public async Task <IActionResult> ConnectUserAsync(ApiSession session) { if (!ModelState.IsValid) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_ERROR))); } var account = await _accountDao.FirstOrDefaultAsync(s => s.Name == session.Identity).ConfigureAwait(false); if (account == null) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_ERROR))); } var tfa = new TwoFactorAuth(); if (!string.IsNullOrEmpty(account.MfaSecret) && !tfa.VerifyCode(account.MfaSecret, session.Mfa)) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.MFA_INCORRECT))); } if (account.Password !.ToLower(CultureInfo.CurrentCulture) != (_hasher.Hash(session.Password)) && account.NewAuthPassword !.ToLower(CultureInfo.CurrentCulture) != (_hasher.Hash(session.Password, account.NewAuthSalt !))) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_INCORRECT))); } account.Language = Enum.Parse <RegionType>(session.GfLang?.ToUpper(CultureInfo.CurrentCulture) ?? ""); account = await _accountDao.TryInsertOrUpdateAsync(account).ConfigureAwait(false); var platformGameAccountId = Guid.NewGuid(); var claims = new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, session.Identity), new Claim(ClaimTypes.Sid, platformGameAccountId.ToString()), new Claim(ClaimTypes.Role, account.Authority.ToString()) }); var password = _hasher.Hash(_apiConfiguration.Value.Password !, _apiConfiguration.Value.Salt); var keyByteArray = Encoding.Default.GetBytes(password); var signinKey = new SymmetricSecurityKey(keyByteArray); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Subject = claims, Issuer = "Issuer", Audience = "Audience", SigningCredentials = new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256Signature) }); _logger.Information(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_API_SUCCESS), session.Identity, platformGameAccountId, session.Locale); return(Ok(new { token = handler.WriteToken(securityToken), platformGameAccountId })); }
public async Task <IActionResult> ConnectUserAsync(ApiSession session) { if (!ModelState.IsValid || session == null) { return(BadRequest(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_ERROR)))); } var account = await _accountDao.FirstOrDefaultAsync(s => s.Name == session.Identity).ConfigureAwait(false); if (account == null) { return(BadRequest(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_ERROR)))); } switch (_apiConfiguration.HashingType) { case HashingType.BCrypt: if (account.NewAuthPassword != Encoding.Default .GetString(Convert.FromBase64String(account !.NewAuthPassword !)) .ToBcrypt(account.NewAuthSalt ! )) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_INCORRECT))); } break; case HashingType.Pbkdf2: if (account.NewAuthPassword != Encoding.Default .GetString(Convert.FromBase64String(account.NewAuthPassword !)) .ToPbkdf2Hash(account.NewAuthSalt !)) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_INCORRECT))); } break; default: if (account.Password !.ToLower(CultureInfo.CurrentCulture) != (session.Password?.ToSha512() ?? "")) { return(BadRequest(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_INCORRECT))); } break; } account.Language = Enum.Parse <RegionType>(session.GfLang?.ToUpper(CultureInfo.CurrentCulture) ?? ""); account = await _accountDao.TryInsertOrUpdateAsync(account).ConfigureAwait(false); var platformGameAccountId = Guid.NewGuid(); var claims = new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, session.Identity), new Claim(ClaimTypes.Sid, platformGameAccountId.ToString()), new Claim(ClaimTypes.Role, account.Authority.ToString()) }); var password = _apiConfiguration.HashingType switch { HashingType.BCrypt => _apiConfiguration.Password !.ToBcrypt(_apiConfiguration.Salt ?? ""), HashingType.Pbkdf2 => _apiConfiguration.Password !.ToPbkdf2Hash(_apiConfiguration.Salt ?? ""), HashingType.Sha512 => _apiConfiguration.Password !.ToSha512(), _ => _apiConfiguration.Password !.ToSha512() }; var keyByteArray = Encoding.Default.GetBytes(password); var signinKey = new SymmetricSecurityKey(keyByteArray); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Subject = claims, Issuer = "Issuer", Audience = "Audience", SigningCredentials = new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256Signature) }); _logger.Information(LogLanguage.Instance.GetMessageFromKey(LogLanguageKey.AUTH_API_SUCCESS), session.Identity, platformGameAccountId, session.Locale); return(Ok(new { token = handler.WriteToken(securityToken), platformGameAccountId })); }