public void SignUp(TodoContext context, SignUpRequest signUpRequest)
{
_signUpRequestValidator.ValidateAndThrow(signUpRequest);
var user = context.Users
.SingleOrDefault(u => u.Email == signUpRequest.Email);
if (user != null)
{
throw new TodoException(ServiceError.UserAlreadyRegistered);
}
var confirmationSecret = _secretGenerator.GenerateSecret();
var pendingUser = new PendingUser
{
Email = signUpRequest.Email,
Password = signUpRequest.Password,
Secret = confirmationSecret
};
context.PendingUsers.Add(pendingUser);
context.SaveChanges();
_signUpConfirmationNotifier.Notify(
pendingUser.Email,
pendingUser.Secret);
}
public void NoPendingUserUpdateOnNonDeletionDate()
{
var r = new Restrictions();
var pending = new PendingUser
{
Id = 1
};
var updates = new Dictionary <object, Restrictions.ShadowModifiedMember[]>();
updates[pending] = new Restrictions.ShadowModifiedMember[]
{
new Restrictions.ShadowModifiedMember
{
Member = typeof(PendingUser).GetProperty("Id"),
CurrentValue = pending.Id,
OriginalValue = 2
}
};
string ignored;
Assert.IsFalse(r.IsValidChangeSet(updates, new List <object>(), new List <object>(), new List <object>()
{
pending
}, new List <int>(), out ignored));
Assert.IsFalse(r.IsValidChangeSet(updates, new List <object>(), new List <object>(), new List <object>()
{
pending
}, new List <int>()
{
1
}, out ignored));
}
public void Accept(PendingUser user)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
LogUtils.Log("Player accepted: " + user.Name);
if (!user.HasAuthentication)
{
return;
}
_pendingPlayers.Remove(user);
LogUtils.Debug("Loading spawn");
((ServerMultiplayerProvider)Provider)?.UpdateScore(user.Identity, 0);
QueueUser(user);
if (World.Instance == null)
{
return;
}
LoadQueuedPlayers(Chat.Instance);
}
public ActionResult ImportAspNetUserSubmit(string email, string salt, string password)
{
if (email.IsNullOrEmpty() || salt.IsNullOrEmpty() || password.IsNullOrEmpty())
{
return(Content("Missing required value", "text/html"));
}
// Prevents us from creating any user we wouldn't do otherwise
string token, authCode, error;
if (!PendingUser.CreatePendingUser(email, Guid.NewGuid().ToString(), null, out token, out authCode, out error))
{
return(Content("<font color='red'>For [" + email + "] - " + error + "</font>", "text/html"));
}
// Change the u/p to what's expected
var pending = Current.WriteDB.PendingUsers.Single(u => u.AuthCode == authCode);
pending.PasswordSalt = salt;
pending.PasswordHash = password;
Current.WriteDB.SubmitChanges();
User newUser;
if (!Models.User.CreateAccount(email, pending, Current.Now, null, null, out newUser, out error))
{
return(Content("<font color='red'>For [" + email + "] and PendingUser.Id = " + pending.Id + " - " + error + "</font>", "text/html"));
}
// And indicate that this is from ASP.NET Membership
newUser.PasswordVersion = MembershipCompat.PasswordVersion;
Current.WriteDB.SubmitChanges();
return(Content("[" + email + "] became <a href='" + newUser.GetClaimedIdentifier() + "'>user</a>", "text/html"));
}
public async Task <PendingUser> RegisterAsync(PendingUser pendingUser, string password)
{
var entityUser = _mapper.Map <PendingUserEntity>(pendingUser);
var result = await _userManager.CreateAsync(entityUser, password);
return(_mapper.Map <PendingUser>(entityUser));
}
public void PendingUserUpdateDeletionDate()
{
var r = new Restrictions();
var pending = new PendingUser
{
Id = 1,
DeletionDate = DateTime.Now
};
var updates = new Dictionary <object, Restrictions.ShadowModifiedMember[]>();
updates[pending] = new Restrictions.ShadowModifiedMember[]
{
new Restrictions.ShadowModifiedMember
{
Member = typeof(PendingUser).GetProperty("DeletionDate"),
CurrentValue = pending.DeletionDate,
OriginalValue = null
}
};
string ignored;
Assert.IsTrue(r.IsValidChangeSet(updates, new List <object>(), new List <object>(), new List <object>()
{
pending
}, new List <int>(), out ignored));
}
public void NoPendingUserInsert()
{
var r = new Restrictions();
var pending = new PendingUser
{
Id = 1
};
var updates = new Dictionary <object, Restrictions.ShadowModifiedMember[]>();
string ignored;
Assert.IsFalse(r.IsValidChangeSet(updates, new List <object>(), new List <object>()
{
pending
}, new List <object>(), new List <int>(), out ignored));
Assert.IsFalse(r.IsValidChangeSet(updates, new List <object>(), new List <object>()
{
pending
}, new List <object>(), new List <int>()
{
1
}, out ignored));
}
public override IEmailRecipients GetRecipients()
{
return(new EmailRecipients(
to: PendingUser.EmailAllowed
? new[] { PendingUser.ToMailAddress() }
: new MailAddress[0],
replyTo: new[] { Organization.ToMailAddress() }));
}
public ActionResult EditPending(PendingUser user, string[] roleNames)
{
if (Authorized(RoleType.SystemManager))
{
if (ModelState.IsValid)
{
PendingUser userFromDatabase;
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
userFromDatabase = pendingUserRep.GetEntity(user.Id);
if (userFromDatabase != null)
{
if (userFromDatabase.CompanyId != CurrentUser.CompanyId)
{
return(Error(Loc.Dic.error_no_permission));
}
RoleType combinedRoles = RoleType.None;
List <RoleType> forbiddenRoles = GetForbiddenRoles();
foreach (string roleName in roleNames)
{
RoleType role;
if (Enum.TryParse(roleName, out role) && !forbiddenRoles.Contains(role))
{
combinedRoles = Roles.CombineRoles(combinedRoles, role);
}
else
{
return(Error(Loc.Dic.error_invalid_form));
}
}
userFromDatabase.Email = user.Email;
userFromDatabase.Roles = (int)combinedRoles;
userFromDatabase.OrdersApproverId = user.OrdersApproverId.HasValue && user.OrdersApproverId.Value == -1 ? null : user.OrdersApproverId;
pendingUserRep.Update(userFromDatabase);
return(RedirectToAction("Index"));
}
else
{
return(Error(Loc.Dic.error_user_not_found));
}
}
}
else
{
return(Error(ModelState));
}
}
else
{
return(Error(Loc.Dic.error_no_permission));
}
}
private void OnValidateAuthTicketResponse(ValidateAuthTicketResponse_t callback)
{
Identity ident = (SteamIdentity)callback.m_SteamID;
if (callback.m_eAuthSessionResponse != EAuthSessionResponse.k_EAuthSessionResponseOK)
{
if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseUserNotConnectedToSteam)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_NO_STEAM);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseNoLicenseOrExpired)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_LICENSE_EXPIRED);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseVACBanned)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_VAC_BAN);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseLoggedInElseWhere)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_ELSEWHERE);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseVACCheckTimedOut)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_TIMED_OUT);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseAuthTicketCanceled)
{
((ServerConnection)Connection).DisconnectClient(ident);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseAuthTicketInvalidAlreadyUsed)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_USED);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponseAuthTicketInvalid)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_NO_USER);
}
else if (callback.m_eAuthSessionResponse == EAuthSessionResponse.k_EAuthSessionResponsePublisherIssuedBan)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.AUTH_PUB_BAN);
}
return;
}
PendingUser pending = ((ServerConnection)Connection).PendingPlayers.FirstOrDefault(pendingPlayer => pendingPlayer.Identity == ident);
if (pending == null)
{
((ServerConnection)Connection).Reject(ident, ERejectionReason.NOT_PENDING);
return;
}
pending.HasAuthentication = true;
((ServerConnection)Connection).Accept(pending);
}
public ActionResult SendEmailVerficationToken(string email, string password, string password2, string realname)
{
if (email.IsNullOrEmpty())
{
return(RecoverableError("Email is required", new { realname }));
}
if (!Models.User.IsValidEmail(ref email))
{
return(RecoverableError("Email is not valid", new { email, realname, password, password2 }));
}
// Check that the captcha succeeded
string error;
if (!Captcha.Verify(Request.Form, out error))
{
return(RecoverableError(error, new { email, realname }));
}
string message;
if (!Password.CheckPassword(password, password2, email, null, null, out message))
{
return(RecoverableError(message, new { email, realname }));
}
string token, authCode;
if (!PendingUser.CreatePendingUser(email, password, realname, out token, out authCode, out error))
{
return(RecoverableError(error, new { email, realname, password, password2 }));
}
var toComplete =
SafeRedirect(
(Func <string, string, string, string, ActionResult>)CompleteRegistration,
new
{
token,
email,
realname,
authCode
}
);
var completeLink = Current.Url(toComplete.Url);
if (!Current.Email.SendEmail(email, Email.Template.CompleteRegistration, new { RegistrationLink = completeLink.AsLink() }))
{
return(IrrecoverableError("An error occurred sending the email", "This has been recorded, and will be looked into shortly"));
}
return(SuccessEmail("Registration Email Sent to " + email, "Check your email for the link to complete your registration"));
}
public override IEmailRecipients GetRecipients()
{
if (!PendingUser.EmailAllowed)
{
return(EmailRecipients.None);
}
return(new EmailRecipients(
to: new[] { PendingUser.ToMailAddress() },
replyTo: new[] { Organization.ToMailAddress() }));
}
public async Task <string> SendVerificationCode([FromBody] SendVerificationCodeViewModel model, string returnUrl = null)
{
//if (User.IsSignedIn())
//{
// //return RedirectToAction(nameof(ManageController.Index), "Manage");
//}
if (!ModelState.IsValid)
{
throw new BadRequestException(ModelState);
}
// Get the information about the user from the external login provider
var info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
throw new NeedLoginException();
}
var matches = await _members.ByEmail(model.Email);
var pending = _userManager.FindPendingUserEmail(model.Email);
if (
matches.Count != 1 &&
(pending == null || string.IsNullOrWhiteSpace(pending.InvitationCode) || string.IsNullOrWhiteSpace(model.Invite)))
{
return("NeedInvite");
}
if (pending == null)
{
pending = new PendingUser {
Email = model.Email
};
}
var token = Guid.NewGuid().ToString().Replace("-", "");
pending.VerifyCode = token;
_userManager.UpdatePending(pending);
await _emailSender.SendEmailAsync(model.Email, "Email Verification Code",
$"Your verification code is <b>{token}</b>");
return("OK");
}
public async Task <User> ApproveUserAndSetTagsAsync(PendingUser pendingUser, UserStatusType userStatusType, List <string> tags, int currentUserId)
{
var userToRegistration = _mapper.Map <User>(pendingUser);
userToRegistration.Status = userStatusType;
userToRegistration.ModifiedById = currentUserId;
var user = await _userRepository.RegisterByPasswordHashAsync(userToRegistration, pendingUser.PasswordHash);
await DeleteAsync(user);
if (tags != null)
{
foreach (var tagName in tags)
{
var tagEntity = await databaseContext.Set <TagEntity>().FirstOrDefaultAsync(x => x.Name == tagName) ?? new TagEntity
{
Name = tagName.ToUpper(),
UserTags = new List <UserTagEntity>(),
ModifiedAt = DateTimeOffset.Now
};
if (!tagEntity.UserTags.Exists(s => s.UserId == user.Id))
{
tagEntity.UserTags.Add(new UserTagEntity()
{
UserId = user.Id
});
}
if (tagEntity.Id == 0)
{
databaseContext.Set <TagEntity>().Add(tagEntity);
}
await databaseContext.SaveChangesAsync();
}
}
return(user);
}
private LogInResult ResponseIntoUser(IAuthenticationResponse response)
{
LogInResult logInResult = new LogInResult();
logInResult.IsAuthenticated = true;
var fetchResponse = response.GetExtension <FetchResponse>();
if (fetchResponse != null)
{
logInResult.User = new OpenIdUser(fetchResponse, response.ClaimedIdentifier);
using (AllUsersRepository userRep = new AllUsersRepository())
using (PendingUsersRepository pendingUserRep = new PendingUsersRepository())
{
User user = userRep.GetList().SingleOrDefault(x => x.Email == logInResult.User.Email);
if (user != null)
{
if (user.IsActive)
{
if (user.FirstName != logInResult.User.FirstName || user.LastName != logInResult.User.LastName)
{
user.FirstName = logInResult.User.FirstName;
user.LastName = logInResult.User.LastName;
userRep.Update(user);
}
logInResult.IsRegistered = true;
logInResult.User.UserId = user.Id;
return(logInResult);
}
else
{
logInResult.IsRegistered = false;
logInResult.IsCanceled = true;
logInResult.User.UserId = user.Id;
return(logInResult);
}
}
else
{
PendingUser pendingUser = pendingUserRep.GetList().SingleOrDefault(x => x.Email == logInResult.User.Email);
if (pendingUser != null)
{
User newUser = new User()
{
CompanyId = pendingUser.CompanyId,
Email = logInResult.User.Email,
FirstName = logInResult.User.FirstName,
LastName = logInResult.User.LastName,
CreationTime = DateTime.Now,
LastLogInTime = DateTime.Now,
Roles = pendingUser.Roles,
LanguageId = pendingUser.LanguageId,
IsActive = true
};
if (!userRep.Create(newUser))
{
return(logInResult);
}
logInResult.User.UserId = newUser.Id;
pendingUserRep.Delete(pendingUser.Id);
logInResult.IsNewUser = true;
logInResult.IsRegistered = true;
return(logInResult);
}
else
{
return(logInResult);
}
}
}
}
else
{
return(logInResult);
}
}
protected void QueueUser(PendingUser user)
{
LogUtils.Debug("Queueing user: " + user.Identity);
_queuedUsers.Add(user);
}
public ActionResult SignupIFrameSubmit(string email, string password, string password2, string realname, string background, string color)
{
if (email.IsNullOrEmpty())
{
// Can't use standard RecoverableError things in affiliate forms, do it by hand
ViewData["error_message"] = "Email is required";
ViewData["affId"] = CurrentAffiliate.Id;
ViewData["realname"] = realname;
ViewData["password"] = password;
ViewData["password2"] = password2;
return(SignupIFrame(null, background, color));
}
if (!Models.User.IsValidEmail(ref email))
{
// Can't use standard RecoverableError things in affiliate forms, do it by hand
ViewData["error_message"] = "Email is not valid";
ViewData["affId"] = CurrentAffiliate.Id;
ViewData["realname"] = realname;
ViewData["email"] = email;
ViewData["password"] = password;
ViewData["password2"] = password2;
return(SignupIFrame(null, background, color));
}
// Check that the captcha succeeded
string error;
if (!Captcha.Verify(Request.Form, out error) || !Password.CheckPassword(password, password2, email, null, null, out error))
{
// Can't use standard RecoverableError things in affiliate forms, do it by hand
ViewData["error_message"] = error;
ViewData["affId"] = CurrentAffiliate.Id;
ViewData["email"] = email;
ViewData["realname"] = realname;
ViewData["password"] = password;
ViewData["password2"] = password2;
return(SignupIFrame(null, background, color));
}
var cookie = System.Web.HttpContext.Current.CookieSentOrReceived(Current.AnonymousCookieName);
var callback = Current.GetFromCache <string>(CallbackKey(cookie));
string token, authCode;
if (!PendingUser.CreatePendingUser(email, password, realname, out token, out authCode, out error))
{
// Can't use standard RecoverableError things in affiliate forms, do it by hand
ViewData["error_message"] = error;
ViewData["affId"] = CurrentAffiliate.Id;
ViewData["email"] = email;
ViewData["realname"] = realname;
ViewData["password"] = password;
ViewData["password2"] = password2;
return(SignupIFrame(null, background, color));
}
var complete =
SafeRedirect(
(Func <string, string, string, string, string, string, ActionResult>)
(new AccountController()).CompleteAffiliateTriggeredRegistration,
new
{
email,
affId = CurrentAffiliate.Id,
token,
callback,
realname,
authCode
}
);
var completeLink = Current.Url(complete.Url);
string affName = CurrentAffiliate.HostFilter;
Uri callbackUri;
if (Uri.TryCreate(callback, UriKind.Absolute, out callbackUri))
{
affName = callbackUri.Host;
}
var success =
Current.Email.SendEmail(
email,
Email.Template.CompleteRegistrationViaAffiliate,
new {
AffiliateName = affName,
RegistrationLink = completeLink.AsLink()
});
if (!success)
{
return(IrrecoverableError("An error occurred sending the email", "This has been recorded, and will be looked into shortly"));
}
ViewData["Background"] = background;
ViewData["Color"] = color;
return(SuccessEmail("Registration Email Sent to " + email, "Check your email for the link to complete your registration."));
}
internal override void Receive(Identity source, byte[] packet, int size, int channel)
{
base.Receive(source, packet, size, channel);
var net = ((OffsetNet + Time.realtimeSinceStartup) - LastNet);
EPacket parsedPacket = (EPacket)packet[0];
StripPacketByte(ref packet, ref size);
if (parsedPacket.IsUpdate())
{
if (source == ServerID)
{
foreach (Channel ch in Receivers)
{
ch.Receive(source, packet, 0, size);
}
}
else
{
if (Clients.All(client => client.Identity != source))
{
return;
}
foreach (Channel ch in Receivers.Where(ch => ch.ID == channel))
{
ch.Receive(source, packet, 0, size);
}
}
return;
}
PendingUser currentPending;
switch (parsedPacket)
{
case EPacket.WORKSHOP:
{
//workshop list {none for now}
List <ulong> workshoplist = new List <ulong>();
byte[] args = new byte[1 + (workshoplist.Count * 8)];
args[0] = (byte)workshoplist.Count;
for (byte i = 0; i < workshoplist.Count; i = (byte)(i + 1))
{
BitConverter.GetBytes(workshoplist[i]).CopyTo(args, (1 + (i * 8)));
}
Send(source, EPacket.WORKSHOP, args, args.Length, 0);
return;
}
case EPacket.TICK:
{
object[] objects = { net };
byte[] buffer2 = ObjectSerializer.GetBytes(0, objects);
Send(source, EPacket.TIME, buffer2, 0);
return;
}
case EPacket.TIME:
foreach (User c in Clients.Where(c => c.Identity == source))
{
if (!(c.LastPing > 0f))
{
return;
}
c.LastNet = Time.realtimeSinceStartup;
c.Lag(Time.realtimeSinceStartup - c.LastPing);
c.LastPing = -1f;
return;
}
return;
case EPacket.CONNECT:
{
if (_pendingPlayers.Any(p => p.Identity == source))
{
Reject(source, ERejectionReason.ALREADY_PENDING);
return;
}
if (Clients.Any(c => c.Identity == source))
{
Reject(source, ERejectionReason.ALREADY_CONNECTED);
return;
}
Type[] argTypes =
{
// [0] name, [1] group, [2] version, [3] ping
typeof(string), typeof(ulong), typeof(string), typeof(float)
};
var args = ObjectSerializer.GetObjects(0, 0, packet, argTypes);
var playerName = (string)args[0];
var group = (ulong)args[1];
var version = (string)args[2];
var ping = (float)args[3];
LogUtils.Log("Player connecting: " + playerName);
if (version != GameInfo.VERSION)
{
Reject(source, ERejectionReason.WRONG_VERSION);
return;
}
if ((Clients.Count + 1) > MultiplayerProvider.MultiplayerProvider.MAX_PLAYERS)
{
Reject(source, ERejectionReason.SERVER_FULL);
return;
}
var pendingPlayer = new PendingUser(source, playerName, group, ping);
_pendingPlayers.Add(pendingPlayer);
if (Provider.SupportsAuthentification)
{
Send(source, EPacket.VERIFY, new byte[] { }, 0, 0);
return;
}
pendingPlayer.HasAuthentication = true;
Accept(pendingPlayer);
return;
}
default:
if (parsedPacket != EPacket.AUTHENTICATE)
{
LogUtils.LogError("Failed to handle message: " + parsedPacket);
return;
}
currentPending = _pendingPlayers.FirstOrDefault(p => p.Identity == source);
break;
}
if (currentPending == null)
{
Reject(source, ERejectionReason.NOT_PENDING);
}
else if ((Clients.Count + 1) > MultiplayerProvider.MultiplayerProvider.MAX_PLAYERS)
{
Reject(source, ERejectionReason.SERVER_FULL);
}
else
{
object[] args = ObjectSerializer.GetObjects(0, 0, packet, typeof(byte[]));
if (!((ServerMultiplayerProvider)Provider).VerifyTicket(source, (byte[])args[0]))
{
Reject(source, ERejectionReason.AUTH_VERIFICATION);
}
}
}
