private TcpMessage HandleLoginRequest(TcpConnectedHost host, TcpMessage message) { if (!message.HasType("loginbasic")) { return(null); } var request = new ParamTcpMessage(message); var username = request.GetParam("username"); var password = request.GetParam("password"); if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password)) { var userItem = _dataService.GetItemByRelation(UsersParentId, username); if (userItem == null) { if (!AutoRegisterUsers) { return(TcpMessage.Error("User not found. Automatic registering of users is currently disabled.")); } // Register userItem = new DbItem(username); _dataService.Insert(userItem); _dataService.Insert(new DbRelation(UsersParentId, username, userItem.Id)); var saltItem = new DbItem(HashHelper.CreateSaltString(10)); _dataService.Insert(saltItem); _dataService.Insert(new DbRelation(userItem.Id, "salt", saltItem.Id)); var passwordItem = new DbItem(HashHelper.GenerateSaltedHash(password, saltItem.Value)); _dataService.Insert(passwordItem); _dataService.Insert(new DbRelation(userItem.Id, "password", passwordItem.Id)); } else { // Login var saltItem = _dataService.GetItemByRelation(userItem.Id, "salt"); var passwordItem = _dataService.GetItemByRelation(userItem.Id, "password"); if (saltItem == null || saltItem.Value == null || passwordItem == null || passwordItem.Value == null || !HashHelper.ConfirmPassword(passwordItem.Value, password, saltItem.Value)) { return(TcpMessage.Error("Login failed. Wrong password.")); } } _hostUsers[host] = userItem; var response = new ObjectTcpMessage <DbItem>(TcpRequestType.Ok); response.Add(userItem); return(response); } return(TcpMessage.Error("Missing or badly formatted login parameters")); }
private TcpMessage HandleUniqueRelationQuery(TcpConnectedHost host, TcpMessage message) { if (!message.HasType(TcpRequestType.UniqueRelationQuery)) { return(null); } if (!IsAuthenticated(host)) { throw AuthException.NotLoggedIn(); } var request = new ParamTcpMessage(message); var response = new ObjectTcpMessage <DbRelation>(TcpRequestType.List); if (request.HasParam("from_id") && request.HasParam("identifier")) { var fromId = request.GetParamAsNullableInt("from_id"); var identifier = request.GetParam("identifier"); var relation = _dataService.GetRelation(fromId, identifier); response.Add(relation); return(response); } return(TcpMessage.Error("Missing or badly formatted query parameters")); }
private TcpMessage HandleLoginRequest(TcpConnectedHost host, TcpMessage message) { if (!message.HasType("loginbasic")) return null; var request = new ParamTcpMessage(message); var username = request.GetParam("username"); var password = request.GetParam("password"); if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password)) { var userItem = _dataService.GetItemByRelation(UsersParentId, username); if (userItem == null) { if (!AutoRegisterUsers) return TcpMessage.Error("User not found. Automatic registering of users is currently disabled."); // Register userItem = new DbItem(username); _dataService.Insert(userItem); _dataService.Insert(new DbRelation(UsersParentId, username, userItem.Id)); var saltItem = new DbItem(HashHelper.CreateSaltString(10)); _dataService.Insert(saltItem); _dataService.Insert(new DbRelation(userItem.Id, "salt", saltItem.Id)); var passwordItem = new DbItem(HashHelper.GenerateSaltedHash(password, saltItem.Value)); _dataService.Insert(passwordItem); _dataService.Insert(new DbRelation(userItem.Id, "password", passwordItem.Id)); } else { // Login var saltItem = _dataService.GetItemByRelation(userItem.Id, "salt"); var passwordItem = _dataService.GetItemByRelation(userItem.Id, "password"); if (saltItem == null || saltItem.Value == null || passwordItem == null || passwordItem.Value == null || !HashHelper.ConfirmPassword(passwordItem.Value, password, saltItem.Value)) return TcpMessage.Error("Login failed. Wrong password."); } _hostUsers[host] = userItem; var response = new ObjectTcpMessage<DbItem>(TcpRequestType.Ok); response.Add(userItem); return response; } return TcpMessage.Error("Missing or badly formatted login parameters"); }
private TcpMessage HandleUniqueRelationQuery(TcpConnectedHost host, TcpMessage message) { if (!message.HasType(TcpRequestType.UniqueRelationQuery)) return null; if (!IsAuthenticated(host)) throw AuthException.NotLoggedIn(); var request = new ParamTcpMessage(message); var response = new ObjectTcpMessage<DbRelation>(TcpRequestType.List); if (request.HasParam("from_id") && request.HasParam("identifier")) { var fromId = request.GetParamAsNullableInt("from_id"); var identifier = request.GetParam("identifier"); var relation = _dataService.GetRelation(fromId, identifier); response.Add(relation); return response; } return TcpMessage.Error("Missing or badly formatted query parameters"); }