public Session(string ip, User user) { this.ip = ip; this.user = user; this.expires = DateTime.Now.AddHours(SESSION_LENGTH_IN_HOURS); }
private int addSession(String IP, User user, out Warning warning) { // If the user was already logged in, then don't let another IP log in. if (loggedInUsers.Contains(user.ID)) { warning = Warning.USER_ALREADY_LOGGED_IN; return -1; } else { loggedInUsers.Add(user.ID); } Session session = new Session(IP, user); int hashcode = session.GetHashCode(); sessions.Add(hashcode, session); warning = Warning.NONE; return hashcode; }
public int Login(string username, string password, string ip, out Warning warning) { // If the IP is blocked and the x number of hours hasn't passed, then return warning BLOCKED_IP. if (blockedIPs.ContainsKey(ip)) { if (blockedIPs[ip].CompareTo(new DateTime()) > 0) { warning = Warning.BLOCKED_IP; connector.CloseConnection(); return -1; } else { blockedIPs.Remove(ip); } } User user = null; // Encrypt password with MD5 hashing password = encryptPassword(password); MySqlDataReader dr = connector.selectUserQuery(username, password); // If the database returns a row then return warning NONE or else keep track of login attemps of this IP. if (dr.Read()) { user = new User(int.Parse(dr[0].ToString()), dr[1].ToString(), dr[2].ToString(), dr[3].ToString()); connector.CloseConnection(); int hashcode = addSession(ip, user, out warning); if (warning == Warning.NONE) { // returns hascode associated with session return hashcode; } return -1; } else { if(loginAttemps.ContainsKey(ip)) loginAttemps[ip] = loginAttemps[ip] + 1; else loginAttemps.Add(ip, 1); // If the user has x number of login attemps, then block his IP for x number of hours. if (loginAttemps[ip] == NUMBER_OF_LOGIN_ATTEMPTS) { blockedIPs.Add(ip, new DateTime().AddHours(NUMBER_OF_HOURS_BLOCKED)); loginAttemps.Remove(ip); } } connector.CloseConnection(); warning = Warning.WRONG_COMBINATION; return -1; }