccount(account);

                    return(true);
                }
                else
                {
                    return(false);
                }
            }
        }
示例#4
0
        public static Account CreateAccount(string username, string password, IPAddress ip, Privilege privileges)
        {
            using (var context = new DatabaseContext())
            {
                context.Account.Add(new Account
                {
                    Username   = username,
                    Password   = BCryptProvider.HashPassword(password),
                    CreateIp   = ip.ToString(),
                    Privileges = (short)privileges
                });

                context.SaveChanges();
                return(context.Account.SingleOrDefault(a => a.Username == username));
            }
        }
示例#5
0
        private static string GetPasswordHash(string password)
        {
            var workFactor = Common.ConfigManager.Config.Server.Accounts.PasswordHashWorkFactor;

            if (workFactor < 4)
            {
                log.Warn("PasswordHashWorkFactor in config less than minimum value of 4, using 4 and continuing.");
                workFactor = 4;
            }
            else if (workFactor > 31)
            {
                log.Warn("PasswordHashWorkFactor in config greater than minimum value of 31, using 31 and continuing.");
                workFactor = 31;
            }

            return(BCryptProvider.HashPassword(password, workFactor));
        }
示例#6
0
        public static void HandleClientLoginReq(Session session, ClientLoginReq loginReq)
        {
            void SendError(uint errorCode, string errorMessage = "")
            {
                session.SendMessage(new ServerLoginResult
                {
                    ErrorCode    = errorCode,
                    ErrorMessage = errorMessage
                });
            }

            AccountModel account = DatabaseManager.Instance.AuthDatabase.GetAccount(loginReq.Username);

            if (account == null || !BCryptProvider.Verify(loginReq.Password, account.Password))
            {
                SendError(1);
                return;
            }

            session.Authenticate(account);

            // TODO: check for bans

            ulong sessionKey = RandomProvider.GenerateSessionKey();

            DatabaseManager.Instance.AuthDatabase.UpdateSessionKey(account, sessionKey);

            session.SendMessage(new ServerLoginResult
            {
                AccountId  = account.Id,
                SessionKey = sessionKey
            });

            session.SendMessage(new ServerOptionLoad
            {
            });
        }
示例#7
0
        public static void HandleAuthenticate(Session session, NetworkObject networkObject)
        {
            void SendAuthenticationError(byte code)
            {
                var errorCode = new NetworkObject();

                errorCode.AddField(0, NetworkObjectField.CreateIntField(code));

                var authenticationError = new NetworkObject();

                authenticationError.AddField(0, NetworkObjectField.CreateIntField((int)ObjectOpcode.AuthenticateError));
                authenticationError.AddField(1, NetworkObjectField.CreateObjectField(errorCode));
                session.EnqueuePacket(new ServerAuthenticationPacket(authenticationError));
            }

            string username    = NetworkObjectField.ReadStringField(networkObject.GetField(2));
            string password    = NetworkObjectField.ReadStringField(networkObject.GetField(3));
            string version     = NetworkObjectField.ReadStringField(networkObject.GetField(5));
            string accountName = NetworkObjectField.ReadStringField(networkObject.GetField(6));

            CharacterObject characterObject = new CharacterObject();

            characterObject.FromNetworkObject(networkObject.GetField(4).ReadObject());

            if (string.IsNullOrWhiteSpace(username) ||
                username.Length > 20 ||
                username == "Anonymous")
            {
                SendAuthenticationError(0);
                return;
            }

            // anonymous login ignored
            if (version != "1.0.1.14")
            {
                SendAuthenticationError(1);
                return;
            }

            AccountInfo accountInfo = DatabaseManager.Database.GetAccount(username);

            if (accountInfo == null)
            {
                accountInfo = DatabaseManager.Database.CreateAccount(username, password, session.Remote.Address.ToString(), Privilege.All);
            }
            else
            {
                // validate existing account
                if (!BCryptProvider.Verify(password, accountInfo.Password))
                {
                    SendAuthenticationError(0);
                    return;
                }
            }

            log.Info($"Account: {accountInfo.Username}, Character: {characterObject.Name} has signed in!");

            DatabaseManager.Database.UpdateAccount(accountInfo.Id, session.Remote.Address.ToString());

            var authentication = new NetworkObject();

            authentication.AddField(0, NetworkObjectField.CreateIntField((int)ObjectOpcode.Authenticate));
            authentication.AddField(1, NetworkObjectField.CreateIntField((int)accountInfo.Privileges));
            session.EnqueuePacket(new ServerAuthenticationPacket(authentication));

            characterObject.Sequence = NetworkManager.SessionSequence.Dequeue();
            session.SignIn(accountInfo, accountName, characterObject);
        }