示例#1
0
        public void Login(string username, string password, string token)
        {
            bool    loggedIn = false;
            Account account;
            string  message;

            do
            {
                account = Account.Get(username);
                if (account == null)
                {
                    message = "Invalid username or password.";
                    break;
                }

                if (Session != null)
                {
                    message = "You are already logged in.";
                    break;
                }

                if (!Util.IsValidUsername(username))
                {
                    message = Util.InvalidUsernameMessage;
                    break;
                }

                if (string.IsNullOrEmpty(password))
                {
                    if (string.IsNullOrEmpty(token))
                    {
                        message = "Missing password.";
                        break;
                    }

                    var loginToken = LoginToken.Find(account.Id, token);
                    if (loginToken == null)
                    {
                        message = "Automatic login failed. Login with your username and password.";
                        break;
                    }

                    loginToken.UpdateAccessed(UserAgent, Address);

                    IsTokenLogin = true;
                    loggedIn     = true;
                    message      = $"Logged in as {account.Name}.";
                }
                else
                {
                    if (!Util.IsValidPassword(password))
                    {
                        message = Util.InvalidPasswordMessage;
                        break;
                    }

                    var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt)));
                    if (givenPassword != account.Password)
                    {
                        account = null;
                        message = "Invalid username or password.";
                        break;
                    }

                    var newToken = new LoginToken
                    {
                        UserId    = account.Id,
                        Created   = Util.GetCurrentTimestamp(),
                        Accessed  = Util.GetCurrentTimestamp(),
                        UserAgent = UserAgent,
                        Address   = Address,
                        Token     = Util.GenerateLoginToken(),
                    };

                    newToken.Insert();

                    IsTokenLogin = false;
                    token        = newToken.Token;
                    loggedIn     = true;
                    message      = $"Logged in as {account.Name}.";
                }
            } while (false);

            if (loggedIn)
            {
                Send(new AuthenticateResponse
                {
                    Name    = account.Name,
                    Tokens  = token,
                    Success = true
                });

                var session = Program.SessionManager.GetOrCreate(account);
                session.Add(this);
            }

            SendSysMessage(message);
        }
示例#2
0
        public void Login(string username, string password, List <string> tokens)
        {
            Account account = null;
            string  message;

            do
            {
                if (Session != null)
                {
                    message = "You are already logged in.";
                    break;
                }

                if (!Util.IsValidUsername(username))
                {
                    message = Util.InvalidUsernameMessage;
                    break;
                }

                var existingTokens = LoginToken.FindAll(username).ToList();

                if (String.IsNullOrEmpty(password))
                {
                    if (tokens.Count == 0)
                    {
                        message = "Missing password.";
                        break;
                    }

                    if (!existingTokens.Any(t => t.Address == Address && tokens.Contains(t.Token)))
                    {
                        message = "Automatic login failed. Login with your username and password.";
                        break;
                    }

                    account = Account.Get(username);
                    tokens  = existingTokens.Select(t => t.Token).ToList();
                    message = String.Format("Logged in as {0}.", account.Name);
                }
                else
                {
                    if (!Util.IsValidPassword(password))
                    {
                        message = Util.InvalidPasswordMessage;
                        break;
                    }

                    account = Account.Get(username);
                    if (account == null)
                    {
                        message = "Invalid username or password.";
                        break;
                    }

                    var givenPassword = Convert.ToBase64String(Util.HashPassword(password, Convert.FromBase64String(account.Salt)));
                    if (givenPassword != account.Password)
                    {
                        account = null;
                        message = "Invalid username or password.";
                        break;
                    }

                    LoginToken newToken = existingTokens.FirstOrDefault(t => t.Address == Address);
                    if (newToken == null)
                    {
                        newToken = new LoginToken
                        {
                            Name    = account.Name.ToLower(),
                            Address = Address,
                            Token   = Util.GenerateLoginToken(),
                            Created = Util.GetCurrentTimestamp()
                        };

                        newToken.Insert();
                        existingTokens.Add(newToken);
                    }

                    tokens  = existingTokens.Select(t => t.Token).ToList();
                    message = String.Format("Logged in as {0}.", account.Name);
                }
            } while (false);

            if (account != null)
            {
                Send(new AuthenticateResponse
                {
                    Name    = account.Name,
                    Tokens  = string.Join(",", tokens),
                    Success = true
                });

                var session = Program.SessionManager.GetOrCreate(account);
                session.Add(this);
            }

            SendSysMessage(message);
        }