public ReplyData user_tokens(IPAddress remoteIP, int remotePort, List <string> arguments, string body, string method, Dictionary <string, string> Headers) { if (Headers.ContainsKey("Authorization") == false) { ReplyData rd = new ReplyData(); rd.Status = 401; rd.Body = ""; Session.Instance.TemporaryStackData.Add(remoteIP.ToString()); rd.CustomOutputHeaders.Add("WWW-Authenticate", "Basic realm='Tokens'"); rd.Body = "<h2>You are not logged in!"; rd.CustomOutputHeaders.Add("Content-Type", "text/html"); return(rd); } else { // Validate login! string[] req = arguments[0].Split(new[] { '?', '&', '=' }); string[] authHeader = Headers["Authorization"].Split(new[] { ' ' }); if (authHeader[0] == "Basic" && Session.Instance.TemporaryStackData.Contains(remoteIP.ToString())) { // Validate credentials! UserAccounts ua = UserAccounts.GetAccounts(); string[] auth = Tools.Base64Decode(authHeader[1]).Split(new[] { ':' }); if (ua.Login(auth[0], auth[1], "web")) { // Continue to generate the token! UserAccounts.Account act = ua.AllAccounts[auth[0]]; for (int i = 0; i < req.Length; i++) { if (req[i] == "for_domain_server" && req[i + 1] == "true") { // Generate the domain server token! int expiry = 1 * 24 * 60 * 60; int time = Tools.getTimestamp(); string token_type = "domain"; string Token = Tools.MD5Hash(expiry.ToString() + ":" + time.ToString() + "::" + token_type + ":" + act.name); // Token has now been issued! // Because you can obviously have more than 1 domain, this will save the token as : domain-timestamp act.ActiveTokens.Add(Token, "domain"); ua.AllAccounts[auth[0]] = act; ua.save(); // Exit this loop, and reply to the user! Session.Instance.TemporaryStackData.Remove(remoteIP.ToString()); ReplyData rd1 = new ReplyData(); rd1.Status = 200; rd1.Body = $"<center><h2>Your domain's access token is: {Token}</h2></center>"; rd1.CustomOutputHeaders.Add("Content-Type", "text/html"); return(rd1); } } } } ReplyData rd = new ReplyData(); rd.Body = "Invalid authorization header was provided!<br/>If you were not prompted for credentials again, close the tab or the browser and try again"; rd.Status = 401; if (Session.Instance.TemporaryStackData.Contains(remoteIP.ToString()) == false) { Session.Instance.TemporaryStackData.Add(remoteIP.ToString()); } rd.CustomOutputHeaders.Add("WWW-Authenticate", "Basic realm='Tokens'"); return(rd); } }