public static void DeleteUserGitTwoFactor(Config config, string username) { try { // If Git is enabled if (config.GitConfig.Enabled) { // Git user exists? if (!UserGitExists(config, username)) { throw new Exception($"Git User '{username}' does not exist."); } // Create connection to the DB Utilities.MysqlDatabase mySQL = new Utilities.MysqlDatabase(config.GitConfig.Database.Server, config.GitConfig.Database.Database, config.GitConfig.Database.Username, config.GitConfig.Database.Password, config.GitConfig.Database.Port); // Get the user's UID string email = GetUserEmailAddress(config, username); // See if they have Two Factor already string deleteSql = @"DELETE tf.* FROM gogs.two_factor tf LEFT JOIN gogs.user u ON u.id = tf.uid WHERE u.login_name = {0}"; mySQL.Execute(deleteSql, new object[] { email }); } } catch (Exception ex) { throw new Exception("Unable to delete git account two factor.", ex); } }
public static void CreateUserGitTwoFactor(Config config, string username, string secret, int unixTime) { try { // If Git is enabled if (config.GitConfig.Enabled) { // Git user exists? if (!UserGitExists(config, username)) { throw new Exception($"Git User '{username}' does not exist."); } // Generate the scratch token string token = StringHelper.RandomString(8); // Get the Encryption Key from the git secret key byte[] keyBytes = MD5.Hash(Encoding.UTF8.GetBytes(config.GitConfig.SecretKey)); // Modify the input secret byte[] secBytes = Encoding.UTF8.GetBytes(secret); // Generate the encrypted secret using AES CGM byte[] encValue = Aes128CFB.Encrypt(secBytes, keyBytes); string finalSecret = Convert.ToBase64String(encValue); // Create connection to the DB Utilities.MysqlDatabase mySQL = new Utilities.MysqlDatabase(config.GitConfig.Database.Server, config.GitConfig.Database.Database, config.GitConfig.Database.Username, config.GitConfig.Database.Password, config.GitConfig.Database.Port); mySQL.MysqlErrorEvent += (sender, s) => { throw new Exception("Unable to edit git account two factor. Mysql Exception: " + s); }; // Get the user's UID string email = GetUserEmailAddress(config, username); string userSelect = @"SELECT gogs.user.id FROM gogs.user WHERE gogs.user.login_name = {0}"; var uid = mySQL.ScalarQuery(userSelect, new object[] { email }); // See if they have Two Factor already string sqlSelect = @"SELECT tf.id FROM gogs.two_factor tf LEFT JOIN gogs.user u ON u.id = tf.uid WHERE u.login_name = {0}"; var result = mySQL.ScalarQuery(sqlSelect, new object[] { email }); if (result != null) { // They have an entry! Let's update it string update = @"UPDATE gogs.two_factor tf SET tf.uid = {1}, tf.secret = {2}, tf.scratch_token = {3}, tf.updated_unix = {4} WHERE tf.id = {0}"; mySQL.Execute(update, new object[] { result, uid, finalSecret, token, unixTime }); } else { // They need a new entry string insert = @"INSERT INTO gogs.two_factor (uid, secret, scratch_token, created_unix, updated_unix) VALUES ({0}, {1}, {2}, {3}, {4})"; mySQL.Execute(insert, new object[] { uid, finalSecret, token, unixTime, 0 }); } } } catch (Exception ex) { throw new Exception("Unable to edit git account two factor.", ex); } }